rookie icon indicating copy to clipboard operation
rookie copied to clipboard

Published 20 hours ago verified publisher icon thewh1teagle

[Bug]: Inability to Decrypt Cookies in Octo Browser

Open igorank opened this issue 4 months ago • 5 comments

What happened?

Hello @thewh1teagle, once again, thank you very much for adding Octo Browser to the software, but in this issue, I would like to make some recommendations regarding fixes.

Firstly, the octo_browser(domains: Option<Vec<&str>>) function besides the domains argument must necessarily contain additional arguments: cookies_path, key_path because Octo Browser generates a new folder (under a random name) in the directory C:\Users\username\AppData\Roaming\Octo Browser\tmp every time the profile is launched, where browser files, including cookies and others, are located. Therefore, calling find_chrome_based_paths() in the octo_browser() function doesn't make sense.

Secondly, for some reason, attempting to decrypt cookies with the "encrypted_key" key, which is located in the "Local State" file, results in the error "can't decrypt using key." Although the "encrypted_key" keys of Octo Browser and Google Chrome seem to be identical. The values of "encrypted_value" in the table also seem to be encrypted with the same algorithm as in Google Chrome. In general, everything seems to be the same, but for some reason, it is not possible to decrypt the cookie using the aforementioned key.

Below, I am attaching two files, "Cookies" and "Local State," which Octo Browser uses. Perhaps, in your free time, you could take a look and figure out what's going on, why it's not possible to decrypt the cookie values.

Local State.txt Cookies.txt

P.S.: I changed the file extension for the "Cookies" file to .txt because GitHub does not allow uploading files with extensions like .sqlite3, etc.

Steps to reproduce

  1. Open Octo Browser (Chromium based).
  2. Attempt to decrypt the cookies using the "encrypted_key" key from the "Local State" file.
  3. Observe the error message: "can't decrypt using key."
  4. Note that the "encrypted_key" keys of Octo Browser and Google Chrome appear identical, and the values of "encrypted_value" in the "Cookies" file seem to be encrypted with the same algorithm as in Google Chrome.
  5. Despite the similarities, the cookies cannot be decrypted using the provided key.

What browsers are you seeing the problem on?

Chromium

Relevant log output

No response

igorank avatar Feb 05 '24 19:02 igorank