-
-
Save DakuTree/428e5b737306937628f2944fbfdc4ffc to your computer and use it in GitHub Desktop.
There is a version for Mac OS and/or Linux?
This is the error Im getting
C:\Users\stefa\Downloads>%python3% cookie_decrypt.py
Traceback (most recent call last):
File "cookie_decrypt.py", line 18, in <module>
decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0
pywintypes.error: (-2146893813, 'CryptProtectData', 'Key not valid for use in specified state.')
What can I don? Im running it on windows 10. From what I could debug - it stopped at first row.
Why are you using
getenv("APPDATA") + "/../Local/Google/Chrome/User Data/Default/Cookies"
instead
getenv("LOCALAPPDATA") + "/Google/Chrome/User Data/Default/Cookies" ?
It is just copying the cookie file from '/../Local/Google/Chrome/User Data/Default/Cookies' to current folder and not doing any actual decryption
How can I use it?
I'm getting an error when calling the CryptUnprotectData method.
error: (13, 'CryptProtectData', 'The data is invalid.')
I can see that the encrypted values are printing out fine but the process fails at the decryption step.
# Decrypt the encrypted_value
decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0
Any pointers?
I'm getting an error when calling the CryptUnprotectData method.
error: (13, 'CryptProtectData', 'The data is invalid.')I can see that the encrypted values are printing out fine but the process fails at the decryption step.
# Decrypt the encrypted_value decrypted_value = win32crypt.CryptUnprotectData(encrypted_value, None, None, None, 0)[1].decode('utf-8') or value or 0Any pointers?
It`s because the password encryption system in Chromium has changed
Thanks @mrAsh4r: Is there any alternative library?
@GSapiah, yep. You can check LaZagne (https://github.com/AlessandroZ/LaZagne)
@GSapiah, yep. You can check LaZagne (https://github.com/AlessandroZ/LaZagne)
Isn't that just for passwords or does it work also for cookies? If so, how?
I updated the code to work with new chrome encryption system
https://gist.github.com/GramThanos/ff2c42bb961b68e7cc197d6685e06f10
I updated the code to work with new chrome encryption system https://gist.github.com/GramThanos/ff2c42bb961b68e7cc197d6685e06f10
the link is down
I updated the code to work with new chrome encryption system https://gist.github.com/GramThanos/ff2c42bb961b68e7cc197d6685e06f10
the link is down
I took the gist down. I suggest @DakuTree to do the same.
More info:
From time to time shady GitHub accounts would comment on the code and/or ask questions questions about it. I was contacted by Ran Locar and he informed me that someone used my code as part of a malware, thus I decided to take it down.
@GramThanos, fully understand if you have no interest in honoring this request, but the updated script could be used in forensic analysis (which is actually what I'm looking for a solution to) as much as malware analysis. Any chance you'd be willing to put it back up? Almost all security tools used for forensics double as potential malware utilities. Again, up to you.
@nuvious I am sorry but I will stand by my decision. For forensics, there are specialised tools that export cookies.
Thanks, it worked for me with one change: in my chrome cookie db 'secure' is 'is_secure'