Encrypted cookies in Chrome

I've run into this same problem, and the code below provides a working example for anyone who is interested. All credit to Scherling, as the DPAPI was spot on.

public class ChromeCookieReader{    public IEnumerable<Tuple<string,string>> ReadCookies(string hostName)    {        if (hostName == null) throw new ArgumentNullException("hostName");        var dbPath = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + @"\Google\Chrome\User Data\Default\Cookies";        if (!System.IO.File.Exists(dbPath)) throw new System.IO.FileNotFoundException("Cant find cookie store",dbPath); // race condition, but i'll risk it        var connectionString = "Data Source=" + dbPath + ";pooling=false";        using (var conn = new System.Data.SQLite.SQLiteConnection(connectionString))        using (var cmd = conn.CreateCommand())        {            var prm = cmd.CreateParameter();            prm.ParameterName = "hostName";            prm.Value = hostName;            cmd.Parameters.Add(prm);            cmd.CommandText = "SELECT name,encrypted_value FROM cookies WHERE host_key = @hostName";            conn.Open();            using (var reader = cmd.ExecuteReader())            {                while (reader.Read())                {                    var encryptedData = (byte[]) reader[1];                    var decodedData = System.Security.Cryptography.ProtectedData.Unprotect(encryptedData, null, System.Security.Cryptography.DataProtectionScope.CurrentUser);                    var plainText = Encoding.ASCII.GetString(decodedData); // Looks like ASCII                    yield return Tuple.Create(reader.GetString(0), plainText);                }            }            conn.Close();        }    }}

Alright, so in case anyone is interested, I found a solution to this problem after alot of trial, error and googling.

Google Chrome cookies DB has 2 columns for storing values: "value" and "encrypted_value", the latter being used when the cookie stored was requested to be encrypted - often the case with certain confidential information and long-time session keys.

After figuring this out, I then needed to find a way to access this key, stored as a Blob value. I found several guides on how to do this, but the one that ended up paying of was: http://www.codeproject.com/Questions/56109/Reading-BLOB-in-Sqlite-using-C-NET-CF-PPC

Simply reading the value is not enough, as it is encrypted. - Google Chrome uses triple DES encryption with the current users password as seed on windows machines. In order to decrypt this in C#, one should use Windows Data Protection API (DPAPI), there are a few guides out there on how to make use of it.

Like Jasper's answer, in a PowerShell script (of course, customize the SQL query to your needs, and the path to your cookies location):

$cookieLocation = 'C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\cookies'$tempFileName = [System.IO.Path]::GetTempFileName()"select writefile('$tempFileName', encrypted_value) from cookies where host_key = 'localhost' and path = '/api' and name = 'sessionId';" | sqlite3.exe "$cookieLocation"$cookieAsEncryptedBytes = Get-Content -Encoding Byte "$tempFileName"Remove-Item "$tempFileName"Add-Type -AssemblyName System.Security$cookieAsBytes = [System.Security.Cryptography.ProtectedData]::Unprotect($cookieAsEncryptedBytes, $null, [System.Security.Cryptography.DataProtectionScope]::CurrentUser)$cookie = [System.Text.Encoding]::ASCII.GetString($cookieAsBytes)$cookie