1 9 9

:

  1. #1
    .: :.
    Debian
    X11

    May 2009
    1,999
    1,877
    3,349 1,152

    ..
    ..

    .

    /home/user/.config/google-chrome/Default/Cookies
    sqlite db browser



    (Golang)

    crypto ..


    1-
    2-
    3-
    c++ c



    :
    #! /usr/bin/env python from crypto.cipher import AES from crypto.Protocol.KDF import PBKDF2 # Function to get rid of padding def clean(x): return x[:-x[-1]].decode('utf8') # replace with your encrypted_value from sqlite3 encrypted_value = 'ENCRYPTED_VALUE' # Trim off the 'v10' that Chrome/ium prepends encrypted_value = encrypted_value[3:] # Default values used by both Chrome and Chromium in OSX and Linux salt = b'saltysalt' iv = b' ' * 16 length = 16 # On Mac, replace MY_PASS with your password from Keychain # On Linux, replace MY_PASS with 'peanuts' my_pass = 'peanuts' my_pass = my_pass.encode('utf8') # 1003 on Mac, 1 on Linux iterations = 1 key = PBKDF2(my_pass, salt, length, iterations) cipher = AES.new(key, AES.MODE_CBC, IV=iv) decrypted = cipher.decrypt(encrypted_value) print(clean(decrypted))

    ( ):

  2. #2
    GNU/Linux
    XFCE

    Feb 2007
    731
    770
    552 269


    ϡ
    :
    https://pypi.python.org/pypi/pycrypto
    ȡ : setup.py
    :
    python setup.py build

    python setup.py install
    .. .. .

  3. linuxor :


  4. #3
    .: :.
    Debian
    X11

    May 2009
    1,999
    1,877
    3,349 1,152

    3.5

    #! /usr/bin/env python3

    ( ):

  5. #4
    Ubuntu
    Unity

    Apr 2009
    676
    1,016
    262 147

    python pip
    python3 pip3 pip
    :
    sudo apt-get install python3-pip
    pip3
    :
    pip3 install --upgrade pip
    crypto python3
    :
    pip3 install crypto
    pip3 crypto pycrypto
    { }

  6. 3 :


  7. #5
    .: :.   saf1
    Arch
    Openbox

    Jul 2008
    715
    1,584
    1,746 489

    3 :
    - : PBKDF2
    - : sqlite3
    - : AES

    PBKDF2 , . (), (iterations) 1, Mac 1003.

    :
    PHP:
    password    "peanuts"
    salt        "saltysalt"
    length      16
    iterations  


    PHP:
    #!/usr/bin/env ruby


    #     
    require 'openssl'
    require 'sqlite3'

    #    
    pass "peanuts"
    salt "saltysalt"
    iv   ' ' 16
    len  
    16
    iter 
    1

    #    
    SQLite3::Database.new("#{ENV['HOME']}/.config/google-chrome/Default/Cookies") do |db|
        
    #       
        
    key OpenSSL::PKCS5.pbkdf2_hmac_sha1(passsaltiterlen)
        
    puts "host|name|value"
        
    #       
        
    db.execute("SELECT host_key, name, encrypted_value FROM cookies") do |host_keynameencrypted_value|
            
    #    AES  CBC  128
            
    decipher OpenSSL::Cipher.new('AES-128-CBC')
            
    #      
            
    decipher.decrypt
            
    #     iv
            
    decipher.key key
            decipher
    .iv iv
            
    #     "v10"   
            
    encrypted_value encrypted_value[3..-1]
            
    #     
            
    decrypted_value decipher.update(encrypted_value) + decipher.final
            
    puts "#{host_key}|#{name}|#{decrypted_value}"
        
    end
    end 
    , .

    . .

    : sqlite3 sqlite3
    PHP:
    gem install sqlite3 
         . 

:	2017-04-11--1491901051_539x390_scrot.png‏ 
:	38 
:	21.2  
:	25491       . 

:	2017-04-11--1491901139_452x563_scrot.png‏ 
:	35 
:	32.5  
:	25492       . 

