如何使用Python提取Chrome瀏覽器保存的密碼

更新時(shí)間：2021年06月09日 08:43:48 作者：劉潤(rùn)森！

今天小編教大家怎么用Python提取Chrome瀏覽器保存的密碼,在這需要導(dǎo)入一些必要模塊定義一些有用的函數(shù)來幫助我們?cè)谥骱瘮?shù)中調(diào)用，具體實(shí)例代碼跟隨小編一起學(xué)習(xí)下吧

由于Chrome會(huì)將大量瀏覽數(shù)據(jù)本地保存磁盤中，在本教程中，我們將編寫 Python 代碼來提取 Windows 計(jì)算機(jī)上 Chrome 中保存的密碼。

首先，讓我們安裝所需的庫：

pip install pycryptodome pypiwin32

打開一個(gè)新的 Python 文件，并導(dǎo)入必要的模塊：

import os
import json
import base64
import sqlite3
import win32crypt
from Crypto.Cipher import AES
import shutil
from datetime import timezone, datetime, timedelta

在直接進(jìn)入提取 chrome密碼之前，我們需要定義一些有用的函數(shù)來幫助我們?cè)谥骱瘮?shù)中。

def get_chrome_datetime(chromedate):
    """從chrome格式的datetime返回一個(gè)`datetime.datetime`對(duì)象
因?yàn)?chromedate'的格式是1601年1月以來的微秒數(shù)"""
    return datetime(1601, 1, 1) + timedelta(microseconds=chromedate)

def get_encryption_key():
    local_state_path = os.path.join(os.environ["USERPROFILE"],"AppData", "Local", "Google", "Chrome","User Data", "Local State")
    with open(local_state_path, "r", encoding="utf-8") as f:
        local_state = f.read()
        local_state = json.loads(local_state)

    # 從Base64解碼加密密鑰
    key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
    # 刪除 DPAPI str
    key = key[5:]
    # 返回最初加密的解密密鑰
    # 使用從當(dāng)前用戶的登錄憑據(jù)派生的會(huì)話密鑰
    # 官方文檔doc: http://timgolden.me.uk/pywin32-docs/win32crypt.html
    return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1]


def decrypt_password(password, key):
    try:
        # 獲取初始化向量
        iv = password[3:15]
        password = password[15:]
        # 生成密碼
        cipher = AES.new(key, AES.MODE_GCM, iv)
        # 解密密碼
        return cipher.decrypt(password)[:-16].decode()
    except:
        try:
            return str(win32crypt.CryptUnprotectData(password, None, None, None, 0)[1])
        except:
            # not supported
            return ""

get_chrome_datetime()函數(shù)負(fù)責(zé)將 chrome 日期格式轉(zhuǎn)換為人類可讀的日期時(shí)間格式。
get_encryption_key()函數(shù)提取并解碼用于加密密碼的AES密鑰，這"%USERPROFILE%\AppData\Local\Google\Chrome\User Data\Local State"作為 JSON 文件存儲(chǔ)在路徑中
decrypt_password() 將加密密碼和 AES 密鑰作為參數(shù)，并返回密碼的解密版本。

下面是main主要功能：

def main():
    # 獲取AES密鑰
    key = get_encryption_key()
    # 本地sqlite Chrome數(shù)據(jù)庫路徑
    db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local","Google", "Chrome", "User Data", "default", "Login Data")
    # 將文件復(fù)制到其他位置
    # 因?yàn)槿绻鹀hrome當(dāng)前正在運(yùn)行，數(shù)據(jù)庫將被鎖定
    filename = "ChromeData.db"
    shutil.copyfile(db_path, filename)
    # 連接數(shù)據(jù)庫
    db = sqlite3.connect(filename)
    cursor = db.cursor()
    # 登錄表中有我們需要的數(shù)據(jù)
    cursor.execute("select origin_url, action_url, username_value, password_value, date_created, date_last_used from logins order by date_created")
    # iterate over all rows
    for row in cursor.fetchall():
        origin_url = row[0]
        action_url = row[1]
        username = row[2]
        password = decrypt_password(row[3], key)
        date_created = row[4]
        date_last_used = row[5]        
        if username or password:
            print(f"Origin URL: {origin_url}")
            print(f"Action URL: {action_url}")
            print(f"Username: {username}")
            print(f"Password: {password}")
        else:
            continue
        if date_created != 86400000000 and date_created:
            print(f"Creation date: {str(get_chrome_datetime(date_created))}")
        if date_last_used != 86400000000 and date_last_used:
            print(f"Last Used: {str(get_chrome_datetime(date_last_used))}")
        print("="*50)
    cursor.close()
    db.close()
    try:
        # 嘗試刪除復(fù)制的db文件
        os.remove(filename)
    except:
        pass

