/BrowserInfoDisclosure

Dumps sensitive/personal info from Windows browsers

Primary LanguagePython

2015 - Unsupported version:

I have written this script at 2015 when existing frameworks did not inlucde password dumps fro browsers. These days there are many and better scripts to pull creds from browsers using popular frameworks (Empire, MSF...).

ChromeDataDump

By: Idan Taler

This tool attempts to dump Chrome's saved sensitive user's data:
  1. credentials stored in browsers.
  2. Autofill data
  3. Cookies
  4. Credit Cards

It extracts the data from the local broswer's files stored in Windows for the current active user using SQLiTE database commands and Windows API Crypt32.dll and decrypts the encrypted values using the CryptUnprotectData module built on python 'win32crypt' plugin.

Chrome user's files:

C:%APPDATA%\AppData\Local\Google\Chrome\User Data\Default\Login Data C:%APPDATA%\AppData\Local\Google\Chrome\User Data\Default\Web Data C:%APPDATA%\AppData\Local\Google\Chrome\User Data\Default\Cookies

Useage: (for Python 2.7)
C:/> chrome.py
C:/> chrome.py > myPasswords.txt

Added Features not Seen in Other Tools:
- This source code is publically available, you shouldn't execute other commercial tools on your/clients systems.
- Kill the Chrome's processes if data cannot be extracted. Latest Chrome at the time of writing has a new feature that will not allow you to extract its data if it's running.