Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python3
- import sys, hashlib
- def decrypt_password(user, pass_enc):
- key = hashlib.md5(user + b"283i4jfkai3389").digest()
- passw = ""
- for i in range(0, len(pass_enc)):
- passw += chr(pass_enc[i] ^ key[i % len(key)])
- return passw.split("\x00")[0]
- def extract_user_pass_from_entry(entry):
- user_data = entry.split(b"\x01\x00\x00\x21")[1]
- pass_data = entry.split(b"\x11\x00\x00\x21")[1]
- user_len = user_data[0]
- pass_len = pass_data[0]
- username = user_data[1:1 + user_len]
- password = pass_data[1:1 + pass_len]
- return username, password
- def get_pair(data):
- user_list = []
- entries = data.split(b"M2")[1:]
- for entry in entries:
- try:
- user, pass_encrypted = extract_user_pass_from_entry(entry)
- except:
- continue
- pass_plain = decrypt_password(user, pass_encrypted)
- user = user.decode("ascii")
- user_list.append((user, pass_plain))
- return user_list
- data = bytes.fromhex('ff0101a84d320100ff88020000000000080000000200ff8802000200000002000000040000010300ff09020600ff09060300003076015a004d32100000a800001c0000000a00fe00050000090006000009000b000008feff070012000009020100fe090102000009030900fe211373797374656d2064656661756c7420757365721100002100010000210561646d696e8a004d32100000a800001c0000010a00fe00050000090006000009000b000008feff070012000009020100fe090102000009030900fe211373797374656d2064656661756c742075736572110000213005dabb563e344d794fae9e46c23db3e32ddead7f163966446abe9e49ee2085e932abffc6a306495a0e2d09d5fb27b144ec93010000210561646d696e92004d32100000a800001c0000010a00fe00050000090006000009001f0000080a567a5b0b000008feff070012000009020100fe090102000009030900fe211373797374656d2064656661756c742075736572110000213005dabb563e344d794fae9e46c23db3e32ddead7f163966446abe9e49ee2085e932c6a306495a0e2d09d5fb27b144ec93010000210561646d696e')
- user_pass = get_pair(data)
- print (user_pass)
- # [('admin', ''), ('admin', 'MeePwnCTF{easy_peasy_chicken_dizz\x14!Àê\\Gw\x07øòòJc]×'), ('admin', 'MeePwnCTF{easy_peasy_chicken_dizzy}')]
Add Comment
Please, Sign In to add comment