def decrypt_single_hash(rid, hbootkey, enc_hash, lmntstr):
(des_k1, des_k2) = sid_to_key(rid)
d1 = des(des_k1, ECB)
d2 = des(des_k2, ECB)
md5 = hashlib.md5()
md5.update(hbootkey[:0x10] + pack("<L", rid) + lmntstr)
rc4_key = md5.digest()
rc4 = RC4(rc4_key)
obfkey = rc4.encrypt(enc_hash)
hash_ = d1.decrypt(obfkey[:8]) + d2.decrypt(obfkey[8:])
return hash_
def decrypt_single_salted_hash(rid, hbootkey, enc_hash, lmntstr, salt):
if enc_hash == "":
return ""
(des_k1, des_k2) = sid_to_key(rid)
d1 = des(des_k1, ECB)
d2 = des(des_k2, ECB)
cipher = AESModeOfOperationCBC(hbootkey, salt)
obfkey = b"".join([cipher.decrypt(enc_hash[i:i + AES_BLOCK_SIZE]) for i in range(0, len(enc_hash), AES_BLOCK_SIZE)])
hash_ = d1.decrypt(obfkey[:8]) + d2.decrypt(obfkey[8:16])
return hash_
def decrypt_single_hash(rid, hbootkey, enc_hash, lmntstr):
(des_k1, des_k2) = sid_to_key(rid)
d1 = des(des_k1, ECB)
d2 = des(des_k2, ECB)
md5 = hashlib.md5()
md5.update(hbootkey[:0x10] + pack("<L", rid) + lmntstr)
rc4_key = md5.digest()
rc4 = RC4(rc4_key)
obfkey = rc4.encrypt(enc_hash)
hash_ = d1.decrypt(obfkey[:8]) + d2.decrypt(obfkey[8:])
return hash_
def SystemFunction005(secret, key):
"""
This function is used to decrypt LSA secrets.
Reproduces the corresponding Windows internal function.
Taken from creddump project https://code.google.com/p/creddump/
"""
decrypted_data = ''
j = 0
algo = CryptoAlgo(0x6603)
for i in range(0, len(secret), 8):
enc_block = secret[i:i + 8]
block_key = key[j:j + 7]
des_key = []
des_key.append(char_to_int(block_key[0]) >> 1)
des_key.append(((char_to_int(block_key[0]) & 0x01) << 6)
| (char_to_int(block_key[1]) >> 2))
des_key.append(((char_to_int(block_key[1]) & 0x03) << 5)
| (char_to_int(block_key[2]) >> 3))
des_key.append(((char_to_int(block_key[2]) & 0x07) << 4)
| (char_to_int(block_key[3]) >> 4))
des_key.append(((char_to_int(block_key[3]) & 0x0F) << 3)
| (char_to_int(block_key[4]) >> 5))
des_key.append(((char_to_int(block_key[4]) & 0x1F) << 2)
| (char_to_int(block_key[5]) >> 6))
des_key.append(((char_to_int(block_key[5]) & 0x3F) << 1)
| (char_to_int(block_key[6]) >> 7))
des_key.append(char_to_int(block_key[6]) & 0x7F)
des_key = algo.do_fixup_key("".join([chr(x << 1) for x in des_key]))
decrypted_data += des(des_key, ECB).decrypt(enc_block)
j += 7
if len(key[j:j + 7]) < 7:
j = len(key[j:j + 7])
dec_data_len = struct.unpack("<L", decrypted_data[:4])[0]
return decrypted_data[8:8 + dec_data_len]
def decrypt(self, msg):
enc_text = base64.b64decode(msg)
(dk, iv) = self.get_derived_key(self._passphrase, self._salt,
self._iteration)
crypter = des(dk, CBC, iv)
text = crypter.decrypt(enc_text)
return re.sub(r'[\x01-\x08]', '', text)
def SystemFunction005(secret, key):
"""
This function is used to decrypt LSA secrets.
Reproduces the corresponding Windows internal function.