:	2017-04-11--1491901285_382x63_scrot.png‏ 
:	34 
:	6.1  
:	25493  
    saf1 ; 11-04-2017 04:11 PM

    ░░░░░░░░░░░░░░░░░░░░░░░░░░
    SAFOUANE
    ░░░░░░░░░░░░░░░░░░░░░░░░░░

  8. 9 saf1 :

    , , , , , linuxor, , ,

  9. #6
    .: :.
    Debian 8
    Openbox

    Sep 2006
    634
    124
    374 188

    PBKDF2 wpa2 wifi

    Th1nk bad ... D0 g00d


  10. :


  11. #7
    .: :.
    Debian
    X11

    May 2009
    1,999
    1,877
    3,349 1,152

    saf1
    (iterations) 1



    :
    host|name|value
    untitled.rb:32:in `final': bad decrypt (OpenSSL::Cipher::CipherError)
    	from untitled.rb:32:in `block (2 levels) in <main>'
    	from /usr/lib/ruby/vendor_ruby/sqlite3/database.rb:144:in `block (2 levels) in execute'
    	from /usr/lib/ruby/vendor_ruby/sqlite3/statement.rb:110:in `block in each'
    	from /usr/lib/ruby/vendor_ruby/sqlite3/statement.rb:107:in `loop'
    	from /usr/lib/ruby/vendor_ruby/sqlite3/statement.rb:107:in `each'
    	from /usr/lib/ruby/vendor_ruby/sqlite3/database.rb:140:in `block in execute'
    	from /usr/lib/ruby/vendor_ruby/sqlite3/database.rb:95:in `prepare'
    	from /usr/lib/ruby/vendor_ruby/sqlite3/database.rb:134:in `execute'
    	from untitled.rb:21:in `block in <main>'
    	from untitled.rb:16:in `initialize'
    	from untitled.rb:16:in `new'
    	from untitled.rb:16:in `<main>'

    ( ):

  12. #8
    .: :.   saf1
    Arch
    Openbox

    Jul 2008
    715
    1,584
    1,746 489

    PBKDF2 . / .
    , , PBKDF2 , , , , . Salt rainbow .
    Key stretching. PBKDF2 ( ) bcrypt .scrypt.

    , 1.

    , , !!
    .
    . .
    PHP:
    #!/usr/bin/env bash


    key=FD621FE5A2B402539DFA147CA9272778
    iv
    =20202020202020202020202020202020

    unhex
    () {
        for ((
    i=0i<${#1}; i=i+2)); do
            
    printf "\x"${1:$i:2}
        
    done
    }

    sqlite3 ~/.config/google-chrome/Default/Cookies \
        
    "SELECT host_key, hex(encrypted_value), name FROM cookies ORDER BY host_key" \
        | while 
    IFS='|' read -r host_key encrypted_value name ; do
            
    encrypted_value=${encrypted_value:6}
            
    decrypted_value=$(unhex "$encrypted_valueopenssl enc --aes-128-cbc -K $key -iv $iv)
            
    printf "%s;;%s;;%s\n" "$host_key" "$name" "$decrypted_value"
        
    done \
        | 
    column -ts';;' 
    :
    ./chrome_cookies.sh 
    .linuxac.org        bb_lastvisit          1491971865
    .linuxac.org        bb_lastactivity       0
    C,
    https://wiki.openssl.org/index.php/E...and_Decryption
    https://wiki.openssl.org/index.php/M...PBKDF2_HMAC(3)

    .

    ░░░░░░░░░░░░░░░░░░░░░░░░░░
    SAFOUANE
    ░░░░░░░░░░░░░░░░░░░░░░░░░░

  13. 4 saf1 :


  14. #9
    .: :.
    Debian
    X11

    May 2009
    1,999
    1,877
    3,349 1,152

    saf1 ..


    .
    ..
    PBKDF2

    .
    .. ..

    ( ):

  15. 2 :


: 1 (0 1 )