/HackChrome

:snowman: Get the User:Password from Chrome(include version < 80 and version > 80)

Primary LanguageGoMIT LicenseMIT

HackChrome

Build Status

English ReadMe || 中文 ReadMe

Get the User:Password from Chrome(include version < 80 and version > 80)

Chrome version Affact

All version

Platform

Windows

Usage

  • Download the exe file here

  • Open cmd or powershell

  • Run

Hackone.exe > res.txt

Demo

demo

Theory

  • version < 80

User:Password pairs were stored in the file named "Login Data".

Password was encrypted, But we can use "CryptUnprotectData" Function in "Crypt32.dll" to decrypt them.

Finally, We get the plaintext of the User:Password pairs stored in Chrome

  • version > 80

Based on the Algorithm used by "version < 80", It use AES-GCM to encrypt the password via a and a .

The can be found in the "Local State" file, and can be decypted by "CryptUnprotectData" mentioned above.

The can be found at the begin of the encrypted_password.

Therefore, we can decrpted all the password.

  • Merge the result

If someone update the Chrome recently, we need to find the two ways of User:Password pairs.

What's more, I use some rules to merge the results into an array.

LICENSE

The Project follows MIT LICENSE.