我从chrome cookie文件中获取cookie“ encrypted_value”并进行解码,但是其中一个字符串变量在使用时出现意外更改。
如果您直接输出:
echo "$SEID"
输出为:
aa312d7a2a15ab67a16f39495dbc22bf9930dafaf70b3eddbd955b0fb39bd7ef661af6ac15d0d98fbbc179c9d6e85901b56c2c4efd9a40df013060d7
我何时这样做:
echo "$SEID;"
但输出已更改,您应该看到倒数第二个第八个字符从零变为分号!!!
aa312d7a2a15ab67a16f39495dbc22bf9930dafaf70b3eddbd955b0fb39bd7ef661af6ac15d0d98fbbc179c9d6e85901b56c2c4efd9a40df;13060d7
我的价值来自以下脚本:
SEID=$(get_cookies_from_chrome "xxxx.com" "SEID")
get_cookies_from_chrome是这个:
#!/usr/local/bin/python3
#coding=utf-8
import os
import sys
import sqlite3
import keyring
from Crypto.Cipher import AES
from Crypto.Protocol.KDF import PBKDF2
my_pass = keyring.get_password('Chrome Safe Storage', 'Chrome')
my_pass = my_pass.encode('utf8')
iterations = 1003
cookie_file = os.path.expanduser('~/Library/Application Support/Google/Chrome/Default/Cookies')
salt = b'saltysalt'
length = 16
iv = b' ' * length
class ChromeCookies:
@staticmethod
def aes_decrypt(token):
key = PBKDF2(my_pass, salt, length, iterations)
cipher = AES.new(key, AES.MODE_CBC, IV=iv)
dec_token = cipher.decrypt(token)
return dec_token
@staticmethod
def query_cookies(host_key, name):
with sqlite3.connect(cookie_file) as conn:
sql = 'select encrypted_value from cookies where host_key="%s" and name = "%s"' % (host_key, name)
result = conn.execute(sql).fetchall()
return result
@staticmethod
def get_value(host_key, name):
result = ChromeCookies.query_cookies(host_key, name)
if len(result) != 0:
return ChromeCookies.aes_decrypt(result[0][0][3:]).decode('utf-8')
else:
return None
if __name__ == '__main__':
print(ChromeCookies.get_value(sys.argv[1], sys.argv[2]))
答案 0 :(得分:0)
echo "$SEID;" 将打印SEID变量的值,后跟分号,后跟换行符。您看到的原因是Python脚本打印了一些在当前终端中具有特殊含义的不可打印字符-它们使光标(决定屏幕上要放置下一个字符的位置)在打印分号之前移动。
要查看不可打印的字符,请尝试运行例如get_cookies_from_chrome "xxxx.com" "SEID" | xxd来转义字符。
答案 1 :(得分:0)
您的脚本必须正在生成带有CR字符的文本,请参见Why does my tool output overwrite itself and how do I fix it?。例如,如果脚本输出123456789\rabcde并将其保存在SEID中,则echo "$SEID"将输出外观 abcde6789,然后echo "$SEID;"将输出看起来像abcde;789