From 413247e6644657216eab5da5c30dc9d383a1adce Mon Sep 17 00:00:00 2001 From: Davide Depau Date: Sat, 7 Sep 2019 00:56:33 +0200 Subject: [PATCH] Move decrypt script from submodule to main repo --- .gitmodules | 3 - SecureCRTCipher.py | 212 +++++++++++++++++++++++++++++++++++++++++++++ decrypt | 1 - 3 files changed, 212 insertions(+), 4 deletions(-) create mode 100755 SecureCRTCipher.py delete mode 160000 decrypt diff --git a/.gitmodules b/.gitmodules index 107cc5e..9d1a118 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,3 @@ [submodule "easybashgui"] path = easybashgui url = https://github.com/BashGui/easybashgui.git -[submodule "decrypt"] - path = decrypt - url = https://github.com/DoubleLabyrinth/how-does-SecureCRT-encrypt-password.git diff --git a/SecureCRTCipher.py b/SecureCRTCipher.py new file mode 100755 index 0000000..7264654 --- /dev/null +++ b/SecureCRTCipher.py @@ -0,0 +1,212 @@ +#!/usr/bin/env python3 + +## Adapted from https://github.com/DoubleLabyrinth/how-does-SecureCRT-encrypt-password + +import os +from Crypto.Hash import SHA256 +from Crypto.Cipher import AES, Blowfish + +class SecureCRTCrypto: + + def __init__(self): + ''' + Initialize SecureCRTCrypto object. + ''' + self.IV = b'\x00' * Blowfish.block_size + self.Key1 = b'\x24\xA6\x3D\xDE\x5B\xD3\xB3\x82\x9C\x7E\x06\xF4\x08\x16\xAA\x07' + self.Key2 = b'\x5F\xB0\x45\xA2\x94\x17\xD9\x16\xC6\xC6\xA2\xFF\x06\x41\x82\xB7' + + def Encrypt(self, Plaintext : str): + ''' + Encrypt plaintext and return corresponding ciphertext. + + Args: + Plaintext: A string that will be encrypted. + + Returns: + Hexlified ciphertext string. + ''' + plain_bytes = Plaintext.encode('utf-16-le') + plain_bytes += b'\x00\x00' + padded_plain_bytes = plain_bytes + os.urandom(Blowfish.block_size - len(plain_bytes) % Blowfish.block_size) + + cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, IV = self.IV) + cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, IV = self.IV) + return cipher1.encrypt(os.urandom(4) + cipher2.encrypt(padded_plain_bytes) + os.urandom(4)).hex() + + def Decrypt(self, Ciphertext : str): + ''' + Decrypt ciphertext and return corresponding plaintext. + + Args: + Ciphertext: A hex string that will be decrypted. + + Returns: + Plaintext string. + ''' + + cipher1 = Blowfish.new(self.Key1, Blowfish.MODE_CBC, IV = self.IV) + cipher2 = Blowfish.new(self.Key2, Blowfish.MODE_CBC, IV = self.IV) + ciphered_bytes = bytes.fromhex(Ciphertext) + if len(ciphered_bytes) <= 8: + raise ValueError('Invalid Ciphertext.') + + padded_plain_bytes = cipher2.decrypt(cipher1.decrypt(ciphered_bytes)[4:-4]) + + i = 0 + for i in range(0, len(padded_plain_bytes), 2): + if padded_plain_bytes[i] == 0 and padded_plain_bytes[i + 1] == 0: + break + plain_bytes = padded_plain_bytes[0:i] + + try: + return plain_bytes.decode('utf-16-le') + except UnicodeDecodeError: + raise(ValueError('Invalid Ciphertext.')) + +class SecureCRTCryptoV2: + + def __init__(self, ConfigPassphrase : str = ''): + ''' + Initialize SecureCRTCryptoV2 object. + + Args: + ConfigPassphrase: The config passphrase that SecureCRT uses. Leave it empty if config passphrase is not set. + ''' + self.IV = b'\x00' * AES.block_size + self.Key = SHA256.new(ConfigPassphrase.encode('utf-8')).digest() + + def Encrypt(self, Plaintext : str): + ''' + Encrypt plaintext and return corresponding ciphertext. + + Args: + Plaintext: A string that will be encrypted. + + Returns: + Hexlified ciphertext string. + ''' + plain_bytes = Plaintext.encode('utf-8') + if len(plain_bytes) > 0xffffffff: + raise OverflowError('Plaintext is too long.') + + plain_bytes = \ + len(plain_bytes).to_bytes(4, 'little') + \ + plain_bytes + \ + SHA256.new(plain_bytes).digest() + padded_plain_bytes = \ + plain_bytes + \ + os.urandom(AES.block_size - len(plain_bytes) % AES.block_size) + cipher = AES.new(self.Key, AES.MODE_CBC, IV = self.IV) + return cipher.encrypt(padded_plain_bytes).hex() + + def Decrypt(self, Ciphertext : str): + ''' + Decrypt ciphertext and return corresponding plaintext. + + Args: + Ciphertext: A hex string that will be decrypted. + + Returns: + Plaintext string. + ''' + cipher = AES.new(self.Key, AES.MODE_CBC, IV = self.IV) + padded_plain_bytes = cipher.decrypt(bytes.fromhex(Ciphertext)) + + plain_bytes_length = int.from_bytes(padded_plain_bytes[0:4], 'little') + plain_bytes = padded_plain_bytes[4:4 + plain_bytes_length] + if len(plain_bytes) != plain_bytes_length: + raise ValueError('Invalid Ciphertext.') + + plain_bytes_digest = padded_plain_bytes[4 + plain_bytes_length:4 + plain_bytes_length + SHA256.digest_size] + if len(plain_bytes_digest) != SHA256.digest_size: + raise ValueError('Invalid Ciphertext.') + + if SHA256.new(plain_bytes).digest() != plain_bytes_digest: + raise ValueError('Invalid Ciphertext.') + + return plain_bytes.decode('utf-8') + +if __name__ == '__main__': + import sys + + def Help(): + print('Usage:') + print(' SecureCRTCipher.py [-v2] [-p ConfigPassphrase] ') + print('') + print(' "enc" for encryption, "dec" for decryption.') + print(' This parameter must be specified.') + print('') + print(' [-v2] Encrypt/Decrypt with "Password V2" algorithm.') + print(' This parameter is optional.') + print('') + print(' [-p ConfigPassphrase] The config passphrase that SecureCRT uses.') + print(' This parameter is optional.') + print('') + print(' Plaintext string or ciphertext string.') + print(' NOTICE: Ciphertext string must be a hex string.') + print(' This parameter must be specified.') + print('') + + def EncryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Plaintext : str): + try: + if UseV2: + print(SecureCRTCryptoV2(ConfigPassphrase).Encrypt(Plaintext)) + else: + print(SecureCRTCrypto().Encrypt(Plaintext)) + return True + except: + raise + print('Error: Failed to encrypt.') + return False + + def DecryptionRoutine(UseV2 : bool, ConfigPassphrase : str, Ciphertext : str): + try: + if UseV2: + print(SecureCRTCryptoV2(ConfigPassphrase).Decrypt(Ciphertext)) + else: + print(SecureCRTCrypto().Decrypt(Ciphertext)) + return True + except: + raise + print('Error: Failed to decrypt.') + return False + + def Main(argc : int, argv : list): + if 3 <= argc and argc <= 6: + bUseV2 = False + ConfigPassphrase = '' + + if argv[1].lower() == 'enc': + bEncrypt = True + elif argv[1].lower() == 'dec': + bEncrypt = False + else: + Help() + return -1 + + i = 2 + while i < argc - 1: + if argv[i].lower() == '-v2': + bUseV2 = True + i += 1 + elif argv[i].lower() == '-p' and i + 1 < argc - 1: + ConfigPassphrase = argv[i + 1] + i += 2 + else: + Help() + return -1 + + if bUseV2 == False and len(ConfigPassphrase) != 0: + print('Error: ConfigPassphrase is not supported if "-v2" is not specified') + return -1 + + if bEncrypt: + return 0 if EncryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1 + else: + return 0 if DecryptionRoutine(bUseV2, ConfigPassphrase, argv[-1]) else -1 + else: + Help() + + exit(Main(len(sys.argv), sys.argv)) + diff --git a/decrypt b/decrypt deleted file mode 160000 index aa0792b..0000000 --- a/decrypt +++ /dev/null @@ -1 +0,0 @@ -Subproject commit aa0792baf9cb7179f219c53c41ecffcfaa1c7f33