热门标签
热门文章
- 1机器学习笔记&Python笔记:HMM(隐马尔科夫模型)_python hmm
- 2桥接模式C++实现
- 3Jenkins、gitlab新建maven项目及自动化部署_gitlab 如何 生成 jar 部署包
- 4kafka异常问题汇总_this server is not the leader for that topic-parti
- 5mysql 拼接sql批量执行_MySQL的sql执行步骤及优化
- 6Flutter学习第四篇之Android如何打开Flutter页面_android 点击打开flutter指定页面的方式
- 7AI大模型探索之路-训练篇22: ChatGLM3微调实战-从原理到应用的LoRA技术全解_chatglm3模型lora微调
- 8大学有感(学习、考研与找工作)_大学做什么对考研有帮助
- 9网易云 6 亿用户音乐推荐算法_网易云音乐推荐系统是基于什么算法
- 10深度学习:基于TensorFlow、Keras,使用长短期记忆神经网络模型(LSTM)对Microsoft股票进行预测分析_tensorflow.keras. lstm
当前位置: article > 正文
SecureCRT密码破解(实验环境:win10,SecureCRT Version 9.1.0 (x64 build 2579))_securecrt 密码解密
作者:知新_RL | 2024-07-17 23:35:47
赞
踩
securecrt 密码解密
实验环境:win10,
SecureCRT:Version 9.1.0 (x64 build 2579)
1. SecureCRTCipher.py 文件
- #!/usr/bin/env python3
- import os
- from Crypto.Hash import SHA256
- from Crypto.Cipher import AES, Blowfish
-
- class SecureCRTCrypto:
-
- def __init__(self):
- '''
- Initialize SecureCRTCrypto object.
- '''
- self.IV = b'\x00' * Blowfish.block_size
- self.Key1 = b'\x24\xA6\x3D\xDE\x5B\xD3\xB3\x82\x9C\x7E\x06\xF4\x08\x16\xAA\x07'
- self.Key2 = b'\x5F\xB0\x45\xA2\x94\x17\xD9\x16\xC6\xC6\xA2\xFF\x06\x41\x82\xB7'
-
- def Encrypt(self, Plaintext : str):
- '''
- Encrypt plaintext and return corresponding ciphertext.
- Args:
- Plaintext: A string that will be encrypted.
- Returns:
- Hexlified ciphertext string.
- '''
- plain_bytes = Plaintext.encode('utf-16-le')
- plain_bytes += b'\x00\x00'
- padded_plain_bytes = plain_bytes + os.urandom(Blowfish.block_size - len(plain_bytes) % Blowfish.block_size)
-
- cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
- cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
- return cipher1.encrypt(os.urandom(4) + cipher2.encrypt(padded_plain_bytes) + os.urandom(4)).hex()
-
- def Decrypt(self, Ciphertext : str):
- '''
- Decrypt ciphertext and return corresponding plaintext.
- Args:
- Ciphertext: A hex string that will be decrypted.
- Returns:
- Plaintext string.
- '''
-
- cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
- cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
- ciphered_bytes = bytes.fromhex(Ciphertext)
- if len(ciphered_bytes) <= 8:
- raise ValueError('Invalid Ciphertext.')
-
- padded_plain_bytes = cipher2.decrypt(cipher1.decrypt(ciphered_bytes)[4:-4])
-
- i = 0
- for i in range(0, len(padded_plain_bytes), 2):
- if padded_plain_bytes[i] == 0 and padded_plain_bytes[i + 1] == 0:
- break
- plain_bytes = padded_plain_bytes[0:i]
-
- try:
- return plain_bytes.decode('utf-16-le')
- except UnicodeDecodeError:
- raise(ValueError('Invalid Ciphertext.'))
-
- class SecureCRTCryptoV2:
-
- def __init__(self, ConfigPassphrase : str = ''):
- '''
- Initialize SecureCRTCryptoV2 object.
- Args:
- ConfigPassphrase: The config passphrase that SecureCRT uses. Leave it empty if config passphrase is not set.
- '''
- self.IV = b'\x00' * AES.block_size
- self.Key = SHA256.new(ConfigPassphrase.encode('utf-8')).digest()
-
- def Encrypt(self, Plaintext : str):
- '''
- Encrypt plaintext and return corresponding ciphertext.
- Args:
- Plaintext: A string that will be encrypted.
- Returns:
- Hexlified ciphertext string.
- '''
- plain_bytes = Plaintext.encode('utf-8')
- if len(plain_bytes) > 0xffffffff:
- raise OverflowError('Plaintext is too long.')
-
- plain_bytes = \
- len(plain_bytes).to_bytes(4, 'little') + \
- plain_bytes + \
- SHA256.new(plain_bytes).digest()
- padded_plain_bytes = \
- plain_bytes + \
- os.urandom(AES.block_size - len(plain_bytes) % AES.block_size)
- cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV)
- return cipher.encrypt(padded_plain_bytes).hex()
-
- def Decrypt(self, Ciphertext : str):
- '''
- Decrypt ciphertext and return corresponding plaintext.
- Args:
- Ciphertext: A hex string that will be decrypted.
