1

我写了这段代码:

import sqlite3
import win32crypt

c = sqlite3.connect("Login Data")

cursor = c.cursor()

cursor.execute("SELECT origin_url, username_value, password_value FROM logins")

data = cursor.fetchall()

credentials = {}

for url, user, pwd in data:
    password = win32crypt.CryptUnprotectData(pwd, None, None, None, 0)[1]
    credential[url] = (user, password)

for item in credentials:
    login = credentials[item]
    print(login[0] + " " + login[1])

它指出:密码= win32crypt.CryptUnprotectData(pwd,无,无,无,0)[1] pywintypes.error:(87,'CryptProtectData','参数不正确。')

正如我所搜索的那样,Chrome v80 已更改加密类型。我应该怎么办?

4

2 回答 2

5 
import os
import json
import base64
import sqlite3
import win32crypt
from Crypto.Cipher import AES
import shutil


def get_master_key():
    with open(os.environ['USERPROFILE'] + os.sep + r'AppData\Local\Google\Chrome\User Data\Local State', "r", encoding='utf-8') as f:
        local_state = f.read()
        local_state = json.loads(local_state)
    master_key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
    master_key = master_key[5:]  # removing DPAPI
    master_key = win32crypt.CryptUnprotectData(master_key, None, None, None, 0)[1]
    return master_key


def decrypt_payload(cipher, payload):
    return cipher.decrypt(payload)


def generate_cipher(aes_key, iv):
    return AES.new(aes_key, AES.MODE_GCM, iv)


def decrypt_password(buff, master_key):
    try:
        iv = buff[3:15]
        payload = buff[15:]
        cipher = generate_cipher(master_key, iv)
        decrypted_pass = decrypt_payload(cipher, payload)
        decrypted_pass = decrypted_pass[:-16].decode()  # remove suffix bytes
        return decrypted_pass
    except Exception as e:
        # print("Probably saved password from Chrome version older than v80\n")
        # print(str(e))
        return "Chrome < 80"



if __name__ == '__main__':

    master_key = get_master_key()
    login_db = os.environ['USERPROFILE'] + os.sep + r'AppData\Local\Google\Chrome\User Data\default\Login Data'
    shutil.copy2(login_db, "Loginvault.db") #making a temp copy since Login Data DB is locked while Chrome is running
    conn = sqlite3.connect("Loginvault.db")
    cursor = conn.cursor()

    try:
        cursor.execute("SELECT action_url, username_value, password_value FROM logins")
        for r in cursor.fetchall():
            url = r[0]
            username = r[1]
            encrypted_password = r[2]
            decrypted_password = decrypt_password(encrypted_password, master_key)
            print("URL: " + url + "\nUser Name: " + username + "\nPassword: " + decrypted_password + "\n" + "*" * 50 + "\n")
    except Exception as e:
        pass

    cursor.close()
    conn.close()
    try:
        os.remove("Loginvault.db")
    except Exception as e:
        pass
于 2020-04-20T22:51:53.977 回答
0

我收到错误模块“Crypto.Cipher.AES”没有属性“MODE_GCM”。我错过了任何图书馆吗?– Gaurav S 7 月 9 日 7:23

不,你拥有一切。该crypto\Cipher\__init__.py文件导入from Crypto.Cipher._mode_ecb import _create_ecb_cipher. 但是该目录的真实名称是crypto而不是Crypto。您需要将目录重命名为Crypto,然后它才能完美运行。

于 2020-08-02T10:03:02.970 回答