API tools faq
paste
Guest User

Untitled

a guest
Aug 30th, 2018
104
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.02 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python3
  2. import sys, hashlib
  3.  
  4. def decrypt_password(user, pass_enc):
  5. key = hashlib.md5(user + b"283i4jfkai3389").digest()
  6.  
  7. passw = ""
  8. for i in range(0, len(pass_enc)):
  9. passw += chr(pass_enc[i] ^ key[i % len(key)])
  10.  
  11. return passw.split("\x00")[0]
  12.  
  13. def extract_user_pass_from_entry(entry):
  14. user_data = entry.split(b"\x01\x00\x00\x21")[1]
  15. pass_data = entry.split(b"\x11\x00\x00\x21")[1]
  16.  
  17. user_len = user_data[0]
  18. pass_len = pass_data[0]
  19.  
  20. username = user_data[1:1 + user_len]
  21. password = pass_data[1:1 + pass_len]
  22.  
  23. return username, password
  24.  
  25. def get_pair(data):
  26.  
  27. user_list = []
  28.  
  29. entries = data.split(b"M2")[1:]
  30. for entry in entries:
  31. try:
  32. user, pass_encrypted = extract_user_pass_from_entry(entry)
  33. except:
  34. continue
  35.  
  36. pass_plain = decrypt_password(user, pass_encrypted)
  37. user = user.decode("ascii")
  38.  
  39. user_list.append((user, pass_plain))
  40.  
  41. return user_list
  42.  
  43. data = bytes.fromhex('ff0101a84d320100ff88020000000000080000000200ff8802000200000002000000040000010300ff09020600ff09060300003076015a004d32100000a800001c0000000a00fe00050000090006000009000b000008feff070012000009020100fe090102000009030900fe211373797374656d2064656661756c7420757365721100002100010000210561646d696e8a004d32100000a800001c0000010a00fe00050000090006000009000b000008feff070012000009020100fe090102000009030900fe211373797374656d2064656661756c742075736572110000213005dabb563e344d794fae9e46c23db3e32ddead7f163966446abe9e49ee2085e932abffc6a306495a0e2d09d5fb27b144ec93010000210561646d696e92004d32100000a800001c0000010a00fe00050000090006000009001f0000080a567a5b0b000008feff070012000009020100fe090102000009030900fe211373797374656d2064656661756c742075736572110000213005dabb563e344d794fae9e46c23db3e32ddead7f163966446abe9e49ee2085e932c6a306495a0e2d09d5fb27b144ec93010000210561646d696e')
  44. user_pass = get_pair(data)
  45. print (user_pass)
  46.  
  47. # [('admin', ''), ('admin', 'MeePwnCTF{easy_peasy_chicken_dizz\x14!Àê\\Gw\x07øòòJc]×'), ('admin', 'MeePwnCTF{easy_peasy_chicken_dizzy}')]
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!