Chrome中的加密Cookie [英] Encrypted cookies in Chrome

问题描述

我目前正在使用一个C＃表单应用程序，需要访问我的计算机上的一个特定的cookie，我可以做得很好。以下是问题：

I am currently working on a C# forms application that needs to access a specific cookie on my computer, which I can do perfectly fine. Here's the issue:

Google在Sqlite中存储Cookie，我已下载了Sqlite数据库浏览器，以帮助我查看这些值。令我惊讶的是，大约一半的cookie值显示为空（包括我需要的），即使它们显然不是。

Google stores cookies in Sqlite, and I've downloaded Sqlite database browser to help me look at these values. What surprises me is that about half of the cookie values shows as empty (including the one I need), even though they are obviously not.

（db文件位于at：
C：\Users\username\AppData\Local\Google\Chrome\User Data\Default\Cookies ）

(The db file is located at: C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Cookies)

在Chrome上，我有一个名为编辑此Cookie的插件，它允许我直接修改我所在网站上的Cookie。这个插件可以读取这些cookie，Web浏览器可以通过http解析值，当需要不同的请求，所以他们肯定是 - 仍然，Sqlite浏览器和我的自定义代码都得出结论，特定的值字段是空的。

On Chrome I have an addon called "Edit This Cookie" which allows me to directly modify cookies on the website I'm on. This addon can read these cookies, and the web browser can parse values through http when needed for different requests, so they are definitely there - still, the Sqlite browser and my custom code both come to the conclusion that the particular value field is empty.

为什么？

谢谢您的回答

推荐答案

好的，所以如果有人有兴趣，我发现一个解决这个问题后，经过多次试验，错误和谷歌搜索。

Alright, so in case anyone is interested, I found a solution to this problem after alot of trial, error and googling.

Google Chrome浏览器Cookie数据库有两列用于存储值：value和encrypted_value，后者用于存储的Cookie被请求加密时（通常是某些机密信息和长时间会话密钥） 。

Google Chrome cookies DB has 2 columns for storing values: "value" and "encrypted_value", the latter being used when the cookie stored was requested to be encrypted - often the case with certain confidential information and long-time session keys.

在计算出来之后，我需要找到一个方法来访问这个键，存储为一个Blob值。我发现了几个指南，如何做到这一点，但最终付出的是： http://www.codeproject.com/Questions/56109/Reading-BLOB-in-Sqlite-using-C-NET-CF-PPC

After figuring this out, I then needed to find a way to access this key, stored as a Blob value. I found several guides on how to do this, but the one that ended up paying of was: http://www.codeproject.com/Questions/56109/Reading-BLOB-in-Sqlite-using-C-NET-CF-PPC

只是读取值是不够的，因为它是加密的。 - Google Chrome使用三重DES加密，并将当前用户密码作为Windows计算机上的种子。为了解密在C＃中，应该使用Windows Data Protection API（DPAPI），有几个指南，如何使用它。

Simply reading the value is not enough, as it is encrypted. - Google Chrome uses triple DES encryption with the current users password as seed on windows machines. In order to decrypt this in C#, one should use Windows Data Protection API (DPAPI), there are a few guides out there on how to make use of it.

这篇关于Chrome中的加密Cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！