This utility extract the Master Key (use to encrypt browsers saved credentials) and important file(s) of various browsers (i.e. Chrome, Brave, Edge, Opera) in order to decrypt the saved credentials.
A Red Teamer, during a security assessment, can utilize this module to extract the master key and essential files without requiring additional dependency on the target. By focusing solely on key extraction, keeps the software footprint small and also reduces its likelihood to appear as suspicious to various security solutions.
cd "Extract Master Keys" && mkdir build && cd build
cmake ..
cmake --build . --config Release
You can specify the cmake-generator to create configuration files for your build system e.g.
cmake -A x64 ..
cmake -A Win32 ..
cmake -G "Visual Studio 16 2019" -A x64 ..
extractMasterKeys.exe [path/to/output/dir]
I have currently four browsers installed so four keys are extracted, these keys are also stored in [path/to/output/dir/keys.txt].
For clarity and ease of use, the keys are stored in the hexadecimal (HEX) format. It's important to note that these keys are currently implemented using the AES-256 algorithm, with a key size of 256 bits, which translates to 32 bytes
- Once the utility is run, it will show the master keys of each browser
- The utility has organised encrypted data files and master key of each browser at [path/to/output/dir]
- [path/to/output/dir/keys.txt]
This software is intended for educational and research purposes, particularly in offensive security (offsec). It is your responsibility to use it ethically and at your own risk. The developer is not liable for any misuse or consequences of using this software.