Elcomsoft Cloud Explorer > Extracting Google authentication tokens

You can sign in to a Google account to download Google account and Google Drive backups using the Google authentication token.

To extract the token, you will need a Google Token Extractor. This tool is shipped together with ECX (GoogleTokenExtractor.exe file). You can find it in the ECX installation folder.

Google Token Extractor is portable, so you can copy the GoogleTokenExtractor.exe file to a folder where you would like the file with the authentication token to be created.

GTEX can extract tokens from the Google Chrome browser and Google Drive (Backup and Sync) application.

GTEX allows you to extract authentication tokens for:

▪The currently logged in Windows user

▪Other Windows users on the current computer

Preconditions

Prior to extracting the authentication token, make sure that at least one the following conditions is met:

▪Google Chrome browser (v.26 - v.64) is installed and at least one user is logged in to the Google Chrome account. The Google Chrome application must be closed during the token extraction process (make sure that there is no Chrome.exe process in the Task Manager)

▪Backup and Sync application (v. 1.32) is installed and at least one user is logged in. Application can be run during the token extraction process.

Prior to using GTEX for extracting the token, make sure that Internet connection is established.

User permissions required for getting the authentication token:

Authentication Token For	Permissions Required
Google account of the currently logged in Windows user	User's permissions are enough
Google account of a different Windows user	Run GoogleTokenExtractor.exe as administrator (if UAC is turned on)

NOTE: If you run GoogleTokenExtractor.exe from a system folder or from the folder you don't have enough permissions to modify, the Windows User Account Control message requesting permission for running this program might appear.

To extract the authentication tokens for the current Windows user, do the following:

1.Launch GoogleTokenExtractor.exe. The file "<Windows user>_<Google ID>_<token type>_<timestamp>_<time zone>.xml" will be created in the directory from which GoogleTokenExtractor.exe was launched.

You will see the full path to the file in the opened console window.

2.The created .xml file contains the following information:

▪GTEX Version

▪Platform

▪Google ID

▪Token

▪Token Type (Google Chrome or Google Drive)

▪Client ID

▪Client Secret

▪Date and time of extraction

To extract the authentication tokens for a certain Windows user, do the following:

1.Open the Command Prompt with administrator privileges.

2.Go to the folder where GoogleTokenExtractor.exe is stored.

3.Enter the command GoogleTokenExtractor.exe --get-users-list

4.The list of all local users with Google Chrome and Google Drive (Backup and Sync) applications installed will be displayed.

5.Launch GoogleTokenExtractor.exe with the get-token chrome (for Google Chrome browser) or get-token drive (for Backup and Sync application) parameter and enter username of a specific local Windows user and the password to this Windows user account in the following form:

GoogleTokenExtractor.exe --get-token chrome --username <username> --password <password>

GoogleTokenExtractor.exe --get-token drive --username <username> --password <password>

For example: GoogleTokenExtractor.exe --get-token chrome --username user1 --password 1234

For users with the blank password, type "" as the value to the password parameter.

For example: GoogleTokenExtractor.exe --get-token chrome --username user1 --password ""

6.The "<Windows user>_<Google ID>_<token type>_<timestamp>_<time zone>.xml" file will be created in the directory from which GoogleTokenExtractor.exe was launched.

The created .xml file contains the following information: