erwan2212
commented
3 years ago Chrome.exe was a special request I got. It is build against nthash chrome module so it does the same as nthash /chrome : no extra switches.
If you wish to have a dedicated standalone exe for one particular nhash feature : I can easily make it happen.
Papotito123
Hello: I tested chrome.exe in PROBANDO MicrosoftAccount user. I don't know how to, but I just run and give this:
C:\Users\PROBANDO\Downloads\NTHASH-FPC-mas\NTHASH-FPC-master\chrome>chrome.exe path:C:\Users\PROBANDO\AppData\Local\Google\Chrome\User Data\Default db:C:\Users\PROBANDO\AppData\Local\Google\Chrome\User Data\Default\login data.db os_crypt:encrypted_key:F67xzxxxxxxxxxxxxxxxxxxxxxxxx6EA Exception ESQLite3Exception in module chrome.exe at 00046EA2. Unable to load sqlite3.dll - The specified module could not be found.
I recognized that , os_crypt:encrypted_key:F67xzxxxxxxxxxxxxxxxxxxxxxxxx6EA , is the Local State AES key needed to decrypt Chome logins.
So, I looked inside nthash folder and saw sqlite3-64.dll/sqlite3.dll files and copied to extracted chrome.zip. And Chrome Logins (new encryption) are decrypted automatically. Cool. And I'm doing in this in PROBANDO MicrosoftAccount user.
C:\Users\PROBANDO\Downloads\NTHASH-FPC-mas\NTHASH-FPC-master\chrome>chrome.exe path:C:\Users\PROBANDO\AppData\Local\Google\Chrome\User Data\Default db:C:\Users\PROBANDO\AppData\Local\Google\Chrome\User Data\Default\login data.db os_crypt:encrypted_key:F67xzxxxxxxxxxxxxxxxxxxxxxxxx6EA https://login.live.com/login.srf;myemail@hotmail.com;mypassword;*
There's other switches ? This make process more fast.Cool.