发表新帖
发表新帖

DPAPI fails with CryptographicException when trying to decrypt Chrome cookies

前端 未结
关注
2 1717
盖世英雄少女心
盖世英雄少女心 2020-12-10 00:27

i am trying to get session from my Chrome browser. i can see 2 cookie files in Developer Tools. but this is inconvenient for the user to get cookie values from browser, i wo

2条回答
  • 眼角桃花
    眼角桃花 (楼主)
    2020-12-10 00:41

    I finally figured it out. according to Chromium sources, two methods are used to decrypt the cookie value.

    1. if the cookie value starts with v10 chars, we use AES_256_GCM
    2. otherwise, DPAPI is used

    for the first method we need key and nonce. key is located in Google Chrome files and nonce is located in encrypted cookie value.

    it remains unclear for me - what determines which method is used

    0 讨论(0)
 看不清?
提交回复
热议问题