Only cookies being caught #39
Comments
|
Please download Chromepass again and try it out. I actually noticed that bug before. It appeared because the server tried to create a directory inside |
|
Redownloaded it and even manually created a data folder |
|
Please check that the server has permission to write to the directory it's in. The server writes all of its data in the same directory and if it can't do so it will fail on the next writes. There are 2 soutions:
I pushed a new version that adds a more descriptive message when that error happens. |
|
Ran as admin and that indeed did fix it. It is only getting cookies The fact that its happening only on some computers and not others tells me there's some sort of variable I'm not accounting for but I can't think of it. Both chrome and its login file are at the default locations. |
Genus-learner
changed the title
Genus-learner
changed the title
|
Huh, that's weird! It's possible there's a variable I'm not accounting for as well.
If any of these work maybe we can narrow it down further. |
|
Thank you for your quick responses! |
|
I remembered another potential problem that I had thought about before and ultimately forgot. |
|
@ C:\Users\Username\AppData\Local\Google\Chrome\User Data\Default
So in other word they match the computers that do work. I downloaded a password viewer and it was able to pull the passwords I believe that supports the idea that all the files are in their default location |
I tried your suggestions. No improvement. |
|
This is really strange. Would it be okay if I gave you a version of chromepass in form of an executable to test it out? I'm assuming you're testing it on a VM |
|
chromepass.zip |
Chromepass is installed on a VM, but the client I am testing on my actual computer.
|
|
Was the server running at the time the client was executed? |
|
by the way, it's totally safe to test that even on your computer, it just does the same thing as a client generated with the default 127.0.0.1:80 configuration sending to the local server, but with a lot of different printing along the way :D |
|
This is the printing on the vm where it is able to get login and cookies This is the printing on my actual computer where it cant get login info but can get cookies Server was running this time in both scenarios, but server is running on virtual machine and not on the actual computer so idk if that would affect it? |
|
That's perfect, now we know it's failing at the decryption of the password in login. I think I might know why this is the case. |
Latest build can't make a client for some reason |
|
hmm sorry about that, it might be a problem on my end. Do you see any error message inside the |
|
Here's the end of the log |
I'll take a look |
|
My apologies. I just checked the error message. It was a line I added to the config file. I just fixed it. It should build. |
|
|
Looking into it! Again, thanks for the patience!! |
|
Fortunately it seems that issue is related to a specific dependency which isn't used anymore in my project so I just removed it. Hopefully it works now :D (just updated it) |
|
I got a clean build, but now the server isn't receiving anything from the client? lol hopefully all this troubleshooting will make everything go super smoothly for anyone else who wants to learn how this all works in the future |
|
Pushed another update. I noticed a few issues that might be causing your current problem, mainly the way that the program figures out where the local appdata program is, I realized not all systems will have the required environment variable so it now uses a different method. I was also checking whether the decryption key was correctly found or not, which also makes the script not work for earlier versions of Chromium-based browsers. (It would also not be able to decrypt passwords saved from when the browser was in its older version, even if updated afterwards). It should work now, I hope :D
Yeah hopefully :P |
|
I would like to congratulate you sir, as of right now, it is working on both the VM and the actual computer that it wasn't working on when this thread was created (and in #36 ). When I get the chance I'll test it on my other computers to make sure it still works in them after all these changes that have happened. |
|
Thank you! I'd like to thank you as well for helping track this issue down, it wouldn't have been possible without you! |
Good news!
What has been changed in the decryption process since the beginning of the thread? What was the main issue causing it to not get login data? |
|
That's awesome! So a couple of things got changed. Before, the decryption process went like this:
Initially I thought the problem was only on step 3, and it partially was. Chrome version 80 and above store the passwords in this encryption format (encrypted by the aes256-gcm key in Local State and having that key encrypted with DPAPI). Before Chrome version 80, passwords were just all encrypted with DPAPI. Now the problem is that even if you update Chrome to the latest versions, all the passwords that were saved in the Chrome<80 format will remain in that format and they won't be able to de decrypted. So I changed the decryption to simple DPAPI if the AES256-GCM fails. This wasn't enough however because it turns out I was also only decrypting passwords if a valid key was found in Local State, which there doesn't have to be one if the version < 80. This is more of a "making sure it works on all versions" even though most people will have updated by now. The last problem was the method with which I retrieved the directories. I was using LOCALAPPDATA environment variable but that may not exist. Now, I directly build the correct path from the username. So in summary, the main issue was that the decryption failed if there were any passwords stored from Chrome versions before 80 and the base directories were not always correct due to potentially nonexisting environment variables. |
|
Closing this issue now as it's solved. It took a while :P |
Ok, I forgot in my last post. Part of why I thought the memory error was real was because the server console gives this error and I receive no data
The text was updated successfully, but these errors were encountered: