本文详细描述了如何在Navicat中利用已有的数据库连接,通过导出的加密文件和特定的PHP代码,解码出忘记的密码,涉及AES-128-CBC和BF-ECB加密算法的应用。
如何使用Navicat查看自己的数据库密码
今天在使用IDEA连接数据库时,出现了一个连接错误:ERROR 1045 (28000): Access denied for user root @ localhost (using password: YES),仔细分析了一下报错原因,意思就是:用户root@localhost的访问被拒绝(使用密码:YES),因为我电脑上的数据库是很早之前安装的,密码以及忘记了~,于是我灵机一动打开了Navicat,利用Navicat中连好的数据库查看密码。
首先打开一个以及链接成功的数据库:
此时我们可以看到,密码并不会直接显示出来…
但是不用慌,我们可以导出这个数据库的全部数据:
注意导出的时候要勾选:导出密码
之后我们会得到一个名为:connections.ncx 的文件
打开文件我们可以得到一个加密过的密码:
到这一步我们只需要将加密后的密码进行解码就可以了。
-
打开https://tool.lu/coderunner,使用PHP在线运行工具
-
粘贴如下代码:
<?php class NavicatPassword { protected $version = 0; protected $aesKey = 'libcckeylibcckey'; protected $aesIv = 'libcciv libcciv '; protected $blowString = '3DC5CA39'; protected $blowKey = null; protected $blowIv = null; public function __construct($version = 12) { $this->version = $version; $this->blowKey = sha1('3DC5CA39', true); $this->blowIv = hex2bin('d9c7c3c8870d64bd'); } public function encrypt($string) { $result = FALSE; switch ($this->version) { case 11: $result = $this->encryptEleven($string); break; case 12: $result = $this->encryptTwelve($string); break; default: break; } return $result; } protected function encryptEleven($string) { $round = intval(floor(strlen($string) / 8)); $leftLength = strlen($string) % 8; $result = ''; $currentVector = $this->blowIv; for ($i = 0; $i < $round; $i++) { $temp = $this->encryptBlock($this->xorBytes(substr($string, 8 * $i, 8), $currentVector)); $currentVector = $this->xorBytes($currentVector, $temp); $result .= $temp; } if ($leftLength) { $currentVector = $this->encryptBlock($currentVector); $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector); } return strtoupper(bin2hex($result)); } protected function encryptBlock($block) { return openssl_encrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA|OPENSSL_NO_PADDING); } protected function decryptBlock($block) { return openssl_decrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA|OPENSSL_NO_PADDING); } protected function xorBytes($str1, $str2) { $result = ''; for ($i = 0; $i < strlen($str1); $i++) { $result .= chr(ord($str1[$i]) ^ ord($str2[$i])); } return $result; } protected function encryptTwelve($string) { $result = openssl_encrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv); return strtoupper(bin2hex($result)); } public function decrypt($string) { $result = FALSE; switch ($this->version) { case 11: $result = $this->decryptEleven($string); break; case 12: $result = $this->decryptTwelve($string); break; default: break; } return $result; } protected function decryptEleven($upperString) { $string = hex2bin(strtolower($upperString)); $round = intval(floor(strlen($string) / 8)); $leftLength = strlen($string) % 8; $result = ''; $currentVector = $this->blowIv; for ($i = 0; $i < $round; $i++) { $encryptedBlock = substr($string, 8 * $i, 8); $temp = $this->xorBytes($this->decryptBlock($encryptedBlock), $currentVector); $currentVector = $this->xorBytes($currentVector, $encryptedBlock); $result .= $temp; } if ($leftLength) { $currentVector = $this->encryptBlock($currentVector); $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector); } return $result; } protected function decryptTwelve($upperString) { $string = hex2bin(strtolower($upperString)); return openssl_decrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv); } }; //需要指定版本两种,11或12 //$navicatPassword = new NavicatPassword(11); $navicatPassword = new NavicatPassword(12); //解密 //$decode = $navicatPassword->decrypt('15057D7BA390'); $decode = $navicatPassword->decrypt('2C6C64D650CADE7B9C8CD834A01A4C85'); echo $decode."\n"; ?> -
点击运行,就可以得到自己数据库的密码了
239
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
