-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: Inability to Decrypt Cookies in Octo Browser #20
Comments
I'm not completely sure, but I believe this is related to an issue that was reported to me, I found #16 which lead me to this.
This user is on Windows and only has Edge and hasn't installed any other browsers. |
How can I reproduce on octo browser? |
I can provide you with a temporary login and password to access the Octo browser. Could you please tell me where I can send this information to you? |
You can send me in telegram |
Update: I think that the only way to find out how to decrypt it, is to reverse engineer it. |
What happened?
Hello @thewh1teagle, once again, thank you very much for adding Octo Browser to the software, but in this issue, I would like to make some recommendations regarding fixes.
Firstly, the octo_browser(domains: Option<Vec<&str>>) function besides the domains argument must necessarily contain additional arguments: cookies_path, key_path because Octo Browser generates a new folder (under a random name) in the directory C:\Users\username\AppData\Roaming\Octo Browser\tmp every time the profile is launched, where browser files, including cookies and others, are located. Therefore, calling find_chrome_based_paths() in the octo_browser() function doesn't make sense.
Secondly, for some reason, attempting to decrypt cookies with the "encrypted_key" key, which is located in the "Local State" file, results in the error "can't decrypt using key." Although the "encrypted_key" keys of Octo Browser and Google Chrome seem to be identical. The values of "encrypted_value" in the table also seem to be encrypted with the same algorithm as in Google Chrome. In general, everything seems to be the same, but for some reason, it is not possible to decrypt the cookie using the aforementioned key.
Below, I am attaching two files, "Cookies" and "Local State," which Octo Browser uses. Perhaps, in your free time, you could take a look and figure out what's going on, why it's not possible to decrypt the cookie values.
Local State.txt
Cookies.txt
P.S.: I changed the file extension for the "Cookies" file to .txt because GitHub does not allow uploading files with extensions like .sqlite3, etc.
Steps to reproduce
What browsers are you seeing the problem on?
Chromium
Relevant log output
No response
The text was updated successfully, but these errors were encountered: