脚本之家,脚本语言编程技术及教程分享平台!
分类导航

Python|VBS|Ruby|Lua|perl|VBA|Golang|PowerShell|Erlang|autoit|Dos|bat|

服务器之家 - 脚本之家 - Python - SecureCRTSecure7.0查看连接密码的步骤

SecureCRTSecure7.0查看连接密码的步骤

2021-11-21 11:27stone-liu Python

SecureCRTSecure7密码查看的方法大概可以分为两个步骤,第一步需要查看系统保存的连接的ini文件,第二步破解加密之后的密码,具体脚本请参考下本文

整体分为两步:

第一步:查看系统保存的连接的ini文件(大概位置:F:SecureCRTSecureFX_HH_x64_7.0.0.326DataSettingsConfigSessions)

SecureCRTSecure7.0查看连接密码的步骤

ini文件的格式样例:

--ip地址
S:"Hostname"=192.168.0.145
--登录用户
S:"Username"=root
--端口,加密
D:"[SSH2] 端口"=00000016
--密码,加密,解密需要u之后的字符串
S:"Password"=u2c7d50aae53e14eb94ef0cb377c247a77c2dbcea95333365

第二步:破解加密之后的密码,这个使用python3,具体脚本如下:

#!/usr/bin/env python3
import os
from Crypto.Hash import SHA256
from Crypto.Cipher import AES, Blowfish
 
class SecureCRTCrypto:
 
    def __init__(self):
        """
        Initialize SecureCRTCrypto object.
        """
        self.IV = b"x00" * Blowfish.block_size
        self.Key1 = b"x24xA6x3DxDEx5BxD3xB3x82x9Cx7Ex06xF4x08x16xAAx07"
        self.Key2 = b"x5FxB0x45xA2x94x17xD9x16xC6xC6xA2xFFx06x41x82xB7"
 
    def Encrypt(self, Plaintext : str):
        """
        Encrypt plaintext and return corresponding ciphertext.
        Args:
            Plaintext: A string that will be encrypted.
        Returns:
            Hexlified ciphertext string.
        """
        plain_bytes = Plaintext.encode("utf-16-le")
        plain_bytes += b"x00x00"
        padded_plain_bytes = plain_bytes + os.urandom(Blowfish.block_size - len(plain_bytes) % Blowfish.block_size)
 
        cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
        cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
        return cipher1.encrypt(os.urandom(4) + cipher2.encrypt(padded_plain_bytes) + os.urandom(4)).hex()
 
    def Decrypt(self, Ciphertext : str):
        """
        Decrypt ciphertext and return corresponding plaintext.
        Args:
            Ciphertext: A hex string that will be decrypted.
        Returns:
            Plaintext string.
        """
 
        cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV)
        cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV)
        ciphered_bytes = bytes.fromhex(Ciphertext)
        if len(ciphered_bytes) <= 8:
            raise ValueError("Invalid Ciphertext.")
        
        padded_plain_bytes = cipher2.decrypt(cipher1.decrypt(ciphered_bytes)[4:-4])
        
        i = 0
        for i in range(0, len(padded_plain_bytes), 2):
            if padded_plain_bytes[i] == 0 and padded_plain_bytes[i + 1] == 0:
                break
        plain_bytes = padded_plain_bytes[0:i]
 
        try:
            return plain_bytes.decode("utf-16-le")
        except UnicodeDecodeError:
            raise(ValueError("Invalid Ciphertext."))
 
class SecureCRTCryptoV2:
 
    def __init__(self, ConfigPassphrase : str = ""):
        """
        Initialize SecureCRTCryptoV2 object.
        Args:
            ConfigPassphrase: The config passphrase that SecureCRT uses. Leave it empty if config passphrase is not set.
        """
        self.IV = b"x00" * AES.block_size
        self.Key = SHA256.new(ConfigPassphrase.encode("utf-8")).digest()
 
    def Encrypt(self, Plaintext : str):
        """
        Encrypt plaintext and return corresponding ciphertext.
        Args:
            Plaintext: A string that will be encrypted.
        Returns:
            Hexlified ciphertext string.
        """
        plain_bytes = Plaintext.encode("utf-8")
        if len(plain_bytes) > 0xffffffff:
            raise OverflowError("Plaintext is too long.")
        
