Of Stack

python and sqlite3 realize the decryption of chrome cookie instance code

  • 2020-07-21 09:01:52
  • OfStack

The main problem studied in this paper: there is a decryption of chrome cookie. google produces the code, but it cannot be executed properly. The reason is that the version of sqlite3 is too low.

google took a long time to find a way:

1, enter the page http: / / www6 atomicorp. com channels/atomic/centos / / x86_64 / RPMS / 6

2, download atomic sqlite - sqlite 3.8.5-2. el6. art. x86_64. rpm

3, rpm - Uvh atomic sqlite - sqlite 3.8.5-2. el6. art. x86_64. rpm

4. Execute the command sqlite3-ES44en 1

Attach the code to parse cookie 


#coding=utf-8 
import os 
import sqlite3 
 
#import keyring 
from Crypto.Cipher import AES 
from Crypto.Protocol.KDF import PBKDF2 
 
#for mac 
#my_pass = keyring.get_password('Chrome Safe Storage', 'Chrome') 
#my_pass = my_pass.encode('utf8') 
#iterations = 1003 
#cookie_file = os.path.expanduser('~/Library/Application Support/Google/Chrome/Default/Cookies') 
 
#for linux 
my_pass = 'peanuts'.encode('utf8') 
iterations = 1 
cookie_file = 'Cookies' 
 
salt = b'saltysalt' 
length = 16 
iv = b' ' * length 
 
  
 
def expand_str(token): 
  token_len = len(token) 
  expand_len = (token_len // length + 1) * length - token_len 
  return token.encode('ascii') + b'\x0c' * expand_len 
 
 
def aes_encrypt(token): 
  key = PBKDF2(my_pass, salt, length, iterations) 
  cipher = AES.new(key, AES.MODE_CBC, IV=iv) 
  enc_token = cipher.encrypt(token) 
  return b'v10' + enc_token 
 
 
def aes_decrypt(token): 
  key = PBKDF2(my_pass, salt, length, iterations) 
  cipher = AES.new(key, AES.MODE_CBC, IV=iv) 
  dec_token = cipher.decrypt(token) 
  return dec_token 
 
 
def query_cookies(): 
  with sqlite3.connect(cookie_file) as conn: 
    sql = "select host_key, name, encrypted_value from cookies where name = 'jzysYonghu'" 
    #sql = "select * from cookies" 
    result = conn.execute(sql).fetchall() 
  return result 
 
 
def write_cookies(enc_token): 
  with sqlite3.connect(cookie_file) as conn: 
    b = sqlite3.Binary(enc_token) 
    sql = """update cookies set encrypted_value = ? where name = 'remember_token'"""  
    conn.execute(sql, (b, )) 
 
def change_user(token): 
  write_cookies(ase_encrypt(expand_str(token))) 
 
if __name__ == '__main__': 
  data = query_cookies()[0][2] 
  print(data) 
  print(len(data)) 
  print(aes_decrypt(data[3:]))

An v10 is added to the string after encryption, so it needs to be removed before decrypting

conclusion

That is the end of this article on the implementation of python and sqlite3 decryption chrome cookie instance code, I hope to help you. Interested friends can continue to refer to other related topics in this site, if there is any deficiency, welcome to comment out. Thank you for your support!

Related articles: