使用python解密工具來解密SecureCRT會話中儲存的登入密碼
使用python解密工具來解密SecureCRT會話中儲存的登入密碼
環境為windows7,SecureCRT7,Python 3.8.8
操作步驟如下:
1.安裝python
從下載python3.8.8,下載時檢視該版本是否支援你的作業系統下載軟體包後直接雙擊安裝包進行安裝,安裝時可以選擇自動配置環境變數。安裝完成後檢視python版本。
C:\Users\Administrator>python --version Python 3.8.8
2.從github下下載how-does-SecureCRT-encrypt-password工具(https://github.com/HyperSine/how-does-SecureCRT-encrypt-password)一個名為SecureCRTCipher.py的python檔案,使用方法如下:
F:\how-does-SecureCRT-encrypt-password-master\python3>python SecureCRTCipher.py Usage: SecureCRTCipher.py [-v2] [-p ConfigPassphrase] "enc" for encryption, "dec" for decryption. This parameter must be specified. --(加密|解密)必選項 [-v2] Encrypt/Decrypt with "Password V2" algorithm. This parameter is optional.--(如果加密使用的是Password V2演算法則加上這個引數)可選項 [-p ConfigPassphrase] The config passphrase that SecureCRT uses. This parameter is optional.--(如果你的SecureCRT開啟時要密碼,則要加上這個引數,並在後面加上你使用的密碼)可選項 Plaintext string or ciphertext string. NOTICE: Ciphertext string must be a hex string. This parameter must be specified.--(明文或密文,密文必須是16進位制的字串)必選項
3.安裝pycryptodome模組
C:\Users\Administrator>pip3 install pycryptodome Collecting pycryptodome Downloading pycryptodome-3.14.1-cp35-abi3-win_amd64.whl (1.8 MB) |████████████████████████████████| 1.8 MB 30 kB/s Installing collected packages: pycryptodome Successfully installed pycryptodome-3.14.1 WARNING: You are using pip version 20.2.3; however, version 22.0.4 is available. You should consider upgrading via the 'c:\program files\python38\python.exe -m pip install --upgrade pip' command.
上面提示我升級一下pip3的版本
C:\Users\Administrator>python -m pip install --upgrade pip Collecting pip Downloading pip-22.0.4-py3-none-any.whl (2.1 MB) |████████████████████████████████| 2.1 MB 142 kB/s Installing collected packages: pip Attempting uninstall: pip Found existing installation: pip 20.2.3 Uninstalling pip-20.2.3: Successfully uninstalled pip-20.2.3 Successfully installed pip-22.0.4
4.找到SecureCRT會話配置檔案
Options->Global Options->Category->Configuration Paths->Configuration folder資料夾下的對應的會話配置檔案xxx.ini,並將其開啟例如:
D:"Is Session"=00000001 S:"Protocol Name"=SSH2 D:"Request pty"=00000001 S:"Shell Command"= D:"Use Shell Command"=00000000 D:"Force Close On Exit"=00000000 D:"Forward X11"=00000000 S:"XAuthority File"= S:"XServer Host"=127.0.0.1 D:"XServer Port"=00001770 D:"XServer Screen Number"=00000000 D:"Enforce X11 Authentication"=00000001 D:"Request Shell"=00000001 S:"Port Forward Filter"=allow,127.0.0.0/255.0.0.0,0 deny,0.0.0.0/0.0.0.0,0 S:"Reverse Forward Filter"=allow,127.0.0.1,0 deny,0.0.0.0/0.0.0.0,0 D:"Max Packet Size"=00001000 D:"Pad Password Packets"=00000001 S:"Sftp Tab Local Directory"=C:\Users\Administrator\Documents S:"Sftp Tab Remote Directory"= S:"Hostname"=12.18.1.23 S:"Firewall Name"=None S:"Username"=root D:"[SSH2] Port"=00000016 S:"Password"=uc71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2
5.在SecureCRTCipher.py檔案目錄下cmd命令列視窗中執行命令即可檢視明文(命令列中字串比Password中的字串少個u):
F:\how-does-SecureCRT-encrypt-password-master\python3>python SecureCRTCipher.py dec c71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2 DoubleLabyrinth
6.解密指令碼檔案SecureCRTCipher.py的內容如下:
#!/usr/bin/env python3
import os
from Crypto.Hash import SHA256
from Crypto.Cipher import AES, Blowfish
class SecureCRTCrypto:
def __init__(self):
'''
Initialize SecureCRTCrypto object.
