O'Reilly logo

Python for Offensive PenTest by Hussam Khrais

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Acquiring the password remotely

Let's get started by understanding how Google Chrome stores and recovers the saved password in the first place:

So, the first fact is, we should know that Google Chrome uses the Windows login password as a key to do both the encryption and decryption phases. The second thing we need to know is that encrypted passwords are stored in a SQLite database called Login Data DB and that database is located in the path C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\Default.

Google Chrome calls a specific Windows API function called CryptProtectData, which utilizes the Windows login password as an encryption ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required