        plain_bytes = 
            len(plain_bytes).to_bytes(4, "little") + 
            plain_bytes + 
            SHA256.new(plain_bytes).digest()
        padded_plain_bytes = 
            plain_bytes + 
            os.urandom(AES.block_size - len(plain_bytes) % AES.block_size)
        cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV)
        return cipher.encrypt(padded_plain_bytes).hex()
 
    def Decrypt(self, Ciphertext : str):
        """
        Decrypt ciphertext and return corresponding plaintext.
        Args:
            Ciphertext: A hex string that will be decrypted.
        Returns:
            Plaintext string.
        """
        cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV)
        padded_plain_bytes = cipher.decrypt(bytes.fromhex(Ciphertext))
        
        plain_bytes_length = int.from_bytes(padded_plain_bytes[0:4], "little")
        plain_bytes = padded_plain_bytes[4:4 + plain_bytes_length]
        if len(plain_bytes) != plain_bytes_length:
            raise ValueError("Invalid Ciphertext.")
 
        plain_bytes_digest = padded_plain_bytes[4 + plain_bytes_length:4 + plain_bytes_length + SHA256.digest_size]
        if len(plain_bytes_digest) != SHA256.digest_size:
            raise ValueError("Invalid Ciphertext.")
 
        if SHA256.new(plain_bytes).digest() != plain_bytes_digest:
            raise ValueError("Invalid Ciphertext.")
 
        return plain_bytes.decode("utf-8")
 
if __name__ == "__main__":
    import sys
 
    def Help():
        print("Usage:")
        print("    SecureCRTCipher.py <enc|dec> [-v2] [-p ConfigPassphrase] <plaintext|ciphertext>")
        print("")
        print("    <enc|dec>              "enc" for encryption, "dec" for decryption.")
        print("                           This parameter must be specified.")
        print("")
        print("    [-v2]                  Encrypt/Decrypt with "Password V2" algorithm.")
        print("                           This parameter is optional.")
        print("")
        print("    [-p ConfigPassphrase]  The config passphrase that SecureCRT uses.")
        print("                           This parameter is optional.")
        print("")
        print("    <plaintext|ciphertext> Plaintext string or ciphertext string.")
        print("                           NOTICE: Ciphertext string must be a hex string.")
        print("                           This parameter must be specified.")
        print("")
    
    def EncryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Plaintext : str):
        try:
            if UseV2:
                print(SecureCRTCryptoV2(ConfigPassphrase).Encrypt(Plaintext))
            else:
                print(SecureCRTCrypto().Encrypt(Plaintext))
            return True
        except:
            print("Error: Failed to encrypt.")
            return False
 
    def DecryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Ciphertext : str):
        try:
            if UseV2:
                print(SecureCRTCryptoV2(ConfigPassphrase).Decrypt(Ciphertext))
            else:
                print(SecureCRTCrypto().Decrypt(Ciphertext))
            return True
        except:
            print("Error: Failed to decrypt.")
            return False
 
    def Main(argc : int, argv : list):
        if 3 <= argc and argc <= 6:
            bUseV2 = False
            ConfigPassphrase = ""
 
            if argv[1].lower() == "enc":
                bEncrypt = True
            elif argv[1].lower() == "dec":
                bEncrypt = False
            else:
                Help()
                return -1
            
            i = 2
            while i < argc - 1:
                if argv[i].lower() == "-v2":
                    bUseV2 = True
                    i += 1
                elif argv[i].lower() == "-p" and i + 1 < argc - 1:
                    ConfigPassphrase = argv[i + 1]
                    i += 2
                else:
                    Help()
                    return -1
 
            if bUseV2 == False and len(ConfigPassphrase) != 0:
                print("Error: ConfigPassphrase is not supported if "-v2" is not specified")
                return -1
 
            if bEncrypt:
                return 0 if EncryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1
            else:
                return 0 if DecryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1
        else:
            Help()
 
    exit(Main(len(sys.argv), sys.argv))

将上面的python代码保存为:SecureCRTCipher.py,使用分为两种情况:

第一种:

密码的格式如下:

S:"PasswordV2"=02:7b9f594a1f39bb36bbaa0d9688ee38b3d233c67b338e20e2113f2ba4d328b6fc8c804e3c02324b1eaad57a5b96ac1fc5cc1ae0ee2930e6af2e5e644a28ebe3fc

执行脚本:

python SecureCRTCipher.py dec -v2 7b9f594a1f39bb36bbaa0d9688ee38b3d233c67b338e20e2113f2ba4d328b6fc8c804e3c02324b1eaad57a5b96ac1fc5cc1ae0ee2930e6af2e5e644a28ebe3fc

第二种:

密码的格式如下:

S:"Password"=uc71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2

执行脚本:注意密码的字符串去掉u

python SecureCRTCipher.py dec c71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2

执行上述脚本,python需要安装pycryptodome模块,安装脚本:

pip install pycryptodome

以上就是SecureCRTSecure7.0连接密码查看的详细内容,更多关于SecureCRTSecure7密码查看的资料请关注服务器之家其它相关文章!

原文链接:https://blog.csdn.net/stones_liu/article/details/117439873

延伸 · 阅读

精彩推荐