最近python腳本cookie解密出現問題,報錯
pywintypes.error: (87, 'CryptProtectData', '參數錯誤。')
也有13 也有87
最近一直很忙,沒有時間查找原因,從字節碼上可以看到能夠正常解密的cookie是沒有v10前綴的,查找cookie加解密方式,發現在chrome 80+版本以後對 cookie加密方式進行了調整,網上的所有cookie加解密的方法目前都失效,還好目前已經有很多人提供了最新的解密方法,
如果對原理等有興趣的話,可以參考
這裏進行簡單的調整,方便新老cookie的加解密,簡單增加一下v10的判斷。
import os
import json
import base64
import sqlite3
from win32crypt import CryptUnprotectData
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
def get_string(local_state):
with open(local_state, 'r', encoding='utf-8') as f:
s = json.load(f)['os_crypt']['encrypted_key']
return s
def pull_the_key(base64_encrypted_key):
encrypted_key_with_header = base64.b64decode(base64_encrypted_key)
encrypted_key = encrypted_key_with_header[5:]
key = CryptUnprotectData(encrypted_key, None, None, None, 0)[1]
return key
def decrypt_string(key, data):
nonce, cipherbytes = data[3:15], data[15:]
aesgcm = AESGCM(key)
plainbytes = aesgcm.decrypt(nonce, cipherbytes, None)
plaintext = plainbytes.decode('utf-8')
return plaintext
def get_cookie_from_chrome(host: '.oschina.net'):
local_state = os.environ['LOCALAPPDATA'] + r'\Google\Chrome\User Data\Local State'
cookie_path = os.environ['LOCALAPPDATA'] + r"\Google\Chrome\User Data\Default\Cookies"
sql = "select host_key,name,encrypted_value from cookies where host_key='%s'" % host
with sqlite3.connect(cookie_path) as conn:
cu = conn.cursor()
res = cu.execute(sql).fetchall()
cu.close()
cookies = {}
key = pull_the_key(get_string(local_state))
for host_key, name, encrypted_value in res:
if encrypted_value[0:3] == b'v10':
cookies[name] = decrypt_string(key, encrypted_value)
else:
cookies[name] = CryptUnprotectData(encrypted_value)[1].decode()
# print(cookies)
return cookies