Decrypt Chrome Linux BLOB encrypted cookies in Python

Question

I have Chrome 33+ in Ubuntu and I see that the cookies are encrypted in a BLOB structure:

CREATE TABLE cookies (creation_utc INTEGER NOT NULL UNIQUE PRIMARY KEY,host_key TEXT NOT NULL,name TEXT NOT NULL,value TEXT NOT NULL,path TEXT NOT NULL,expires_utc INTEGER NOT NULL,secure INTEGER NOT NULL,httponly INTEGER NOT NULL,last_access_utc INTEGER NOT NULL, has_expires INTEGER NOT NULL DEFAULT 1, persistent INTEGER NOT NULL DEFAULT 1,priority INTEGER NOT NULL DEFAULT 1,encrypted_value BLOB DEFAULT '');

I would like to write a python script to decrypt the cookie. I've seen that there is Cookie issue with Chrome 33 Beta but relies in CryptUnprotectData that it's a Windows API.

First of all I would like to know how are the cookies encrypted. I've read 3DES and AES but I don't find a trusty source to get the info.

I will write the code to do the necessary encryption and decryption if I have info about how to do it.

Thank you

Answer 1

I've posted an example Python script here for decoding the encrypted cookies in either OSX or Linux.