'''
self.IV = b'\x00' * Blowfish.block_size
self.Key1 = b'\x24\xA6\x3D\xDE\x5B\xD3\xB3\x82\x9C\x7E\x06\xF4\x08\x16\xAA\x07'
self.Key2 = b'\x5F\xB0\x45\xA2\x94\x17\xD9\x16\xC6\xC6\xA2\xFF\x06\x41\x82\xB7'
def Encrypt(self, Plaintext : str):
'''
Encrypt plaintext and return corresponding ciphertext.
Args:
Plaintext: A string that will be encrypted.
Returns:
Hexlified ciphertext string.
'''
plain_bytes = Plaintext.encode('utf-16-le')
plain_bytes += b'\x00\x00'
padded_plain_bytes = plain_bytes + os.urandom(Blowfish.block_size - len(plain_bytes) % Blowfish.block_size)
cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
return cipher1.encrypt(os.urandom(4) + cipher2.encrypt(padded_plain_bytes) + os.urandom(4)).hex()
def Decrypt(self, Ciphertext : str):
'''
Decrypt ciphertext and return corresponding plaintext.
Args:
Ciphertext: A hex string that will be decrypted.
Returns:
Plaintext string.
'''
cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
ciphered_bytes = bytes.fromhex(Ciphertext)
if len(ciphered_bytes) < = 8: raise ValueError('Invalid Ciphertext.') padded_plain_bytes = cipher2.decrypt(cipher1.decrypt(ciphered_bytes)[4:-4]) i = 0 for i in range(0, len(padded_plain_bytes), 2): if padded_plain_bytes[i] == 0 and padded_plain_bytes[i + 1] == 0: break plain_bytes = padded_plain_bytes[0:i] try: return plain_bytes.decode('utf-16-le') except UnicodeDecodeError: raise(ValueError('Invalid Ciphertext.')) class SecureCRTCryptoV2: def __init__(self, ConfigPassphrase : str = ''): ''' Initialize SecureCRTCryptoV2 object. Args: ConfigPassphrase: The config passphrase that SecureCRT uses. Leave it empty if config passphrase is not set. ''' self.IV = b'\x00' * AES.block_size self.Key = SHA256.new(ConfigPassphrase.encode('utf-8')).digest() def Encrypt(self, Plaintext : str): ''' Encrypt plaintext and return corresponding ciphertext. Args: Plaintext: A string that will be encrypted. Returns: Hexlified ciphertext string. ''' plain_bytes = Plaintext.encode('utf-8') if len(plain_bytes) > 0xffffffff:
raise OverflowError('Plaintext is too long.')
plain_bytes = \
len(plain_bytes).to_bytes(4, 'little') + \
plain_bytes + \
SHA256.new(plain_bytes).digest()
padded_plain_bytes = \
plain_bytes + \
os.urandom(AES.block_size - len(plain_bytes) % AES.block_size)
cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV)
return cipher.encrypt(padded_plain_bytes).hex()
def Decrypt(self, Ciphertext : str):
'''
Decrypt ciphertext and return corresponding plaintext.
Args:
Ciphertext: A hex string that will be decrypted.
Returns:
Plaintext string.
'''
cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV)
padded_plain_bytes = cipher.decrypt(bytes.fromhex(Ciphertext))
plain_bytes_length = int.from_bytes(padded_plain_bytes[0:4], 'little')
plain_bytes = padded_plain_bytes[4:4 + plain_bytes_length]
if len(plain_bytes) != plain_bytes_length:
raise ValueError('Invalid Ciphertext.')
plain_bytes_digest = padded_plain_bytes[4 + plain_bytes_length:4 + plain_bytes_length + SHA256.digest_size]
if len(plain_bytes_digest) != SHA256.digest_size:
raise ValueError('Invalid Ciphertext.')
if SHA256.new(plain_bytes).digest() != plain_bytes_digest:
raise ValueError('Invalid Ciphertext.')
return plain_bytes.decode('utf-8')
if __name__ == '__main__':
import sys
def Help():
print('Usage:')
print(' SecureCRTCipher.py [-v2] [-p ConfigPassphrase] ')
print('')
print(' "enc" for encryption, "dec" for decryption.')
print(' This parameter must be specified.')
print('')
print(' [-v2] Encrypt/Decrypt with "Password V2" algorithm.')
print(' This parameter is optional.')
