python and sqlite3 realize the decryption of chrome cookie instance code
- 2020-07-21 09:01:52
- OfStack
The main problem studied in this paper: there is a decryption of chrome cookie. google produces the code, but it cannot be executed properly. The reason is that the version of sqlite3 is too low.
google took a long time to find a way:
1, enter the page http: / / www6 atomicorp. com channels/atomic/centos / / x86_64 / RPMS / 6
2, download atomic sqlite - sqlite 3.8.5-2. el6. art. x86_64. rpm
3, rpm - Uvh atomic sqlite - sqlite 3.8.5-2. el6. art. x86_64. rpm
4. Execute the command sqlite3-ES44en 1
Attach the code to parse cookie
#coding=utf-8
import os
import sqlite3
#import keyring
from Crypto.Cipher import AES
from Crypto.Protocol.KDF import PBKDF2
#for mac
#my_pass = keyring.get_password('Chrome Safe Storage', 'Chrome')
#my_pass = my_pass.encode('utf8')
#iterations = 1003
#cookie_file = os.path.expanduser('~/Library/Application Support/Google/Chrome/Default/Cookies')
#for linux
my_pass = 'peanuts'.encode('utf8')
iterations = 1
cookie_file = 'Cookies'
salt = b'saltysalt'
length = 16
iv = b' ' * length
def expand_str(token):
token_len = len(token)
expand_len = (token_len // length + 1) * length - token_len
return token.encode('ascii') + b'\x0c' * expand_len
def aes_encrypt(token):
key = PBKDF2(my_pass, salt, length, iterations)
cipher = AES.new(key, AES.MODE_CBC, IV=iv)
enc_token = cipher.encrypt(token)
return b'v10' + enc_token
def aes_decrypt(token):
key = PBKDF2(my_pass, salt, length, iterations)
cipher = AES.new(key, AES.MODE_CBC, IV=iv)
dec_token = cipher.decrypt(token)
return dec_token
def query_cookies():
with sqlite3.connect(cookie_file) as conn:
sql = "select host_key, name, encrypted_value from cookies where name = 'jzysYonghu'"
#sql = "select * from cookies"
result = conn.execute(sql).fetchall()
return result
def write_cookies(enc_token):
with sqlite3.connect(cookie_file) as conn:
b = sqlite3.Binary(enc_token)
sql = """update cookies set encrypted_value = ? where name = 'remember_token'"""
conn.execute(sql, (b, ))
def change_user(token):
write_cookies(ase_encrypt(expand_str(token)))
if __name__ == '__main__':
data = query_cookies()[0][2]
print(data)
print(len(data))
print(aes_decrypt(data[3:]))
An v10 is added to the string after encryption, so it needs to be removed before decrypting
conclusion
That is the end of this article on the implementation of python and sqlite3 decryption chrome cookie instance code, I hope to help you. Interested friends can continue to refer to other related topics in this site, if there is any deficiency, welcome to comment out. Thank you for your support!