1

[The following thread is posted under the same tags as a similar thread to which I will make a reference: https://stackoverflow.com/questions/65939796/java-how-do-i-decrypt-chrome-cookies ]

Hello everyone, as you have read in the title, I am getting a AEADBadTagException whilst attempting to decrypt my credentials, I am aware that credentials prior to the chrome v80 (chromium equivalent) can no longer simply be "decrypted" through the cryptunprodecteddata method. I have done some reading into the new ways chrome deals with and figured out they were encrypted with aes-256. And i figured out how to decrypt that too. However, this only works for recently saved credentials, all my old credentials when attempting to decrypt them through the old process (despite having the v10 prefix) throw the AEADBadTagException

Java - How do I decrypt Chrome cookies? This is where i sourced the base for my code ( I am aware it is pretty much a copy paste but i do credit the author within my code )

HashMap<String, String> dataMap = new HashMap<>();
if (new String(encryptedCred).contains("v10")) {
    try {
        byte[] nonce = Arrays.copyOfRange(encryptedCred, 3, 3 + 12);
        byte[] ciphertextTag = Arrays.copyOfRange(encryptedCred, 3 + 12, encryptedCred.length);
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(128, nonce);
        assert masterKey != null;
        SecretKeySpec keySpec = new SecretKeySpec(masterKey, "AES");
        cipher.init(Cipher.DECRYPT_MODE, keySpec, gcmParameterSpec);
        byte[] decryptedCred = cipher.doFinal(ciphertextTag);
        dataMap.put("origin_url", resultSet.getString("origin_url").replace("\\/", "/"));
        dataMap.put("username_value", resultSet.getString("username_value").replace("\\/", "/"));
        dataMap.put("password_value", new String(decryptedCred).replace("\\/", "/"));
    } catch (AEADBadTagException e){
        e.printStackTrace();
        bad_counter++;
    }
else {
    Crypt32Util.blablabla()
}

What else have I tried: AES/GCM/PKCS5Padding AES/GCM/NoPadding

Attempt to decrypt the result with cryptutilunprtectedtata Attempt to decrypt with cryptutilunprtectedtata and then aes-256

So now I am starting to wonder whether or not it is possible to decrypt previously stored credentials that are still past chrome v80

Xefer
  • 17
  • 3
  • _... I am aware that credentials **prior to** the chrome v80 (chromium equivalent) can no longer simply be "decrypted" through the cryptunprodecteddata method..._: The new method (AES/GCM) is not used prior to, but **from incl.** v80. In v79 and before the old method (DPAPI) was used. – Topaco Jan 27 '22 at 08:05
  • _...all my old credentials when attempting to decrypt them through the old process (**despite having the v10 prefix**)..._: Why are you trying to decrypt credentials with the v10 prefix using DPAPI (old method)? v10 refers to credentials encrypted with AES/GCM (new method). – Topaco Jan 27 '22 at 08:09
  • I'm not sure if I'm just misunderstanding the question or if you're confusing something, I recommend that you read: http://xenarmor.com/how-to-recover-saved-passwords-google-chrome/ – Topaco Jan 27 '22 at 08:11
  • The crypt32util thing is the DPAPI, i just forgot what it was called, but pretty much I am checking whether it has the v10 prefix, and if it does it means it is v80+ meaning that I try the AES/GCM method, however my old passwords still have the v10 prefix, but when i try to decrypt through aes/gcm i get the AEADBadTagException Also, thanks for this resource [ http://xenarmor.com/how-to-recover-saved-passwords-google-chrome/ ] but this is also one of the ones I have used but it still only works sometimes – Xefer Jan 27 '22 at 17:12
  • Passwords with v10 prefix are generated with the new method (the old method does not prepend a v10). Since decryption seems to work for some passwords with v10 prefix, the implementation itself seems to work. And since the processing of ciphertext, nonce and tag has not changed since v80 to my knowledge, I would guess a problem with the master key. Perhaps the master key for the passwords that can't be decrypted is different than the current master key. – Topaco Jan 28 '22 at 07:33

0 Answers0