这篇博客介绍了如何解密SecureCRT配置文件中存储的密码。密码以加密形式存在于ini文件的"Password V2"字段,通过一个Python3及以上的脚本SecureCRTCipher.py进行解密,需要安装pycryptodome模块。如果遇到pip安装问题,可以先运行`python -m ensurepip`再升级pip。
SecureCRT(8.以上)配置的密码存放在***\Config\Sessions下面的ini文件中,内容如下:
S:“Username”=******
S:“Monitor Password V2”=
S:“Password V2”=02:*****************************
其中 Password V2 里面存放着密码,02:后面就是加密后的密码。可以通过一下Python脚本来解密。
运行 python SecureCRTCipher.py dec -v2 *****************************
一下脚本适用于python3及其以上(需要安装pycryptodome模块):
#!/usr/bin/env python3
import os
from Crypto.Hash import SHA256
from Crypto.Cipher import AES, Blowfish
class SecureCRTCrypto:
def __init__(self):
'''
Initialize SecureCRTCrypto object.
'''
self.IV = b'\x00' * Blowfish.block_size
self.Key1 = b'\x24\xA6\x3D\xDE\x5B\xD3\xB3\x82\x9C\x7E\x06\xF4\x08\x16\xAA\x07'
self.Key2 = b'\x5F\xB0\x45\xA2\x94\x17\xD9\x16\xC6\xC6\xA2\xFF\x06\x41\x82\xB7'
def Encrypt(self, Plaintext : str):
'''
Encrypt plaintext and return corresponding ciphertext.
Args:
Plaintext: A string that will be encrypted.
Returns:
Hexlified ciphertext string.
'''
plain_bytes = Plaintext.encode('utf-16-le')
plain_bytes += b'\x00\x00'
padded_plain_bytes = plain_bytes + os.urandom(Blowfish.block_size - len(plain_bytes) % Blowfish.block_size)
cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
return cipher1.encrypt(os.urandom(4) + cipher2.encrypt(padded_plain_bytes) + os.urandom(4)).hex()
def Decrypt(self, Ciphertext : str):
'''
Decrypt ciphertext and return corresponding plaintext.
Args:
Ciphertext: A hex string that will be decrypted.
Returns:
Plaintext string.
'''
cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
ciphered_bytes = bytes.fromhex(Ciphertext)
最低0.47元/天 解锁文章
1285
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
