Extracing Plaintext Google Chrome Passwords

This is a technique that can be used to retrieve any Google Chrome stored passwords

The passwords are stored locally on the host. If you have access to a local file system, you can get access to these.

  1. Open File explorer
  2. Navigate to C:\Users\*\AppData\Local\Google\Chrome\User Data
  3. Open File Local State
  4. This file will give you the encryption key
    • This is a base64 string
  5. Navigate to the folder Default
  6. Open Login Data — you may need a sqllite data base as it is a binary file

Using automated tool


Running this tool will automate pulling the data

  1. Save file
  2. open terminal/command prompt
    1. You can run this with python installed on windows
  3. Install pip install pypiwin21
  4. pip install pycryptodomex
  5. py .\decrypt_chrome_password.py