C# 获取并解密谷歌浏览器Cookie
最近有个需求要读取谷歌浏览器的cookie,在网上找了好久都没找到C#版的,最后参考这篇文章(http://www.meilongkui.com/archives/1904,感兴趣的去看下,很硬核)写了个C#的。
首先引入nuget包,一个Microsoft.Data.Sqlite用于读取cookie,而bouncycastle,System.Security.Cryptography.ProtectedData用于解密
using (SqliteConnection connection = new SqliteConnection()) { var userprofilePath = Environment.GetEnvironmentVariable("USERPROFILE"); connection.ConnectionString = $@"DataSource={userprofilePath}\AppData\Local\Google\Chrome\User Data\Default\Cookies"; connection.Open(); SqliteCommand command = new SqliteCommand("select host_key,name,encrypted_value from cookies where host_key='.baidu.com'", connection); SqliteDataReader dataReader = command.ExecuteReader(); dataReader.Read(); byte[] encryptedValue = (byte[])dataReader["encrypted_value"]; int keyLength = 256 / 8; int nonceLength = 96 / 8; String kEncryptionVersionPrefix = "v10"; int GCM_TAG_LENGTH = 16; //字符串内容取自C:\Users\用户名\AppData\Local\Google\Chrome\User Data\Local State文件的encrypted_key byte[] encryptedKeyBytes = Convert.FromBase64String("RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAA3PHk3a5NmQpRxjGtdwCCCAAAAAAIAAAAAABBmAAAAAQAAIAAAALd7GZJyVqp7yQUBIEUvv0cwGN/mdUVrvAqqgbdJyJwoAAAAAA6AAAAAAgAAIAAAAPjIbfKCXRBggBNixV8sG409GYD9QRUHpiRMf/7s7Nm7MAAAABobpenJlhdxFJQw5PI1Fk/X0COpn+HZUxNl+GahUsmydEdXWJg0w5KmZjC7QjKJ/EAAAAA/rz1g3B2SdeXFMesLCZ/5O+xEDYxjeUP1hCw4Fa9rrLeUWpLkmmgL9JRNvSaiMfISpGXcWsr5zvhOLaF2kJ81"); encryptedKeyBytes = encryptedKeyBytes.Skip("DPAPI".Length).Take(encryptedKeyBytes.Length- "DPAPI".Length).ToArray(); var keyBytes = System.Security.Cryptography.ProtectedData.Unprotect(encryptedKeyBytes, null, System.Security.Cryptography.DataProtectionScope.CurrentUser); var nonce = encryptedValue.Skip(kEncryptionVersionPrefix.Length).Take( nonceLength).ToArray(); encryptedValue = encryptedValue.Skip(kEncryptionVersionPrefix.Length + nonceLength).Take(encryptedValue.Length- (kEncryptionVersionPrefix.Length + nonceLength)).ToArray(); var str = AesGcmDecrypt(keyBytes, nonce, encryptedValue); Console.WriteLine($"{dataReader["host_key"]}-{dataReader["name"]}-{str}"); connection.Close(); } public static string AesGcmDecrypt(byte[] keyBytes, byte[] nonce, byte[] encryptedValue) { GcmBlockCipher gcmBlockCipher = new GcmBlockCipher(new AesEngine()); AeadParameters aeadParameters = new AeadParameters( new KeyParameter(keyBytes), 128, nonce); gcmBlockCipher.Init(false, aeadParameters); byte[] plaintext = new byte[gcmBlockCipher.GetOutputSize(encryptedValue.Length)]; int length = gcmBlockCipher.ProcessBytes(encryptedValue, 0, encryptedValue.Length, plaintext, 0); gcmBlockCipher.DoFinal(plaintext, length); return Encoding.UTF8.GetString(plaintext); }