I had a working script for opening and decrypting Google Chrome cookies which looked like:
decrypted = win32crypt.CryptUnprotectData(enctypted_cookie_value, None, None, None, 0)It seems that after update 80 it is no longer a valid solution.
According to this blog post https://blog.nirsoft.net/2020/02/19/tools-update-new-encryption-chrome-chromium-version-80/ it seems that i need to CryptUnprotectData on encrypted_key from Local State file, than somehow decrypt cookie, using decrypted key.
For the first part i got my encrypted_key
path = r'%LocalAppData%\Google\Chrome\User Data\Local State'path = os.path.expandvars(path)with open(path, 'r') as file: encrypted_key = json.loads(file.read())['os_crypt']['encrypted_key']encrypted_key = bytearray(encrypted_key, 'utf-8')Then i tried to decrypt it
decrypted_key = win32crypt.CryptUnprotectData(encrypted_key, None, None, None, 0)
And got exception:
pywintypes.error: (13, 'CryptProtectData', 'The data is invalid.')and i cant figure out how to fix it
Also for the second part of encryption, it seems that i should use pycryptodome, something like this snippet:
cipher = AES.new(encrypted_key, AES.MODE_GCM, nonce=nonce)plaintext = cipher.decrypt(data)But i can't figure out where i should get nonce value
Can someone explain, how to do Chrome cookies decrypting correctly?