首先，我們使用之前定義的get_encryption_key()函數(shù)獲取加密密鑰，然后我們將 sqlite 數(shù)據(jù)庫（位于"%USERPROFILE%\AppData\Local\Google\Chrome\User Data\default\Login Data"保存密碼的位置）復(fù)制到當(dāng)前目錄并連接到它，這是因?yàn)樵紨?shù)據(jù)庫文件將被鎖定Chrome 當(dāng)前正在運(yùn)行。

之后，我們對(duì)登錄表進(jìn)行選擇查詢并遍歷所有登錄行，我們還解密每個(gè)密碼date_created并將date_last_used日期時(shí)間重新格式化為更易于閱讀的格式。

最后，我們打印憑據(jù)并從當(dāng)前目錄中刪除數(shù)據(jù)庫副本。

讓我們調(diào)用主函數(shù)，完美提取Chrome瀏覽器保存的密碼：

完整代碼

import os
import json
import base64
import sqlite3
import win32crypt
from Crypto.Cipher import AES
import shutil
from datetime import  datetime, timedelta

def get_chrome_datetime(chromedate):
    """從chrome格式的datetime返回一個(gè)`datetime.datetime`對(duì)象
因?yàn)?chromedate'的格式是1601年1月以來的微秒數(shù)"""
    return datetime(1601, 1, 1) + timedelta(microseconds=chromedate)

def get_encryption_key():
    local_state_path = os.path.join(os.environ["USERPROFILE"],
                                    "AppData", "Local", "Google", "Chrome",
                                    "User Data", "Local State")
    with open(local_state_path, "r", encoding="utf-8") as f:
        local_state = f.read()
        local_state = json.loads(local_state)

    key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
   
    key = key[5:]
    
    return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1]


def decrypt_password(password, key):
    try:
        iv = password[3:15]
        password = password[15:]
        cipher = AES.new(key, AES.MODE_GCM, iv)
        return cipher.decrypt(password)[:-16].decode()
    except:
        try:
            return str(win32crypt.CryptUnprotectData(password, None, None, None, 0)[1])
        except:
            # not supported
            return ""


def main():
    key = get_encryption_key()
    db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local",
                            "Google", "Chrome", "User Data", "default", "Login Data")
    filename = "ChromeData.db"
    shutil.copyfile(db_path, filename)
    db = sqlite3.connect(filename)
    cursor = db.cursor()
    cursor.execute("select origin_url, action_url, username_value, password_value, date_created, date_last_used from logins order by date_created")
    # iterate over all rows
    for row in cursor.fetchall():
        origin_url = row[0]
        action_url = row[1]
        username = row[2]
        password = decrypt_password(row[3], key)
        date_created = row[4]
        date_last_used = row[5]        
        if username or password:
            print(f"Origin URL: {origin_url}")
            print(f"Action URL: {action_url}")
            print(f"Username: {username}")
            print(f"Password: {password}")
        else:
            continue
        if date_created != 86400000000 and date_created:
            print(f"Creation date: {str(get_chrome_datetime(date_created))}")
        if date_last_used != 86400000000 and date_last_used:
            print(f"Last Used: {str(get_chrome_datetime(date_last_used))}")
        print("="*50)

    cursor.close()
    db.close()
    try:
        # try to remove the copied db file
        os.remove(filename)
    except:
        pass


if __name__ == "__main__":
    main()

以上就是教你用Python提取Chrome瀏覽器保存的密碼的詳細(xì)內(nèi)容，更多關(guān)于Python提取Chrome瀏覽器保存的密碼的資料請(qǐng)關(guān)注腳本之家其它相關(guān)文章！

您可能感興趣的文章: