Decrypts an encrypted Bitwarden data.json file (from the desktop App).
You can safely store data.json as an encrypted, offline backup of your vault knowing you will always be able to decrypt it.
To determine the location of the data.json file see:
https://bitwarden.com/help/article/where-is-data-stored-computer/
Outputs JSON containing:
- Logins
- Cards
- Secure Notes
- Identities
- Folders
- Organizations
- Collections
Note: Outputs (almost) all key/value pairs, including ones you probably don't care about.
./BitwardenDecrypt.py (reads data.json from current directory)
or
./BitwardenDecrypt.py inputfile
Password: (Enter Password)
On Windows:
py BitwardenDecrypt.py
or
py BitwardenDecrypt.py inputfile
Password: (Enter Password)
Note: This script depends on the 'cryptography' package
pip install cryptography
Find this useful? If so, consider showing your appreciation. 🙂
https://paypal.me/GurpreetKang
No validation of the CipherString. I.e. No verification of the MAC before decrypting.Now verifies the MAC.- Can only decrypt EncryptionType: 2 (AesCbc256_HmacSha256_B64). At the time of writing this is the default used for all entries in the personal vault.
Does not decrypt anything from a Collection (Organization).
Initial support for decrypting items from a Collection (Organization). This adds support for decrypting EncryptionType: 4 (Rsa2048_OaepSha1_B64)
Note: Only tested with Personal/Free account (1 Organizaion).
[ ] Nothing. Hopefully Bitwarden will implement an encrypted export and this script can become obsolete.
This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details
- Kyle Spearrin for creating Bitwarden.
- Joshua Stein (Rubywarden) for the reverse engineered Bitwarden documentation.
This project is not associated with Bitwarden or Bitwarden, Inc.