使用python解密工具來解密SecureCRT會話中儲存的登入密碼
使用python解密工具來解密SecureCRT會話中儲存的登入密碼
環境為windows7,SecureCRT7,Python 3.8.8
操作步驟如下:
1.安裝python
從下載python3.8.8,下載時檢視該版本是否支援你的作業系統下載軟體包後直接雙擊安裝包進行安裝,安裝時可以選擇自動配置環境變數。安裝完成後檢視python版本。
C:\Users\Administrator>python --version Python 3.8.8
2.從github下下載how-does-SecureCRT-encrypt-password工具(https://github.com/HyperSine/how-does-SecureCRT-encrypt-password)一個名為SecureCRTCipher.py的python檔案,使用方法如下:
F:\how-does-SecureCRT-encrypt-password-master\python3>python SecureCRTCipher.py Usage: SecureCRTCipher.py [-v2] [-p ConfigPassphrase] "enc" for encryption, "dec" for decryption. This parameter must be specified. --(加密|解密)必選項 [-v2] Encrypt/Decrypt with "Password V2" algorithm. This parameter is optional.--(如果加密使用的是Password V2演算法則加上這個引數)可選項 [-p ConfigPassphrase] The config passphrase that SecureCRT uses. This parameter is optional.--(如果你的SecureCRT開啟時要密碼,則要加上這個引數,並在後面加上你使用的密碼)可選項 Plaintext string or ciphertext string. NOTICE: Ciphertext string must be a hex string. This parameter must be specified.--(明文或密文,密文必須是16進位制的字串)必選項
3.安裝pycryptodome模組
C:\Users\Administrator>pip3 install pycryptodome Collecting pycryptodome Downloading pycryptodome-3.14.1-cp35-abi3-win_amd64.whl (1.8 MB) |████████████████████████████████| 1.8 MB 30 kB/s Installing collected packages: pycryptodome Successfully installed pycryptodome-3.14.1 WARNING: You are using pip version 20.2.3; however, version 22.0.4 is available. You should consider upgrading via the 'c:\program files\python38\python.exe -m pip install --upgrade pip' command.
上面提示我升級一下pip3的版本
C:\Users\Administrator>python -m pip install --upgrade pip Collecting pip Downloading pip-22.0.4-py3-none-any.whl (2.1 MB) |████████████████████████████████| 2.1 MB 142 kB/s Installing collected packages: pip Attempting uninstall: pip Found existing installation: pip 20.2.3 Uninstalling pip-20.2.3: Successfully uninstalled pip-20.2.3 Successfully installed pip-22.0.4
4.找到SecureCRT會話配置檔案
Options->Global Options->Category->Configuration Paths->Configuration folder資料夾下的對應的會話配置檔案xxx.ini,並將其開啟例如:
D:"Is Session"=00000001 S:"Protocol Name"=SSH2 D:"Request pty"=00000001 S:"Shell Command"= D:"Use Shell Command"=00000000 D:"Force Close On Exit"=00000000 D:"Forward X11"=00000000 S:"XAuthority File"= S:"XServer Host"=127.0.0.1 D:"XServer Port"=00001770 D:"XServer Screen Number"=00000000 D:"Enforce X11 Authentication"=00000001 D:"Request Shell"=00000001 S:"Port Forward Filter"=allow,127.0.0.0/255.0.0.0,0 deny,0.0.0.0/0.0.0.0,0 S:"Reverse Forward Filter"=allow,127.0.0.1,0 deny,0.0.0.0/0.0.0.0,0 D:"Max Packet Size"=00001000 D:"Pad Password Packets"=00000001 S:"Sftp Tab Local Directory"=C:\Users\Administrator\Documents S:"Sftp Tab Remote Directory"= S:"Hostname"=12.18.1.23 S:"Firewall Name"=None S:"Username"=root D:"[SSH2] Port"=00000016 S:"Password"=uc71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2
5.在SecureCRTCipher.py檔案目錄下cmd命令列視窗中執行命令即可檢視明文(命令列中字串比Password中的字串少個u):
F:\how-does-SecureCRT-encrypt-password-master\python3>python SecureCRTCipher.py dec c71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2 DoubleLabyrinth
6.解密指令碼檔案SecureCRTCipher.py的內容如下:
#!/usr/bin/env python3
import os
from Crypto.Hash import SHA256
from Crypto.Cipher import AES, Blowfish
class SecureCRTCrypto:
def __init__(self):
'''
Initialize SecureCRTCrypto object.