- Returns:
- Plaintext string.
- '''
- cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV)
- padded_plain_bytes = cipher.decrypt(bytes.fromhex(Ciphertext))
-
- plain_bytes_length = int.from_bytes(padded_plain_bytes[0:4], 'little')
- plain_bytes = padded_plain_bytes[4:4 + plain_bytes_length]
- if len(plain_bytes) != plain_bytes_length:
- raise ValueError('Invalid Ciphertext.')
-
- plain_bytes_digest = padded_plain_bytes[4 + plain_bytes_length:4 + plain_bytes_length + SHA256.digest_size]
- if len(plain_bytes_digest) != SHA256.digest_size:
- raise ValueError('Invalid Ciphertext.')
-
- if SHA256.new(plain_bytes).digest() != plain_bytes_digest:
- raise ValueError('Invalid Ciphertext.')
-
- return plain_bytes.decode('utf-8')
-
- if __name__ == '__main__':
- import sys
-
- def Help():
- print('Usage:')
- print(' SecureCRTCipher.py <enc|dec> [-v2] [-p ConfigPassphrase] <plaintext|ciphertext>')
- print('')
- print(' <enc|dec> "enc" for encryption, "dec" for decryption.')
- print(' This parameter must be specified.')
- print('')
- print(' [-v2] Encrypt/Decrypt with "Password V2" algorithm.')
- print(' This parameter is optional.')
- print('')
- print(' [-p ConfigPassphrase] The config passphrase that SecureCRT uses.')
- print(' This parameter is optional.')
- print('')
- print(' <plaintext|ciphertext> Plaintext string or ciphertext string.')
- print(' NOTICE: Ciphertext string must be a hex string.')
- print(' This parameter must be specified.')
- print('')
-
- def EncryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Plaintext : str):
- try:
- if UseV2:
- print(SecureCRTCryptoV2(ConfigPassphrase).Encrypt(Plaintext))
- else:
- print(SecureCRTCrypto().Encrypt(Plaintext))
- return True
- except:
- print('Error: Failed to encrypt.')
- return False
-
- def DecryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Ciphertext : str):
- try:
- if UseV2:
- print(SecureCRTCryptoV2(ConfigPassphrase).Decrypt(Ciphertext))
- else:
- print(SecureCRTCrypto().Decrypt(Ciphertext))
- return True
- except:
- print('Error: Failed to decrypt.')
- return False
-
- def Main(argc : int, argv : list):
- if 3 <= argc and argc <= 6:
- bUseV2 = False
- ConfigPassphrase = ''
-
- if argv[1].lower() == 'enc':
- bEncrypt = True
- elif argv[1].lower() == 'dec':
- bEncrypt = False
- else:
- Help()
- return -1
-
- i = 2
- while i < argc - 1:
- if argv[i].lower() == '-v2':
- bUseV2 = True
- i += 1
- elif argv[i].lower() == '-p' and i + 1 < argc - 1:
- ConfigPassphrase = argv[i + 1]
- i += 2
- else:
- Help()
- return -1
-
- if bUseV2 == False and len(ConfigPassphrase) != 0:
- print('Error: ConfigPassphrase is not supported if "-v2" is not specified')
- return -1
-
- if bEncrypt:
- return 0 if EncryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1
- else:
- return 0 if DecryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1
- else:
- Help()
-
- exit(Main(len(sys.argv), sys.argv))
-
2. 安装 python3
【https://www.python.org/ftp/python/3.10.9/python-3.10.9-amd64.exe】(不要安装2)
3. 配置环境变量
【一个是 python.exe 所在目录,另一个是 pip.exe 所在目录】
我的目录是在
C:\Users\admin\AppData\Local\Programs\Python\Python310
C:\Users\admin\AppData\Local\Programs\Python\Python310\Scripts
可按照实际安装情况自行配置
4. 安装 三方库 (不是pyCrypto )
pip install pycryptodome
5. 找到 SecureCRT 配置文件密码
C:\Users\admin\AppData\Roaming\VanDyke\Config\Sessions\192.168.1.1.ini
6. 执行解密
在 cmd 下,执行
python SecureCRTCipher.py dec -v2 这里写加密的 02:后面的那串码(下面的截图换行是因为密文太长了,自动换行了,不是分两行执行)
各种失败情况及原因:
1. 不要看他们说的安装 python2版本,安装 3 版本。否则报错 File "SecureCRTCipher.py", line 16 def Encrypt(self, Plaintext : str):
2. 没有 pip 命令,要将 python 安装目录下的 Scripts 目录也加入到环境变量中
3. pip install pyCrypto 命令执行失败【原因可能是已经弃用 pyCrypto 包,现在使用 pycryptodome 包】
4. 其他小问题,打开命令行执行了 SeicureCRTCipher.py 结果报错 python: can't open file 'C:\\Users\\admin\\SecureCRTCipher.py': [Errno 2] No such file or directory
因为我把 SeicureCRTCipher.py 放到了桌面,所以先把 cmd 切换目录到 C:\Users\admin>cd Desktop
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/知新_RL/article/detail/842573
推荐阅读
相关标签
