Cookie issue with Chrome 33 Beta

后端未结

关注

 2  1823

Is anyone else experiencing issues with reading cookie values in the Chrome 33 Beta? We used SQLite Database Browser and see empty values for the cookies we drop. We don\'t hav

相关标签:

2条回答

名媛妹妹

2021-02-10 17:40

starting from version 33 Chrome is encrypting the cookies, this is why you can't retrieve them. There is a new field called "encrypted_value" in SQlite DB; when used, the old field "value" stays empty - this is why you're getting empty string.

0 讨论(0)
发布评论:

提交评论
- 加载中...

夕颜

2021-02-10 17:52

As stated by eneuron, Chrome v33+ now encrypts cookies.

It is still possible to obtain the values using SQLite (though using SQLite to access cookies is not supported). You can decrypt the data which based on this discussion can be performed by calling CryptUnprotectData on a Windows machine. I believe you have to be logged on as the same user that created the cookie.

Here is an example script that works based on code from a previously asked question written in python 3:

# Used information from:
# https://stackoverflow.com/questions/463832/using-dpapi-with-python
# http://www.linkedin.com/groups/Google-Chrome-encrypt-Stored-Cookies-36874.S.5826955428000456708

from ctypes import *
from ctypes.wintypes import DWORD
import sqlite3;

cookieFile="C:/Users/your_user_name/AppData/Local/Google/Chrome/User Data/Default/Cookies";
hostKey="my_host_key";

LocalFree = windll.kernel32.LocalFree;
memcpy = cdll.msvcrt.memcpy;
CryptProtectData = windll.crypt32.CryptProtectData;
CryptUnprotectData = windll.crypt32.CryptUnprotectData;
CRYPTPROTECT_UI_FORBIDDEN = 0x01;

class DATA_BLOB(Structure):
    _fields_ = [("cbData", DWORD), ("pbData", POINTER(c_char))];

def getData(blobOut):
    cbData = int(blobOut.cbData);
    pbData = blobOut.pbData;
    buffer = c_buffer(cbData);
    memcpy(buffer, pbData, cbData);
    LocalFree(pbData);
    return buffer.raw;

def encrypt(plainText):
    bufferIn = c_buffer(plainText, len(plainText));
    blobIn = DATA_BLOB(len(plainText), bufferIn);   
    blobOut = DATA_BLOB();

    if CryptProtectData(byref(blobIn), u"python_data", None,
                       None, None, CRYPTPROTECT_UI_FORBIDDEN, byref(blobOut)):
        return getData(blobOut);
    else:
        raise Exception("Failed to encrypt data");

def decrypt(cipherText):
    bufferIn = c_buffer(cipherText, len(cipherText));
    blobIn = DATA_BLOB(len(cipherText), bufferIn);
    blobOut = DATA_BLOB();

    if CryptUnprotectData(byref(blobIn), None, None, None, None,
                              CRYPTPROTECT_UI_FORBIDDEN, byref(blobOut)):
        return getData(blobOut);
    else:
        raise Exception("Failed to decrypt data");

conn = sqlite3.connect(cookieFile);
c = conn.cursor();
c.execute("""\
SELECT 
    host_key,
    name,
    path,
    value,
    encrypted_value
FROM cookies
WHERE host_key = '{0}'
;
""".format(hostKey));

cookies = c.fetchmany(10);
c.close();

for row in cookies:
    dc = decrypt(row[4]);
    print( \
"""
host_key: {0}
name: {1}
path: {2}
value: {3}
encrpyted_value: {4}
""".format(row[0], row[1], row[2], row[3], dc));

0 讨论(0)