'''
self.IV = b'\x00' * Blowfish.block_size
self.Key1 = b'\x24\xA6\x3D\xDE\x5B\xD3\xB3\x82\x9C\x7E\x06\xF4\x08\x16\xAA\x07'
self.Key2 = b'\x5F\xB0\x45\xA2\x94\x17\xD9\x16\xC6\xC6\xA2\xFF\x06\x41\x82\xB7'
def Encrypt(self, Plaintext : str):
'''
Encrypt plaintext and return corresponding ciphertext.
Args:
Plaintext: A string that will be encrypted.
Returns:
Hexlified ciphertext string.
'''
plain_bytes = Plaintext.encode('utf-16-le')
plain_bytes += b'\x00\x00'
padded_plain_bytes = plain_bytes + os.urandom(Blowfish.block_size - len(plain_bytes) % Blowfish.block_size)
cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
return cipher1.encrypt(os.urandom(4) + cipher2.encrypt(padded_plain_bytes) + os.urandom(4)).hex()
def Decrypt(self, Ciphertext : str):
'''
Decrypt ciphertext and return corresponding plaintext.
Args:
Ciphertext: A hex string that will be decrypted.
Returns:
Plaintext string.
'''
cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
ciphered_bytes = bytes.fromhex(Ciphertext)
if len(ciphered_bytes) < = 8: raise ValueError('Invalid Ciphertext.') padded_plain_bytes = cipher2.decrypt(cipher1.decrypt(ciphered_bytes)[4:-4]) i = 0 for i in range(0, len(padded_plain_bytes), 2): if padded_plain_bytes[i] == 0 and padded_plain_bytes[i + 1] == 0: break plain_bytes = padded_plain_bytes[0:i] try: return plain_bytes.decode('utf-16-le') except UnicodeDecodeError: raise(ValueError('Invalid Ciphertext.')) class SecureCRTCryptoV2: def __init__(self, ConfigPassphrase : str = ''): ''' Initialize SecureCRTCryptoV2 object. Args: ConfigPassphrase: The config passphrase that SecureCRT uses. Leave it empty if config passphrase is not set. ''' self.IV = b'\x00' * AES.block_size self.Key = SHA256.new(ConfigPassphrase.encode('utf-8')).digest() def Encrypt(self, Plaintext : str): ''' Encrypt plaintext and return corresponding ciphertext. Args: Plaintext: A string that will be encrypted. Returns: Hexlified ciphertext string. ''' plain_bytes = Plaintext.encode('utf-8') if len(plain_bytes) > 0xffffffff:
raise OverflowError('Plaintext is too long.')
plain_bytes = \
len(plain_bytes).to_bytes(4, 'little') + \
plain_bytes + \
SHA256.new(plain_bytes).digest()
padded_plain_bytes = \
plain_bytes + \
os.urandom(AES.block_size - len(plain_bytes) % AES.block_size)
cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV)
return cipher.encrypt(padded_plain_bytes).hex()
def Decrypt(self, Ciphertext : str):
'''
Decrypt ciphertext and return corresponding plaintext.
Args:
Ciphertext: A hex string that will be decrypted.
Returns:
Plaintext string.
'''
cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV)
padded_plain_bytes = cipher.decrypt(bytes.fromhex(Ciphertext))
plain_bytes_length = int.from_bytes(padded_plain_bytes[0:4], 'little')
plain_bytes = padded_plain_bytes[4:4 + plain_bytes_length]
if len(plain_bytes) != plain_bytes_length:
raise ValueError('Invalid Ciphertext.')
plain_bytes_digest = padded_plain_bytes[4 + plain_bytes_length:4 + plain_bytes_length + SHA256.digest_size]
if len(plain_bytes_digest) != SHA256.digest_size:
raise ValueError('Invalid Ciphertext.')
if SHA256.new(plain_bytes).digest() != plain_bytes_digest:
raise ValueError('Invalid Ciphertext.')
return plain_bytes.decode('utf-8')
if __name__ == '__main__':
import sys
def Help():
print('Usage:')
print(' SecureCRTCipher.py [-v2] [-p ConfigPassphrase] ')
print('')
print(' "enc" for encryption, "dec" for decryption.')
print(' This parameter must be specified.')
print('')
print(' [-v2] Encrypt/Decrypt with "Password V2" algorithm.')
print(' This parameter is optional.')
print('')
print(' [-p ConfigPassphrase] The config passphrase that SecureCRT uses.')
