BrowserSnatch is a powerful and versatile tool designed to "snatch" sensitive data from a variety of web browsers. This tool targets both Chromium-based browsers (such as Edge, Chrome, Opera, etc.) and Gecko-based browsers (such as Firefox, Thunderbird, etc.) overall including more than 40 browsers, making it a comprehensive solution for browser data extraction.
-
Snatch Saved Passwords: Effortlessly retrieve stored passwords from all major Chromium and Gecko-based browsers
-
Snatch Cookies: Extract cookies from user profiles across multiple browsers
-
Snatch Bookmarks: Snatch all saved bookmarks from every browser
-
Snatch History: Now supports snatching of history across all browsers
-
Upcoming Features: Future versions will also support:
- Obfuscated strings - Obfuscated API calls
Note: This version does not include any defense evasion technique.
- Chrome App-Bound Encryption Bypass: Latest App-Bound Encryption bypassed for chrome
- Easy to Use: No complicated setup or configuration required
- Zero External Dependencies: Completely written in C and C++, with little to no need for additional libraries
- Cross-Browser Support: Handles both Chromium and Gecko-based browsers with ease
- History & Bookmarks: Now supports snatching of history and bookmarks across all browsers
- Greed Mode: Greed mode included which snatches everything in a single stealer db
- Future-Proof: Continuous updates with more capabilities and advanced evasion techniques
BrowserSnatch is a tool designed for legal, ethical penetration testing and educational purposes only. The author is NOT responsible for any misuse or illegal activities performed using this tool. Always ensure you have proper authorization before testing any system or network.
By using BrowserSnatch, you agree to:
- Use this tool in compliance with all local, state, and federal laws
- Obtain proper authorization before testing any system or network
- Respect privacy and confidentiality when handling data
- Clone the repository
- Open in Visual Studio
- ISO C++17 Standard (/std:c++17) or higher
- Import the resource in project (resource file in Chrome_key_retriever_shellcode/extract_key.bin) //Resource error might come because of static resource paths. Replace my username with your own username in resource .rc file!!!
- Compile
NOTE: Decrypted cookies using app-bound encryption key are saved as BLOB in stealer DB. The first 32 bytes of BLOB are uncertain, but next are decrypted cookies and can be seen if BLOB is converted to simple ascii or viewed in DB browser for sqlite (https://sqlitebrowser.org).
To run BrowserSnatch, simply execute the binary from the command line. The tool will operate in default mode if no parameter is provided.
Default Mode
- No Parameter Provided: Executes with default settings and attempts to snatch all saved passwords and cookies
CommandLine Mode
-
Parameter: -h: Displays a help menu detailing all available options.
Password Snatching
- Parameter: -pass: Snatch passwords from every browser.
- Parameter: -pass -c: Snatch passwords from Chromium-based browsers only.
- Parameter: -pass -g: Snatch passwords from Gecko-based browsers only.
Cookie Snatching
- Parameter: -cookies: Snatch cookies from every browser.
- Parameter: -cookies -c: Snatch cookies from Chromium-based browsers only.
- Parameter: -cookies -g: Snatch cookies from Gecko-based browsers only.
- Parameter: -cookies -chrome_app_bound: Snatch cookies from latest chrome app bound encryption only.
Bookmarks Snatching
- Parameter: -bookmarks: Snatch bookmarks from every browser.
- Parameter: -bookmarks -c: Snatch bookmarks from Chromium-based browsers only.
- Parameter: -bookmarks -g: Snatch bookmarks from Gecko-based browsers only.
History Snatching
- Parameter: -history: Snatch history from every browser.
- Parameter: -history -c: Snatch history from Chromium-based browsers only.
- Parameter: -history -g: Snatch history from Gecko-based browsers only.
Greed Mode
- Parameter: -greed: Snatch everything from every browser and save in a single stealer database.
Console Mode
- Parameter: -console-mode: Displays a user-friendly console.
