Finalshell是一款远程连接服务器的工具,在连接服务器的时候可以选择保存密码。然而,时间久了之后,我们可能忘记密码,如果你需要获取到保存在Finalshell中的密码,那么可以尝试以下操作。
1、获取密码文件
以mac为例,Finalshell保存密码的默认路径为:/Users/<yourhostname>/Library/FinalShell/conn
。这个路径下存放着很多.json
格式的文件,如下图所示:
假设我们的主机是123.23.34.5
,那么,可以通过使用grep -rni "123.23.34.5" *
来定位该主机的有关信息。内容如下:
其中,password
所对应的内容就是原密码加密后的内容。
2、解密
有人用java写了解密的代码:
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
public class FinalShellDecodePass {
public static void main(String[] args)throws Exception {
System.out.println(decodePass(args[0]));
}
public static byte[] desDecode(byte[] data, byte[] head) throws Exception {
SecureRandom sr = new SecureRandom();
DESKeySpec dks = new DESKeySpec(head);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey securekey = keyFactory.generateSecret(dks);
Cipher cipher = Cipher.getInstance("DES");
cipher.init(2, securekey, sr);
return cipher.doFinal(data);
}
public static String decodePass(String data) throws Exception {
if (data == null) {
return null;
} else {
String rs = "";
byte[] buf = Base64.getDecoder().decode(data);
byte[] head = new byte[8];
System.arraycopy(buf, 0, head, 0, head.length);
byte[] d = new byte[buf.length - head.length];
System.arraycopy(buf, head.length, d, 0, d.length);
byte[] bt = desDecode(d, ranDomKey(head));
rs = new String(bt);
return rs;
}
}
static byte[] ranDomKey(byte[] head) {
long ks = 3680984568597093857L / (long)(new Random((long)head[5])).nextInt(127);
Random random = new Random(ks);
int t = head[0];
for(int i = 0; i < t; ++i) {
random.nextLong();
}
long n = random.nextLong();
Random r2 = new Random(n);
long[] ld = new long[]{(long)head[4], r2.nextLong(), (long)head[7], (long)head[3], r2.nextLong(), (long)head[1], random.nextLong(), (long)head[2]};
ByteArrayOutputStream bos = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(bos);
long[] var15 = ld;
int var14 = ld.length;
for(int var13 = 0; var13 < var14; ++var13) {
long l = var15[var13];
try {
dos.writeLong(l);
} catch (IOException var18) {
var18.printStackTrace();
}
}
try {
dos.close();
} catch (IOException var17) {
var17.printStackTrace();
}
byte[] keyData = bos.toByteArray();
keyData = md5(keyData);
return keyData;
}
public static byte[] md5(byte[] data) {
String ret = null;
byte[] res=null;
try {
MessageDigest m;
m = MessageDigest.getInstance("MD5");
m.update(data, 0, data.length);
res=m.digest();
ret = new BigInteger(1, res).toString(16);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return res;
}
}
将代码复制并存储到本地,命名为FinalShellDecodePass.java
,然后利用javac FinalShellDecodePass.java
进行编译。编译完成后,利用java FinalShellDecodePass <密文字符串>
进行解密,即可得到密码原码。
参考内容:
- https://my.oschina.net/AdminTeam/blog/4537887
- https://blog.csdn.net/shuangyueliao/article/details/109241791