Windows下Navicat premium15 根据已连接的数据库查看密码

最新推荐文章于 2024-07-20 19:16:04 发布

爬楼梯的巨人

最新推荐文章于 2024-07-20 19:16:04 发布

阅读量1.3k

点赞数 1

分类专栏： #数据库相关 Navicat mysql 文章标签： windows

本文链接：https://blog.csdn.net/qq_37888591/article/details/127126904

版权

#数据库相关同时被 3 个专栏收录

3 篇文章 0 订阅

订阅专栏

Navicat

1 篇文章 0 订阅

订阅专栏

mysql

1 篇文章 0 订阅

订阅专栏

该博客介绍了如何在Windows注册表中找到Navicat的密码，并通过PHP代码实现解密过程。具体步骤包括定位到注册表的特定路径，查看加密的密码字符串，然后使用提供的类进行解密操作。解密过程中涉及到AES和Blowfish加密算法。最终，在线执行PHP代码得到解密后的密码。

摘要由CSDN通过智能技术生成

一、打开注册表

windows键 + r，进入cmd 中输入 regedit

二、注册表中找到 \HKEY_CURRENT_USER\SOFTWARE\PremiumSoft\navicat\servers

根据username对应的名称，找到pwd

就是这个 F4CCCD52289EA049C45E

三、开始破译密码

<?php
class NavicatPassword
{
	protected $version = 0;
	protected $aesKey = 'libcckeylibcckey';
	protected $aesIv = 'libcciv libcciv ';
	protected $blowString = '3DC5CA39';
	protected $blowKey = null;
	protected $blowIv = null;

	public function __construct($version = 12)
	{
		$this->version = $version;
		$this->blowKey = sha1('3DC5CA39', true);
		$this->blowIv = hex2bin('d9c7c3c8870d64bd');
	}

	public function encrypt($string)
	{
		$result = FALSE;
		switch ($this->version) {
			case 11:
				$result = $this->encryptEleven($string);
				break;
			case 12:
				$result = $this->encryptTwelve($string);
				break;
			default:
				break;
		}

		return $result;
	}

	protected function encryptEleven($string)
	{
		$round = intval(floor(strlen($string) / 8));
		$leftLength = strlen($string) % 8;
		$result = '';
		$currentVector = $this->blowIv;

		for ($i = 0; $i < $round; $i++) {
			$temp = $this->encryptBlock($this->xorBytes(substr($string, 8 * $i, 8), $currentVector));
			$currentVector = $this->xorBytes($currentVector, $temp);
			$result .= $temp;
		}

		if ($leftLength) {
			$currentVector = $this->encryptBlock($currentVector);
			$result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector);
		}

		return strtoupper(bin2hex($result));
	}

	protected function encryptBlock($block)
	{
		return openssl_encrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA|OPENSSL_NO_PADDING);
	}

	protected function decryptBlock($block)
	{
		return openssl_decrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA|OPENSSL_NO_PADDING);
	}

	protected function xorBytes($str1, $str2)
	{
		$result = '';
		for ($i = 0; $i < strlen($str1); $i++) {
			$result .= chr(ord($str1[$i]) ^ ord($str2[$i]));
		}

		return $result;
	}

	protected function encryptTwelve($string)
	{
		$result = openssl_encrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv);
		return strtoupper(bin2hex($result));
	}

	public function decrypt($string)
	{
		$result = FALSE;
		switch ($this->version) {
			case 11:
				$result = $this->decryptEleven($string);
				break;
			case 12:
				$result = $this->decryptTwelve($string);
				break;
			default:
				break;
		}

		return $result;
	}

	protected function decryptEleven($upperString)
	{
		$string = hex2bin(strtolower($upperString));

		$round = intval(floor(strlen($string) / 8));
		$leftLength = strlen($string) % 8;
		$result = '';
		$currentVector = $this->blowIv;

		for ($i = 0; $i < $round; $i++) {
			$encryptedBlock = substr($string, 8 * $i, 8);
			$temp = $this->xorBytes($this->decryptBlock($encryptedBlock), $currentVector);
			$currentVector = $this->xorBytes($currentVector, $encryptedBlock);
			$result .= $temp;
		}

		if ($leftLength) {
			$currentVector = $this->encryptBlock($currentVector);
			$result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector);
		}

		return $result;
	}

	protected function decryptTwelve($upperString)
	{
		$string = hex2bin(strtolower($upperString));
		return openssl_decrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv);
	}
};


//需要指定版本两种，11或12
//$navicatPassword = new NavicatPassword(12);
$navicatPassword = new NavicatPassword(11);

//解密
$decode = $navicatPassword->decrypt('F4CCCDxxxxx49C45E');
echo $decode."\n";
?>

改一下版本号，11或者12，我是11成功了