print('')
print(' [-p ConfigPassphrase] The config passphrase that SecureCRT uses.')
print(' This parameter is optional.')
print('')
print(' Plaintext string or ciphertext string.')
print(' NOTICE: Ciphertext string must be a hex string.')
print(' This parameter must be specified.')
print('')
def EncryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Plaintext : str):
try:
if UseV2:
print(SecureCRTCryptoV2(ConfigPassphrase).Encrypt(Plaintext))
else:
print(SecureCRTCrypto().Encrypt(Plaintext))
return True
except:
print('Error: Failed to encrypt.')
return False
def DecryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Ciphertext : str):
try:
if UseV2:
print(SecureCRTCryptoV2(ConfigPassphrase).Decrypt(Ciphertext))
else:
print(SecureCRTCrypto().Decrypt(Ciphertext))
return True
except:
print('Error: Failed to decrypt.')
return False
def Main(argc : int, argv : list):
if 3 < = argc and argc <= 6:
bUseV2 = False
ConfigPassphrase = ''
if argv[1].lower() == 'enc':
bEncrypt = True
elif argv[1].lower() == 'dec':
bEncrypt = False
else:
Help()
return -1
i = 2
while i < argc - 1:
if argv[i].lower() == '-v2':
bUseV2 = True
i += 1
elif argv[i].lower() == '-p' and i + 1 < argc - 1:
ConfigPassphrase = argv[i + 1]
i += 2
else:
Help()
return -1
if bUseV2 == False and len(ConfigPassphrase) != 0:
print('Error: ConfigPassphrase is not supported if "-v2" is not specified')
return -1
if bEncrypt:
return 0 if EncryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1
else:
return 0 if DecryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1
else:
Help()
exit(Main(len(sys.argv), sys.argv))
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/26015009/viewspace-2871305/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- 使用python解密SecureCRT上儲存的密碼 (Windows)Python解密Securecrt密碼Windows
- 瀏覽器儲存密碼獲取與解密瀏覽器密碼解密
- 序列密碼的加密與解密密碼加密解密
- Python技術分享:教你如何解密隔壁WiFi密碼Python解密WiFi密碼
- 解密MSSQL連結資料庫的密碼解密SQL資料庫密碼
- 文字加密:常見的密碼加密解密方法加密密碼解密
- Go 如何實現 PHP 的密碼加密解密GoPHP密碼加密解密
- AES實現財務資料的加密解密儲存加密解密
- mac膝上型電腦的終端iterm2儲存ssh登入密碼快速登入Mac密碼
- 小程式的登入和資料解密全解析解密
- Python2 解密易語言DES加密的密文Python解密加密
- android 短視訊開發,使用者選擇記住密碼,再次登入自動讀取儲存密碼Android密碼
- oracle unwrap解密工具Oracle解密
- PHP檔案解密 php魔方解密線上工具PHP解密
- 《密碼學系列》|| 詳解密碼學的多重DES演算法...密碼學解密演算法
- 密碼登入密碼
- Redis使用認證密碼登入Redis密碼
- SKILL指令碼的加密與解密及使用指令碼加密解密
- 解密JBoss和Weblogic資料來源連線字串和控制檯密碼解密Web字串密碼
- redis儲存使用者登入資訊Redis
- 值得收藏!最全勒索解密工具等你來拿解密
- 凱撒密碼加解密過程與破解原理密碼解密
- PbootCMS程式後臺登入密碼重置工具boot密碼
- 一文了解密碼/國密及應用,密碼也卡脖子?解密密碼
- 使用mimipenguin實現從當前 Linux 使用者轉儲登入密碼NGUILinux密碼
- 解密TaurusDB儲存端高併發之執行緒池解密執行緒
- 線上加密/解密工具加密解密
- 2.9.3 安全的外部密碼儲存密碼
- 國密2 (sm2)非對稱加密解密工具--支援生成公鑰私鑰對及加密解密加密解密
- NFC解碼解密解密
- securecrt保持會話不會斷掉Securecrt會話
- Windows檢視登入使用者會話Windows會話
- python怎麼使用md5加密解密Python加密解密
- 如何在 Linux 上用密碼加密和解密檔案Linux密碼加密解密
- 一個聚合的加解密工具類解密
- Python使用AES進行鹽值加密和解密Python加密解密
- 免費的PHP線上解密工具原始碼V1.2PHP解密原始碼
- 修改 MySQL 登入密碼MySql密碼