2012-03-29

Extracting Chrome passwords from KWallet

Chrome has an ugly habit of storing saved passwords in KWallet as pickles, which you can't just read from KWalletManager when you need to get the password. This is problematic if you want to switch browsers, or just use more that one but don't want to launch and delve into chrome just to get that one password.


Although the pickle format doesn't seem standard, it mostly works to get every other character as to excise the utf16 (or whatever) text and eyeball the password. Here:

#!/usr/bin/python
# -*- coding: utf-8 -*-
# Quick and dirty Chrome kwallet password extractor
from PyKDE4.kdeui import KWallet
from PyQt4.QtGui import QApplication
from sys import argv
app = QApplication([])
app.setApplicationName("Chrome password extractor")
wallet = KWallet.Wallet.openWallet(KWallet.Wallet.LocalWallet(), 0)
wallet.setFolder("Chrome Form Data") # check your wallet for exact folder name
entries = wallet.entryList()
entry = entries.filter(argv[1])[0]
entry = wallet.readEntry(entry)[1]
# outputs ugly slice of pickled data, hopefully you can eyeball the passsword from there
print(repr(str(entry[0:-1:2])))
view raw chromewallet.py hosted with ❤ by GitHub

Posted by at
Labels: , ,

2 comments:

SKNMedioznawcow said...

I get
"Traceback (most recent call last):
File "extractchrome", line 17, in
entry = entries.filter(argv[1])[0]
IndexError: list index out of range"

I reinstalled system and have my old kwallet file, but merging old and new doesn't work with chrome passwords and hoped that thanks to that script I can extract them. Any tips?

16/4/12 21:39
padouciel said...

Hi,

Sorry for my bad english

Thanks for this post, it saves my life ;-)

@SKNMedioznawcow : I don't know if you have had an answer... So, if not, you must call this script with an argument, like this :
python chromewallet.py "amazon"
Or hack the code to obtain all the entries...

27/10/12 15:06

Post a Comment

Subscribe to: Post Comments (Atom)