python與sqlite3實現解密chrome cookie例項程式碼
阿新 • • 發佈:2020-01-09
本文研究的主要問題:有一個解密chrome cookie的事情,google出了程式碼,卻不能正常執行,原因在於sqlite3的版本太低,雖然我切換到了python3.5的環境,但sqlite3的版本也只有3.6。
google了許久,終於找到方法:
1、 進入頁面 http://www6.atomicorp.com/channels/atomic/centos/6/x86_64/RPMS/
2、 下載 atomic-sqlite-sqlite-3.8.5-2.el6.art.x86_64.rpm
3、 rpm -Uvh atomic-sqlite-sqlite-3.8.5-2.el6.art.x86_64.rpm
4、 執行命令 sqlite3 -version 一切都ok啦
順便附上解析cookie的程式碼
#coding=utf-8
import os
import sqlite3
#import keyring
from Crypto.Cipher import AES
from Crypto.Protocol.KDF import PBKDF2
#for mac
#my_pass = keyring.get_password('Chrome Safe Storage','Chrome')
#my_pass = my_pass.encode('utf8')
#iterations = 1003
#cookie_file = os.path.expanduser('~/Library/Application Support/Google/Chrome/Default/Cookies')
#for linux
my_pass = 'peanuts'.encode('utf8')
iterations = 1
cookie_file = 'Cookies'
salt = b'saltysalt'
length = 16
iv = b' ' * length
def expand_str(token):
token_len = len(token)
expand_len = (token_len // length + 1) * length - token_len
return token.encode('ascii') + b'\x0c' * expand_len
def aes_encrypt(token):
key = PBKDF2(my_pass,salt,length,iterations)
cipher = AES.new(key,AES.MODE_CBC,IV=iv)
enc_token = cipher.encrypt(token)
return b'v10' + enc_token
def aes_decrypt(token):
key = PBKDF2(my_pass,IV=iv)
dec_token = cipher.decrypt(token)
return dec_token
def query_cookies():
with sqlite3.connect(cookie_file) as conn:
sql = "select host_key,name,encrypted_value from cookies where name = 'jzysYonghu'"
#sql = "select * from cookies"
result = conn.execute(sql).fetchall()
return result
def write_cookies(enc_token):
with sqlite3.connect(cookie_file) as conn:
b = sqlite3.Binary(enc_token)
sql = """update cookies set encrypted_value = ? where name = 'remember_token'"""
conn.execute(sql,(b,))
def change_user(token):
write_cookies(ase_encrypt(expand_str(token)))
if __name__ == '__main__':
data = query_cookies()[0][2]
print(data)
print(len(data))
print(aes_decrypt(data[3:])) 加密後在字串前面添加了一個v10,因此解密前要先去掉
總結
以上就是本文關於python與sqlite3實現解密chrome cookie例項程式碼的全部內容,希望對大家有所幫助。感興趣的朋友可以繼續參閱本站其他相關專題,如有不足之處,歡迎留言指出。感謝朋友們對本站的支援!