在Windows上解密Chrome的Cookie [英] Decrypting Chrome's cookies on windows
问题描述
我编写了一个程序,使用chrome的登录cookie自动执行操作,但是由于Chrome在1月对所有cookie进行加密,因此我的程序无法正常工作.
I wrote a program to use chrome's login cookies to do something automatically, but since Chrome encrypt all the cookies at January, my program can't work anymore.
我正在尝试解密cookie,并通过此主题,但是我通常的运行环境是win7 os,因此我必须在Windows上对其进行解密.
I'm trying to decrypt cookies, and success in java on mac os by This Topic, but my usual running environment is win7 os, so I have to decrypt that on windows.
我发现 os_crypt_win.cc 在Chromium的源代码中,它包含一个加密部分:
I found os_crypt_win.cc in Chromium's source code, it has a encrypt part:
bool OSCrypt::EncryptString(const std::string& plaintext, std::string* ciphertext) {
DATA_BLOB input;
input.pbData = const_cast<BYTE*>(reinterpret_cast<const BYTE*>(plaintext.data()));
input.cbData = static_cast<DWORD>(plaintext.length());
DATA_BLOB output;
BOOL result = CryptProtectData(&input, L"", NULL, NULL, NULL, 0, &output);
if (!result)
return false;
// this does a copy
ciphertext->assign(reinterpret_cast<std::string::value_type*>(output.pbData), output.cbData);
LocalFree(output.pbData);
return true;
}
我使用 JNA 来模仿Java中的这一部分:
I imitate this part in java with JNA:
String encrypted = bytesToHex(Crypt32Util.cryptProtectData(Native.toByteArray(plaintext), 0));
或
String encrypted = bytesToHex(Crypt32Util.cryptProtectData(plaintext.getBytes());
或
String encrypted = bytesToHex(Crypt32Util.cryptProtectData(plaintext.getBytes("UTF-8"));
或
String encrypted = bytesToHex(Crypt32Util.cryptProtectData(plaintext.getBytes("UTF-16"));
但是我得到了与Chrome中的值存储不同的错误加密值.
But I got a wrong encrypted values different with the value store in Chrome.
我使用了错误的方法对此进行加密,还是错过了重要的事情?
Did I used a wrong method to encrypt this, or did I miss something important?
你能帮我解决这个问题吗?
Can you help me figure this out?
推荐答案
您使用了正确的方法来加密值. 值如何错误"?如果它们与chrome中存储的内容不同,那不是问题. 原因很简单:
You used the correct method to encrypt the values. How are the values "wrong"? if they are just different from the one's stored in chrome that is not a problem. The reason for that is very simple:
来自 msdn :
该函数创建一个会话密钥来执行加密. 要解密数据时,会再次导出会话密钥."
"The function creates a session key to perform the encryption. The session key is derived again when the data is to be decrypted."
来自 msdn博客:
"为每次CryptProtectData调用创建一个随机会话密钥. 该密钥来自主密钥,一些随机数据和一些 用户传递的可选熵.然后使用会话密钥 进行实际的加密."
"A random session key is created for each call to CryptProtectData. This key is derived from the master key, some random data, and some optional entropy passed in by the user. The session key is then used to do the actual encryption."
您应该检查的重要事情是您是否能够使用 DecryptUnprotectData 解密值.
The important thing you should check is whether you are able to decrypt the values using DecryptUnprotectData.
这篇关于在Windows上解密Chrome的Cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
