整体分为两步:
第一步:查看系统保存的连接的ini文件(大概位置:F:SecureCRTSecureFX_HH_x64_7.0.0.326DataSettingsConfigSessions)
ini文件的格式样例:
--ip地址 S:"Hostname"=192.168.0.145 --登录用户 S:"Username"=root --端口,加密 D:"[SSH2] 端口"=00000016 --密码,加密,解密需要u之后的字符串 S:"Password"=u2c7d50aae53e14eb94ef0cb377c247a77c2dbcea95333365
第二步:破解加密之后的密码,这个使用python3,具体脚本如下:
#!/usr/bin/env python3 import os from Crypto.Hash import SHA256 from Crypto.Cipher import AES, Blowfish class SecureCRTCrypto: def __init__(self): """ Initialize SecureCRTCrypto object. """ self.IV = b"x00" * Blowfish.block_size self.Key1 = b"x24xA6x3DxDEx5BxD3xB3x82x9Cx7Ex06xF4x08x16xAAx07" self.Key2 = b"x5FxB0x45xA2x94x17xD9x16xC6xC6xA2xFFx06x41x82xB7" def Encrypt(self, Plaintext : str): """ Encrypt plaintext and return corresponding ciphertext. Args: Plaintext: A string that will be encrypted. Returns: Hexlified ciphertext string. """ plain_bytes = Plaintext.encode("utf-16-le") plain_bytes += b"x00x00" padded_plain_bytes = plain_bytes + os.urandom(Blowfish.block_size - len(plain_bytes) % Blowfish.block_size) cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV) cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV) return cipher1.encrypt(os.urandom(4) + cipher2.encrypt(padded_plain_bytes) + os.urandom(4)).hex() def Decrypt(self, Ciphertext : str): """ Decrypt ciphertext and return corresponding plaintext. Args: Ciphertext: A hex string that will be decrypted. Returns: Plaintext string. """ cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, iv = self.IV) cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, iv = self.IV) ciphered_bytes = bytes.fromhex(Ciphertext) if len(ciphered_bytes) <= 8: raise ValueError("Invalid Ciphertext.") padded_plain_bytes = cipher2.decrypt(cipher1.decrypt(ciphered_bytes)[4:-4]) i = 0 for i in range(0, len(padded_plain_bytes), 2): if padded_plain_bytes[i] == 0 and padded_plain_bytes[i + 1] == 0: break plain_bytes = padded_plain_bytes[0:i] try: return plain_bytes.decode("utf-16-le") except UnicodeDecodeError: raise(ValueError("Invalid Ciphertext.")) class SecureCRTCryptoV2: def __init__(self, ConfigPassphrase : str = ""): """ Initialize SecureCRTCryptoV2 object. Args: ConfigPassphrase: The config passphrase that SecureCRT uses. Leave it empty if config passphrase is not set. """ self.IV = b"x00" * AES.block_size self.Key = SHA256.new(ConfigPassphrase.encode("utf-8")).digest() def Encrypt(self, Plaintext : str): """ Encrypt plaintext and return corresponding ciphertext. Args: Plaintext: A string that will be encrypted. Returns: Hexlified ciphertext string. """ plain_bytes = Plaintext.encode("utf-8") if len(plain_bytes) > 0xffffffff: raise OverflowError("Plaintext is too long.") plain_bytes = len(plain_bytes).to_bytes(4, "little") + plain_bytes + SHA256.new(plain_bytes).digest() padded_plain_bytes = plain_bytes + os.urandom(AES.block_size - len(plain_bytes) % AES.block_size) cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV) return cipher.encrypt(padded_plain_bytes).hex() def Decrypt(self, Ciphertext : str): """ Decrypt ciphertext and return corresponding plaintext. Args: Ciphertext: A hex string that will be decrypted. Returns: Plaintext string. """ cipher = AES.new(self.Key, AES.MODE_CBC, iv = self.IV) padded_plain_bytes = cipher.decrypt(bytes.fromhex(Ciphertext)) plain_bytes_length = int.from_bytes(padded_plain_bytes[0:4], "little") plain_bytes = padded_plain_bytes[4:4 + plain_bytes_length] if len(plain_bytes) != plain_bytes_length: raise ValueError("Invalid Ciphertext.") plain_bytes_digest = padded_plain_bytes[4 + plain_bytes_length:4 + plain_bytes_length + SHA256.digest_size] if len(plain_bytes_digest) != SHA256.digest_size: raise ValueError("Invalid Ciphertext.") if SHA256.new(plain_bytes).digest() != plain_bytes_digest: raise ValueError("Invalid Ciphertext.") return plain_bytes.decode("utf-8") if __name__ == "__main__": import sys def Help(): print("Usage:") print(" SecureCRTCipher.py <enc|dec> [-v2] [-p ConfigPassphrase] <plaintext|ciphertext>") print("") print(" <enc|dec> "enc" for encryption, "dec" for decryption.") print(" This parameter must be specified.") print("") print(" [-v2] Encrypt/Decrypt with "Password V2" algorithm.") print(" This parameter is optional.") print("") print(" [-p ConfigPassphrase] The config passphrase that SecureCRT uses.") print(" This parameter is optional.") print("") print(" <plaintext|ciphertext> Plaintext string or ciphertext string.") print(" NOTICE: Ciphertext string must be a hex string.") print(" This parameter must be specified.") print("") def EncryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Plaintext : str): try: if UseV2: print(SecureCRTCryptoV2(ConfigPassphrase).Encrypt(Plaintext)) else: print(SecureCRTCrypto().Encrypt(Plaintext)) return True except: print("Error: Failed to encrypt.") return False def DecryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Ciphertext : str): try: if UseV2: print(SecureCRTCryptoV2(ConfigPassphrase).Decrypt(Ciphertext)) else: print(SecureCRTCrypto().Decrypt(Ciphertext)) return True except: print("Error: Failed to decrypt.") return False def Main(argc : int, argv : list): if 3 <= argc and argc <= 6: bUseV2 = False ConfigPassphrase = "" if argv[1].lower() == "enc": bEncrypt = True elif argv[1].lower() == "dec": bEncrypt = False else: Help() return -1 i = 2 while i < argc - 1: if argv[i].lower() == "-v2": bUseV2 = True i += 1 elif argv[i].lower() == "-p" and i + 1 < argc - 1: ConfigPassphrase = argv[i + 1] i += 2 else: Help() return -1 if bUseV2 == False and len(ConfigPassphrase) != 0: print("Error: ConfigPassphrase is not supported if "-v2" is not specified") return -1 if bEncrypt: return 0 if EncryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1 else: return 0 if DecryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1 else: Help() exit(Main(len(sys.argv), sys.argv))
将上面的python代码保存为:SecureCRTCipher.py,使用分为两种情况:
第一种:
密码的格式如下:
S:"PasswordV2"=02:7b9f594a1f39bb36bbaa0d9688ee38b3d233c67b338e20e2113f2ba4d328b6fc8c804e3c02324b1eaad57a5b96ac1fc5cc1ae0ee2930e6af2e5e644a28ebe3fc
执行脚本:
python SecureCRTCipher.py dec -v2 7b9f594a1f39bb36bbaa0d9688ee38b3d233c67b338e20e2113f2ba4d328b6fc8c804e3c02324b1eaad57a5b96ac1fc5cc1ae0ee2930e6af2e5e644a28ebe3fc
第二种:
密码的格式如下:
S:"Password"=uc71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2
执行脚本:注意密码的字符串去掉u
python SecureCRTCipher.py dec c71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2
执行上述脚本,python需要安装pycryptodome模块,安装脚本:
pip install pycryptodome
以上就是SecureCRTSecure7.0连接密码查看的详细内容,更多关于SecureCRTSecure7密码查看的资料请关注服务器之家其它相关文章!
原文链接:https://blog.csdn.net/stones_liu/article/details/117439873