hashcat Forum

hashcat Forum > Support > hashcat > Decrypting Chrome's Login Data password entries
Full Version: Decrypting Chrome's Login Data password entries
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Macilacikommando

01-27-2024, 09:25 PM
Hi!

After an SSD went south, I recovered my user's chromium config folder, but the keyring entry (chrome_libsecret_os_crypt_password_v2) is sadly nonrecoverable. I have the passwords from chromium's Login Data credentials file, but the keyring file, that's needed for the encryption is a 22-24 char long Base64 encoded string, is sadly missing. 


The entry looks like this, is there any way for me to brute force this with Hashcat or considering the length of the pw (22^64), it's a dead cow?

X'7631314f36e73bde27cbfd388d83ae43f7aa42'

Thanks

Banaanhangwagen

01-29-2024, 12:36 AM
in order to recover the saved passwords from the Chromium browser you need the "Login Data" and the "storagekey", as found in the Keychain-application of the mac.
(you can retrieve this key with a simple command)

The storagekey is, after decoding, 32 bytes long. That gives 16^32 possibilities, which is not feasible to crack bruteforce-wise.

Macilacikommando

01-29-2024, 03:16 AM
(01-29-2024, 12:36 AM)Banaanhangwagen Wrote: [ -> ]in order to recover the saved passwords from the Chromium browser you need the "Login Data" and the "storagekey", as found in the Keychain-application of the mac.
(you can retrieve this key with a simple command)

The storagekey is, after decoding, 32 bytes long. That gives 16^32 possibilities, which is not feasible to crack bruteforce-wise.

Sigh, thanks. Then it's a lost effort.
hashcat Forum > Support > hashcat > Decrypting Chrome's Login Data password entries