print(' This parameter is optional.')
print('')
print(' Plaintext string or ciphertext string.')
print(' NOTICE: Ciphertext string must be a hex string.')
print(' This parameter must be specified.')
print('')
def EncryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Plaintext : str):
try:
if UseV2:
print(SecureCRTCryptoV2(ConfigPassphrase).Encrypt(Plaintext))
else:
print(SecureCRTCrypto().Encrypt(Plaintext))
return True
except:
print('Error: Failed to encrypt.')
return False
def DecryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Ciphertext : str):
try:
if UseV2:
print(SecureCRTCryptoV2(ConfigPassphrase).Decrypt(Ciphertext))
else:
print(SecureCRTCrypto().Decrypt(Ciphertext))
return True
except:
print('Error: Failed to decrypt.')
return False
def Main(argc : int, argv : list):
if 3 < = argc and argc <= 6:
bUseV2 = False
ConfigPassphrase = ''
if argv[1].lower() == 'enc':
bEncrypt = True
elif argv[1].lower() == 'dec':
bEncrypt = False
else:
Help()
return -1
i = 2
while i < argc - 1:
if argv[i].lower() == '-v2':
bUseV2 = True
i += 1
elif argv[i].lower() == '-p' and i + 1 < argc - 1:
ConfigPassphrase = argv[i + 1]
i += 2
else:
Help()
return -1
if bUseV2 == False and len(ConfigPassphrase) != 0:
print('Error: ConfigPassphrase is not supported if "-v2" is not specified')
return -1
if bEncrypt:
return 0 if EncryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1
else:
return 0 if DecryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1
else:
Help()
exit(Main(len(sys.argv), sys.argv))
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/26015009/viewspace-2871305/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- 使用python解密SecureCRT上儲存的密碼 (Windows)Python解密Securecrt密碼Windows
- SecureCRT for Mac 無法儲存登入密碼SecurecrtMac密碼
- oracle 密碼解密Oracle密碼解密
- 解密encrypt的儲存過程解密儲存過程
- 不破壞原加密儲存的儲存解密(轉)加密解密
- 序列密碼的加密與解密密碼加密解密
- jive對密碼的加解密?密碼解密
- 解密SQL SERVER儲存過程解密SQLServer儲存過程
- cookie儲存使用者登入名和密碼程式碼例項Cookie密碼
- 追溯解密基於 SSL 加密的 RDP 會話解密加密會話
- 高效能Sqlite儲存模型物件解密SQLite模型物件解密
- Python技術分享:教你如何解密隔壁WiFi密碼Python解密WiFi密碼
- 解密MSSQL連結資料庫的密碼解密SQL資料庫密碼
- Go 如何實現 PHP 的密碼加密解密GoPHP密碼加密解密
- 文字加密:常見的密碼加密解密方法加密密碼解密
- 【技術解密】SequoiaDB分散式儲存原理解密分散式
- [解密] DNA儲存技術究竟牛在哪裡?解密
- 【草原和大樹】解密MsSql儲存過程解密SQL儲存過程
- 解密SQLServer2005儲存過程解密SQLServer儲存過程
- 如何安全的儲存使用者密碼?(中)程式碼篇密碼
- 小程式的登入和資料解密全解析解密
- 教你巧妙利用u盤儲存上網登入賬號密碼實現快速登入密碼
- AES實現財務資料的加密解密儲存加密解密
- mac膝上型電腦的終端iterm2儲存ssh登入密碼快速登入Mac密碼
- 資料庫會話記錄使用者登陸的密碼資訊資料庫會話密碼
- 【fosoyo】SQL Server儲存過程/函式加/解密SQLServer儲存過程函式解密
- oracle unwrap解密工具Oracle解密
- PHP檔案解密 php魔方解密線上工具PHP解密
- 聊聊密碼儲存中的安全問題密碼
- 如何在 Linux 中產生、加密或解密隨機密碼Linux加密解密隨機密碼
- 如何安全的儲存使用者密碼?(中)理論篇密碼
- redis儲存使用者登入資訊Redis
- [20140515]解密儲存過程.txt解密儲存過程
- 值得收藏!最全勒索解密工具等你來拿解密
- Python2 解密易語言DES加密的密文Python解密加密
- linux中ssh使用rsa免密碼登入方法Linux密碼
- Redis使用認證密碼登入Redis密碼
- 《密碼學系列》|| 詳解密碼學的多重DES演算法...密碼學解密演算法