- Run the following command to start BrowserSnatch in default mode:
./BrowserSnatch
- To see the user-friendly console interface, use:
./BrowserSnatch -console-mode
- To see help menu, use:
./BrowserSnatch -h
- To Snatch all browser passwords, use:
./BrowserSnatch -pass
- To Snatch chromium browser passwords, use:
./BrowserSnatch -pass -c
- To Snatch gecko browser passwords, use:
./BrowserSnatch -pass -g
- To Snatch all browser cookies, use:
./BrowserSnatch -cookies
- To Snatch chromium browser cookies, use:
./BrowserSnatch -cookies -c
- To Snatch gecko browser cookies, use:
./BrowserSnatch -cookies -g
- To Snatch chrome app-bound encrypted browser cookies, use:
./BrowserSnatch -cookies -chrome_app_bound
- To Snatch all browser bookmarks, use:
./BrowserSnatch -bookmarks
- To Snatch chromium browser bookmarks, use:
./BrowserSnatch -bookmarks -c
- To Snatch gecko browser bookmarks, use:
./BrowserSnatch -bookmarks -g
- To Snatch all browser history, use:
./BrowserSnatch -history
- To Snatch chromium browser history, use:
./BrowserSnatch -history -c
- To Snatch gecko browser history, use:
./BrowserSnatch -history -g
- To Snatch Everything from Every Browser, use Greed mode:
./BrowserSnatch -greed
Following GIF demonstrates the working of BrowserSnatch and how its stealer log can be accessed.
№ | Browser Name | Passwords | Cookies | Bookmarks | History |
---|---|---|---|---|---|
1 | Chrome | ✅ | ✅ | ✅ | ✅ |
2 | Microsoft Edge | ✅ | ✅ | ✅ | ✅ |
3 | Chromium | ✅ | ✅ | ✅ | ✅ |
4 | Brave - Browser | ✅ | ✅ | ✅ | ✅ |
5 | Epic Privacy Browser | ✅ | ✅ | ✅ | ✅ |
6 | Amigo | ✅ | ✅ | ✅ | ✅ |
7 | Vivaldi | ✅ | ✅ | ✅ | ✅ |
8 | Orbitum | ✅ | ✅ | ✅ | ✅ |
9 | SeaMonkey | ✅ | ✅ | ✅ | ✅ |
10 | Kometa | ✅ | ✅ | ✅ | ✅ |
11 | Comodo Dragon | ✅ | ✅ | ✅ | ✅ |
12 | Torch | ✅ | ✅ | ✅ | ✅ |
13 | Icecat | ✅ | ✅ | ✅ | ✅ |
14 | Postbox | ✅ | ✅ | ✅ | ✅ |
15 | Flock Browser | ✅ | ✅ | ✅ | ✅ |
16 | K - Melon | ✅ | ✅ | ✅ | ✅ |
17 | Sputnik | ✅ | ✅ | ✅ | ✅ |
18 | CocCoc Browser | ✅ | ✅ | ✅ | ✅ |
19 | Uran | ✅ | ✅ | ✅ | ✅ |
20 | Yandex | ✅ | ✅ | ✅ | ✅ |
21 | Firefox | ✅ | ✅ | ✅ | ✅ |
22 | Waterfox | ✅ | ✅ | ✅ | ✅ |
23 | Cyberfox | ✅ | ✅ | ✅ | ✅ |
24 | Thunderbird | ✅ | ✅ | ✅ | ✅ |
25 | IceDragon | ✅ | ✅ | ✅ | ✅ |
26 | BlackHawk | ✅ | ✅ | ✅ | ✅ |
27 | Pale Moon | ✅ | ✅ | ✅ | ✅ |
28 | Opera | ✅ | ✅ | ✅ | ✅ |
29 | Iridium | ✅ | ✅ | ✅ | ✅ |
30 | CentBrowser | ✅ | ✅ | ✅ | ✅ |
31 | Chedot | ✅ | ✅ | ✅ | ✅ |
32 | liebao | ✅ | ✅ | ✅ | ✅ |
33 | 7Star | ✅ | ✅ | ✅ | ✅ |
34 | ChromePlus | ✅ | ✅ | ✅ | ✅ |
35 | Citrio | ✅ | ✅ | ✅ | ✅ |
36 | 360Chrome - Chrome | ✅ | ✅ | ✅ | ✅ |
37 | Elements Browser | ✅ | ✅ | ✅ | ✅ |
38 | Sleipnir5 | ✅ | ✅ | ✅ | ✅ |
39 | ChromiumViewer | ✅ | ✅ | ✅ | ✅ |
40 | QIP Surf | ✅ | ✅ | ✅ | ✅ |
41 | Coowon | ✅ | ✅ | ✅ | ✅ |
- String obfuscation: Currently under development
- API call obfuscation: Dynamic api resolution
- Defense Evasion Techniques: Advance defense evasion techniques
Stay tuned for future releases!
For any inquiries or contributions, feel free to reach out to the author or contribute directly via GitHub Issues.
- Took help from the Project by SaulBerrenson called BrowserStealer.
- Took help with chrome key & password decryption from 0x00sec.
- Took help for Retrieving App-Bound encryption key from snovvcrash.