ChromeStealer : A Tool For Extracting Chrome Passwords

ChromeStealer is an educational tool developed by @bernKing20 to demonstrate how to extract and decrypt stored passwords from Google Chrome on Windows systems using C/C++.

The project aims to address gaps in existing resources by providing a functional and detailed implementation.

Key Features And Functionality

ChromeStealer focuses on decrypting passwords stored locally by Google Chrome. Chrome uses the AES-GCM algorithm for encrypting sensitive data, with the encryption key stored in a Local State JSON file and the encrypted passwords in an SQLite database called Login Data.

ChromeStealer retrieves these files, extracts the encryption key using Windows API functions like CryptUnprotectData, and decrypts the stored passwords.

The tool is built with dependencies such as:

• libsodium (for cryptographic operations),
• nlohmann/json (for JSON parsing),
• sqlite3 (for database interaction).

To use ChromeStealer, ensure you have Visual Studio 2022 and vcpkg installed. Follow these steps:

1. Clone the repository:

   git clone https://github.com/BernKing/ChromeStealer.git
   cd ChromeStealer

2. Install dependencies via vcpkg:

   vcpkg install libsodium jsoncpp sqlite3

3. Open the project in Visual Studio, build it, and run the executable. On-screen instructions will guide you through extracting and decrypting passwords.

ChromeStealer is designed for educational purposes only, helping users understand how password storage works in Chrome.

Misuse of this tool can lead to legal consequences, and users are advised to operate it only on systems they own or have explicit permission to test.

The project is open-source under the MIT License. It acknowledges contributions from libraries like libsodium, nlohmann/json, and sqlite3.

For further technical details or code, visit ChromeStealer’s GitHub repository or read the full write-up on BernKing’s blog.