Python: Get Google Chrome saved Pass

1. # pip install pycryptodome
2. # pip install pycryptodomex
3. # pip install pypiwin32
4.  
5. import os
6. import json
7. import base64
8. import sqlite3
9. import win32crypt
10. from Cryptodome.Cipher import AES
11. import shutil
12. from datetime import timezone, datetime, timedelta
13.  
14.  
15. def chrome_date_and_time(chrome_data):
16.  # Chrome_data format is 'year-month-date
17.  # hr:mins:seconds.milliseconds
18.  # This will return datetime.datetime Object
19.  return datetime(1601, 1, 1) + timedelta(microseconds=chrome_data)
20.  
21.  
22. def fetching_encryption_key():
23.  # Local_computer_directory_path will look
24.  # like this below
25.  # C: => Users => <Your_Name> => AppData =>
26.  # Local => Google => Chrome => User Data =>
27.  # Local State
28.  local_computer_directory_path = os.path.join(
29.  os.environ["USERPROFILE"], "AppData", "Local", "Google", "Chrome",
30.  "User Data", "Local State")
31.  
32.  with open(local_computer_directory_path, "r", encoding="utf-8") as f:
33.   local_state_data = f.read()
34.   local_state_data = json.loads(local_state_data)
35.  
36.  # decoding the encryption key using base64
37.  encryption_key = base64.b64decode(
38.  local_state_data["os_crypt"]["encrypted_key"])
39.  
40.  # remove Windows Data Protection API (DPAPI) str
41.  encryption_key = encryption_key[5:]
42.  
43.  # return decrypted key
44.  return win32crypt.CryptUnprotectData(encryption_key, None, None, None, 0)[1]
45.  
46.  
47. def password_decryption(password, encryption_key):
48.  try:
49.   iv = password[3:15]
50.   password = password[15:]
51.  
52.   # generate cipher
53.   cipher = AES.new(encryption_key, AES.MODE_GCM, iv)
54.  
55.   # decrypt password
56.   return cipher.decrypt(password)[:-16].decode()
57.  except:
58.  
59.   try:
60.    return str(win32crypt.CryptUnprotectData(password, None, None, None, 0)[1])
61.   except:
62.    return "No Passwords"
63.  
64.  
65. def main():
66.  key = fetching_encryption_key()
67.  db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local",
68.       "Google", "Chrome", "User Data", "default", "Login Data")
69.  filename = "ChromePasswords.db"
70.  shutil.copyfile(db_path, filename)
71.  
72.  # connecting to the database
73.  db = sqlite3.connect(filename)
74.  cursor = db.cursor()
75.  
76.  # 'logins' table has the data
77.  cursor.execute(
78.   "select origin_url, action_url, username_value, password_value, date_created, date_last_used from logins "
79.   "order by date_last_used")
80.  
81.  # iterate over all rows
82.  for row in cursor.fetchall():
83.   main_url = row[0]
84.   login_page_url = row[1]
85.   user_name = row[2]
86.   decrypted_password = password_decryption(row[3], key)
87.   date_of_creation = row[4]
88.   last_usuage = row[5]
89.  
90.   if user_name or decrypted_password:
91.    print(f"Main URL: {main_url}")
92.    print(f"Login URL: {login_page_url}")
93.    print(f"User name: {user_name}")
94.    print(f"Decrypted Password: {decrypted_password}")
95.  
96.   else:
97.    continue
98.  
99.   if date_of_creation != 86400000000 and date_of_creation:
100.    print(f"Creation date: {str(chrome_date_and_time(date_of_creation))}")
101.  
102.   if last_usuage != 86400000000 and last_usuage:
103.    print(f"Last Used: {str(chrome_date_and_time(last_usuage))}")
104.   print("=" * 100)
105.  cursor.close()
106.  db.close()
107.  
108.  try:
109.  
110.   # trying to remove the copied db file as
111.   # well from local computer
112.   os.remove(filename)
113.  except:
114.   pass
115.  
116.  
117. if __name__ == "__main__":
118.  main()
119.