{
	"id": "41dfa9e5-9d7e-46d9-8f9c-2bd9186a5ba1",
	"created_at": "2026-04-06T00:15:55.149383Z",
	"updated_at": "2026-04-10T03:19:57.518541Z",
	"deleted_at": null,
	"sha1_hash": "b84b7fb6d24995780b18d2ac81238db4aa05ee65",
	"title": "GitHub - adnan-alhomssi/chrome-passwords: Recover locally saved passwords on Google Chrome.",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 36215,
	"plain_text": "GitHub - adnan-alhomssi/chrome-passwords: Recover locally\r\nsaved passwords on Google Chrome.\r\nBy adnan-alhomssi\r\nArchived: 2026-04-02 10:44:55 UTC\r\nExtract (Recover) locally saved passwords and cookies (with -p ) on Google Chrome and decrypt them. C/C++\r\nImplementation.\r\nHow it works ?\r\nShortly, Google chrome stores your saved passwords in a SQLLite3 DB file in your local app chrome directory\r\nrelevant to your user. each password is encrypted by whatever user specific credentials your OS provides. on\r\nWindows, which this implementation is dedicated to, it uses Windows Crypt API functions, namely\r\nCryptProtectData which depends on a seed local to your user (in Microsoft words : logon credentials that match\r\nthose of the user who encrypted the data can decrypt the data.), in order to ecrypt your password to a binary\r\nformat stored in a blob column beside url , username and other information. Sadly this credentials are identified\r\nonly by your user, so any process running on your user prvillages level can encrypt/decrypt data. When you ask\r\nchrome to show your saved password in plain text, it asks for your OS user's pass. This gives a false sense of\r\nsecurity as it really does not matter ! just run my implementation and you will get list of everything you stored\r\nwithout a need for privillages elevation !.\r\nNote: this comes after Google was using Plain text to store our passwords :-) for more details: a good answer on\r\nStackoverflow http://security.stackexchange.com/a/40887\r\nSame applies for cookies\r\nHow to use ?\r\nwithout any argument to display saved passwords as following : url \\n username \\n password\r\n-p to disable waiting for random input at the end (useful if you want to forward to the output to a file like\r\nchrome-passwords.exe -p \u003e output)\r\n-c to show also cookies as following: host_key \\n path \\n cookie value\r\nImplementation\r\nApplication is compiled using Visual Studio C++ 2015 toolkit; target SDK 8.1 \u0026 OS: Win 7\r\nDependecies:\r\nSQLLite3 : The amalgamation version : sqlite3.c and sqlite3.h\r\nhttps://github.com/adnan-alhomssi/chrome-passwords\r\nPage 1 of 2\n\nMicrosoft Cryptography API. Cryptlib32.lib ( You can get by installing Windows SDK if visual studio does\r\nnot already have it). I prefer static linking for dependecies and CRT in such tiny app.\r\nContributing\r\nThis is a fairly simple show case for a possibility of exploiting the ecnrypting mechanisim. If it does not work on\r\nyour machine, feel free to send me a report of the problem. Of course, this code meant to expose the issue and not\r\nintended for any harmful reasons.\r\nSource: https://github.com/adnan-alhomssi/chrome-passwords\r\nhttps://github.com/adnan-alhomssi/chrome-passwords\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://github.com/adnan-alhomssi/chrome-passwords"
	],
	"report_names": [
		"chrome-passwords"
	],
	"threat_actors": [],
	"ts_created_at": 1775434555,
	"ts_updated_at": 1775791197,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/b84b7fb6d24995780b18d2ac81238db4aa05ee65.pdf",
		"text": "https://archive.orkl.eu/b84b7fb6d24995780b18d2ac81238db4aa05ee65.txt",
		"img": "https://archive.orkl.eu/b84b7fb6d24995780b18d2ac81238db4aa05ee65.jpg"
	}
}