Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- The format of the file is as follows (as of MySQL 5.6.7-RC):
- 4 Bytes Zero (Version Information)
- 20 Bytes Key Generation Matter
- Repeated:
- 4 Bytes Length information
- Length bytes crypted matter. The crypt is done using the AES ENCRYPT function, which in itself is insecure: It is an aes-128-ecb with a NULL IV.
- The key used by AES 128 needs to be CHAR(16), but the function accepts any string as a key generation matter. It generates the key from the key generation matter by xor-ing the key generation matter onto itself in a 16 byte loop, starting with a buffer of NULL bytes.
- <?php
- $fp = fopen("mylogin.cnf", "r");
- if (!$fp) {
- die("Cannot open mylogin.cnf");
- }
- # read key
- fseek($fp, 4);
- $key = fread($fp, 20);
- # generate real key
- $rkey = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
- for ($i = 0; $i < strlen($key); $i++) {
- $rkey[$i % 16] = ( $rkey[$i % 16] ^ $key[$i] );
- }
- # for each line
- while ($len = fread($fp, 4)) {
- # as integer
- $len = unpack("V", $len);
- $len = $len[1];
- # decrypt
- $crypt = fread($fp, $len);
- $plain = openssl_decrypt($crypt, 'aes-128-ecb', $rkey, true);
- # print
- print $plain;
- }
- ?>
- The file itself is then a simple text file, not much different from before.
- [safelogin]
- user = root
- password = mG[..]kb
- host = localhost
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement