def decrypt_hash(self, rid, hashobj, constant):
key1, key2 = SAM.rid_to_key(rid)
des1 = des(key1)
des2 = des(key2)
if isinstance(hashobj, SAM_HASH):
rc4key = hashlib.md5(
self.hashed_bootkey[:0x10] +
int(rid, 16).to_bytes(4, 'little', signed=False) +
constant).digest()
key = RC4(rc4key).encrypt(hashobj.hash)
else:
key = b''
cipher = AESModeOfOperationCBC(self.hashed_bootkey[:0x10],
iv=hashobj.salt)
n = 16
for block in [
hashobj.data[i:i + n]
for i in range(0, len(hashobj.data), n)
]: #terrible, terrible workaround
key += cipher.decrypt(block)
key = key[:16]
dec_hash = des1.decrypt(key[:8]) + des2.decrypt(key[8:])
return dec_hash
def decrypt_secret(self, key, value):
dec_blob = b''
enc_size = int.from_bytes(value[:4], 'little', signed=False)
value = value[len(value) - enc_size:]
t_key = key
for _ in range(0, len(value), 8):
enc_blob = value[:8]
des_key = expand_DES_key(t_key[:7])
ctx = des(des_key)
dec_blob += ctx.decrypt(enc_blob)
t_key = t_key[7:]
value = value[8:]
if len(t_key) < 7:
t_key = key[len(t_key):]
secret = LSA_SECRET_XP.from_bytes(dec_blob)
return secret.secret
def decrypt_secret(self, key, value):
dec_blob = b''
enc_size = struct.unpack_from('<I', value)
value = value[len(value) - enc_size:]
t_key = key
for _ in range(0, len(value), 8):
enc_blob = value[:8]
des_key = expand_DES_key(t_key[:7])
ctx = des(des_key)
dec_blob += ctx.decrypt(enc_blob)
t_key = t_key[7:]
value = value[8:]
if len(t_key) < 7:
t_key = key[len(t_key):]
secret = LSA_SECRET_XP.from_bytes(dec_blob)
return secret.secret