Cookie issue with Chrome 33 Beta

后端 未结 2 1825
别那么骄傲
别那么骄傲 2021-02-10 16:50

Is anyone else experiencing issues with reading cookie values in the Chrome 33 Beta? We used SQLite Database Browser and see empty values for the cookies we drop. We don\'t hav

2条回答
  •  夕颜
    夕颜 (楼主)
    2021-02-10 17:52

    As stated by eneuron, Chrome v33+ now encrypts cookies.

    It is still possible to obtain the values using SQLite (though using SQLite to access cookies is not supported). You can decrypt the data which based on this discussion can be performed by calling CryptUnprotectData on a Windows machine. I believe you have to be logged on as the same user that created the cookie.

    Here is an example script that works based on code from a previously asked question written in python 3:

    # Used information from:
    # https://stackoverflow.com/questions/463832/using-dpapi-with-python
    # http://www.linkedin.com/groups/Google-Chrome-encrypt-Stored-Cookies-36874.S.5826955428000456708
    
    from ctypes import *
    from ctypes.wintypes import DWORD
    import sqlite3;
    
    cookieFile="C:/Users/your_user_name/AppData/Local/Google/Chrome/User Data/Default/Cookies";
    hostKey="my_host_key";
    
    LocalFree = windll.kernel32.LocalFree;
    memcpy = cdll.msvcrt.memcpy;
    CryptProtectData = windll.crypt32.CryptProtectData;
    CryptUnprotectData = windll.crypt32.CryptUnprotectData;
    CRYPTPROTECT_UI_FORBIDDEN = 0x01;
    
    class DATA_BLOB(Structure):
        _fields_ = [("cbData", DWORD), ("pbData", POINTER(c_char))];
    
    def getData(blobOut):
        cbData = int(blobOut.cbData);
        pbData = blobOut.pbData;
        buffer = c_buffer(cbData);
        memcpy(buffer, pbData, cbData);
        LocalFree(pbData);
        return buffer.raw;
    
    def encrypt(plainText):
        bufferIn = c_buffer(plainText, len(plainText));
        blobIn = DATA_BLOB(len(plainText), bufferIn);   
        blobOut = DATA_BLOB();
    
        if CryptProtectData(byref(blobIn), u"python_data", None,
                           None, None, CRYPTPROTECT_UI_FORBIDDEN, byref(blobOut)):
            return getData(blobOut);
        else:
            raise Exception("Failed to encrypt data");
    
    def decrypt(cipherText):
        bufferIn = c_buffer(cipherText, len(cipherText));
        blobIn = DATA_BLOB(len(cipherText), bufferIn);
        blobOut = DATA_BLOB();
    
        if CryptUnprotectData(byref(blobIn), None, None, None, None,
                                  CRYPTPROTECT_UI_FORBIDDEN, byref(blobOut)):
            return getData(blobOut);
        else:
            raise Exception("Failed to decrypt data");
    
    conn = sqlite3.connect(cookieFile);
    c = conn.cursor();
    c.execute("""\
    SELECT 
        host_key,
        name,
        path,
        value,
        encrypted_value
    FROM cookies
    WHERE host_key = '{0}'
    ;
    """.format(hostKey));
    
    cookies = c.fetchmany(10);
    c.close();
    
    for row in cookies:
        dc = decrypt(row[4]);
        print( \
    """
    host_key: {0}
    name: {1}
    path: {2}
    value: {3}
    encrpyted_value: {4}
    """.format(row[0], row[1], row[2], row[3], dc));
    

提交回复
热议问题