import os
import json
import base64
import win32crypt
from Crypto.Cipher import AES
path = r'%LocalAppData%\Google\Chrome\User Data\Local State'
path = os.path.expandvars(path)
with open(path, 'r') as file:
encrypted_key = json.loads(file.read())['os_crypt']['encrypted_key']
encrypted_key = base64.b64decode(encrypted_key) # Base64 decoding
encrypted_key = encrypted_key[5:] # Remove DPAPI
decrypted_key = win32crypt.CryptUnprotectData(encrypted_key, None, None, None, 0)[1] # Decrypt key
data = bytes.fromhex('763130...') # the encrypted cookie
nonce = data[3:3+12]
ciphertext = data[3+12:-16]
tag = data[-16:]
cipher = AES.new(decrypted_key, AES.MODE_GCM, nonce=nonce)
plaintext = cipher.decrypt_and_verify(ciphertext, tag) # the decrypted cookie
Этот код прекрасно работает, но мне нужен этот код с powershell, у меня проблемы с декодированием
Add-Type -Assembly System.Security
$ExtensionFile = "$($env:LOCALAPPDATA)\Google\Chrome\User Data\Local State"
$jsondata = Get-Content -Raw -Path $ExtensionFile | ConvertFrom-Json
$enckey = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($jsondata.os_crypt.encrypted_key)).Substring(5)
$deckey = [Security.Cryptography.ProtectedData]::Unprotect($enckey, $null, [Security.Cryptography.DataProtectionScope]::CurrentUser)
В чем проблема?