v1.1.0 — Cross-host Decryption and Restore

[moonD4rk]

v1.1.0 turns HackBrowserData’s cross-host support into a complete workflow. You can now export Chromium master keys on the origin host, archive only the files needed for decryption, and restore/decrypt them offline on another machine, even across operating systems.

Highlights

End-to-end cross-host workflow

A new three-command flow is available:

hack-browser-data dumpkeys -o keys.json
hack-browser-data archive -o browser-data.zip
hack-browser-data restore --keys keys.json --data-zip browser-data.zip

dumpkeys exports portable Chromium master keys, archive packs the decryption-relevant profile files, and restore rebuilds Chromium engines from the exported key dump instead of the analyst host's local browser table.

Restore Windows-only browsers on macOS/Linux

restore now treats keys.json as the source of truth for what can be restored. This means data from Windows-only Chromium forks such as Sogou, QQ, 360, DC Browser, and DuckDuckGo Browser can be decrypted on macOS or Linux when the exported keys and archived data are available.

Cross-platform Chromium decryption

Chromium v10/v11 decryption is no longer tied to the build OS, enabling offline decryption of copied Chromium data across host platforms. Windows v20 / App-Bound Encryption profiles are supported through exported ABE master keys from the origin host.

Smaller transport artifacts

The new archive command collects only the files needed by the selected categories, preserves the browser/User Data layout inside the zip, and uses the existing locked-file acquisition path for live browser databases.

Cleaner CLI

The cross-host commands now use a flat CLI surface:

• dumpkeys for portable key export
• archive for data transport
• restore for offline decryption

Documentation

The README now includes a complete cross-host decryption guide, examples for SSH key streaming and hand-copied User Data folders, and updated browser support notes.

Compatibility notes

• Cross-host key export and restore are Chromium-only. Firefox and Safari are skipped because they do not expose a portable key in this workflow.
• keys.json contains plaintext master keys. Treat it as a secret; dumpkeys -o writes it with 0600 permissions.
• Go 1.20 remains the minimum supported Go version.

Full Changelog: v1.0.0...v1.1.0

---

This discussion was created from the release v1.1.0 — Cross-host Decryption and Restore.