Decode chrome passwords DB under Linux

chrome_pass_decode.py

! /usr/bin/env python3                                                                                                                                                                                                                       

import sys
import sqlite3
import secretstorage

from Crypto.Cipher import AES
from Crypto.Protocol.KDF import PBKDF2


def get_encrypted_data(db_path):

    conn = sqlite3.connect(db_path)
    cursor = conn.cursor()
    data = cursor.execute('SELECT action_url, origin_url, username_value, password_value FROM logins')
    
    return data


# to get rid of padding
def clean(x): 
    return x[:-x[-1]].decode('utf8')


def get_decrypted_data(url1, url2, user, encrypted_password, spass):

    if not user:
      return
    url = url1
    if not url:
    # trim off the 'v1x'
    encrypted_password = encrypted_password[3:]

    # making the AES key
    salt = b'saltysalt'
    iv = b' ' * 16
    length = 16
    iterations = 1
    
    pb_pass = spass # "some_pass".encode('utf8')

    key = PBKDF2(pb_pass, salt, length, iterations)
    cipher = AES.new(key, AES.MODE_CBC, IV=iv)
    
    decrypted = cipher.decrypt(encrypted_password)
    print("url: ", url, ", user: ", user, ", pass: [", clean(decrypted), "]")


if __name__ == "__main__":

    bus = secretstorage.dbus_init()
    collection = secretstorage.get_default_collection(bus)
    for item in collection.get_all_items():
        if item.get_label() == 'Chrome Safe Storage':
            spass = item.get_secret()
            break
    else:
        raise Exception('Chrome password not found!')
    db_path = sys.argv[1]
    for url1, url2, user, encrypted_password in get_encrypted_data(db_path):
        get_decrypted_data(url1, url2, user, encrypted_password, spass)