Is anyone else experiencing issues with reading cookie values in the Chrome 33 Beta? We used SQLite Database Browser and see empty values for the cookies we drop. We don\'t hav
As stated by eneuron, Chrome v33+ now encrypts cookies.
It is still possible to obtain the values using SQLite (though using SQLite to access cookies is not supported). You can decrypt the data which based on this discussion can be performed by calling CryptUnprotectData on a Windows machine. I believe you have to be logged on as the same user that created the cookie.
Here is an example script that works based on code from a previously asked question written in python 3:
# Used information from:
# https://stackoverflow.com/questions/463832/using-dpapi-with-python
# http://www.linkedin.com/groups/Google-Chrome-encrypt-Stored-Cookies-36874.S.5826955428000456708
from ctypes import *
from ctypes.wintypes import DWORD
import sqlite3;
cookieFile="C:/Users/your_user_name/AppData/Local/Google/Chrome/User Data/Default/Cookies";
hostKey="my_host_key";
LocalFree = windll.kernel32.LocalFree;
memcpy = cdll.msvcrt.memcpy;
CryptProtectData = windll.crypt32.CryptProtectData;
CryptUnprotectData = windll.crypt32.CryptUnprotectData;
CRYPTPROTECT_UI_FORBIDDEN = 0x01;
class DATA_BLOB(Structure):
_fields_ = [("cbData", DWORD), ("pbData", POINTER(c_char))];
def getData(blobOut):
cbData = int(blobOut.cbData);
pbData = blobOut.pbData;
buffer = c_buffer(cbData);
memcpy(buffer, pbData, cbData);
LocalFree(pbData);
return buffer.raw;
def encrypt(plainText):
bufferIn = c_buffer(plainText, len(plainText));
blobIn = DATA_BLOB(len(plainText), bufferIn);
blobOut = DATA_BLOB();
if CryptProtectData(byref(blobIn), u"python_data", None,
None, None, CRYPTPROTECT_UI_FORBIDDEN, byref(blobOut)):
return getData(blobOut);
else:
raise Exception("Failed to encrypt data");
def decrypt(cipherText):
bufferIn = c_buffer(cipherText, len(cipherText));
blobIn = DATA_BLOB(len(cipherText), bufferIn);
blobOut = DATA_BLOB();
if CryptUnprotectData(byref(blobIn), None, None, None, None,
CRYPTPROTECT_UI_FORBIDDEN, byref(blobOut)):
return getData(blobOut);
else:
raise Exception("Failed to decrypt data");
conn = sqlite3.connect(cookieFile);
c = conn.cursor();
c.execute("""\
SELECT
host_key,
name,
path,
value,
encrypted_value
FROM cookies
WHERE host_key = '{0}'
;
""".format(hostKey));
cookies = c.fetchmany(10);
c.close();
for row in cookies:
dc = decrypt(row[4]);
print( \
"""
host_key: {0}
name: {1}
path: {2}
value: {3}
encrpyted_value: {4}
""".format(row[0], row[1], row[2], row[3], dc));