Taken from creddump project https://code.google.com/p/creddump/
"""
decrypted_data = ''
j = 0
algo = CryptoAlgo(0x6603)
for i in range(0, len(secret), 8):
enc_block = secret[i:i + 8]
block_key = key[j:j + 7]
des_key = []
des_key.append(char_to_int(block_key[0]) >> 1)
des_key.append(((char_to_int(block_key[0]) & 0x01) << 6) | (char_to_int(block_key[1]) >> 2))
des_key.append(((char_to_int(block_key[1]) & 0x03) << 5) | (char_to_int(block_key[2]) >> 3))
des_key.append(((char_to_int(block_key[2]) & 0x07) << 4) | (char_to_int(block_key[3]) >> 4))
des_key.append(((char_to_int(block_key[3]) & 0x0F) << 3) | (char_to_int(block_key[4]) >> 5))
des_key.append(((char_to_int(block_key[4]) & 0x1F) << 2) | (char_to_int(block_key[5]) >> 6))
des_key.append(((char_to_int(block_key[5]) & 0x3F) << 1) | (char_to_int(block_key[6]) >> 7))
des_key.append(char_to_int(block_key[6]) & 0x7F)
des_key = algo.do_fixup_key("".join([chr(x << 1) for x in des_key]))
decrypted_data += des(des_key, ECB).decrypt(enc_block)
j += 7
if len(key[j:j + 7]) < 7:
j = len(key[j:j + 7])
dec_data_len = struct.unpack("<L", decrypted_data[:4])[0]
return decrypted_data[8:8 + dec_data_len]
def pass_decrypt_old(self, p):
""" Decrypts a password from ClawsMail. => old version """
if p[0] == '!': # encrypted password
buf = b64decode(p[1:])
"""
If mode is ECB or CBC and the length of the data is wrong, do nothing
as would the libc algorithms (as they fail early). Yes, this means the
password wasn't actually encrypted but only base64-ed.
"""
if (self.mode in (ECB, CBC)) and ((len(buf) % 8) != 0
or len(buf) > 8192):
return buf
c = des(self.passcrypt_key, self.mode, b'\0' * 8)
return c.decrypt(buf)
else:
return p # raw password
def pass_decrypt(self, p, key, mode=CFB):
""" Decrypts a password from ClawsMail. """
if p[0] == '!': # encrypted password
buf = b64decode(p[1:])
"""
If mode is ECB or CBC and the length of the data is wrong, do nothing
as would the libc algorithms (as they fail early). Yes, this means the
password wasn't actually encrypted but only base64-ed.
"""
if (mode in (ECB, CBC)) and ((len(buf) % 8) != 0 or len(buf) > 8192):
return buf
# c = DES.new(key, mode=mode, IV=b'\0'*8)
c = des(key, mode, b'\0' * 8)
return c.decrypt(buf)
else: # raw password
return p
def decrypt_secret(secret, key):
"""Python implementation of SystemFunction005.
Decrypts a block of data with DES using given key.
Note that key can be longer than 7 bytes."""
decrypted_data = ''
j = 0 # key index
for i in range(0, len(secret), 8):
enc_block = secret[i:i + 8]
block_key = key[j:j + 7]
des_key = str_to_key(block_key)
crypter = des(des_key, ECB)
decrypted_data += crypter.decrypt(enc_block)
j += 7
if len(key[j:j + 7]) < 7:
j = len(key[j:j + 7])
(dec_data_len, ) = unpack("<L", decrypted_data[:4])
return decrypted_data[8:8 + dec_data_len]
def decrypt_secret(secret, key):
"""Python implementation of SystemFunction005.
Decrypts a block of data with DES using given key.
Note that key can be longer than 7 bytes."""
decrypted_data = ''
j = 0 # key index
for i in range(0,len(secret),8):
enc_block = secret[i:i+8]
block_key = key[j:j+7]
des_key = str_to_key(block_key)
crypter = des(des_key, ECB)
try:
decrypted_data += crypter.decrypt(enc_block)
except:
continue
j += 7
if len(key[j:j+7]) < 7:
j = len(key[j:j+7])
(dec_data_len,) = unpack("<L", decrypted_data[:4])
return decrypted_data[8:8+dec_data_len]
def decrypt(self, msg):
enc_text = base64.b64decode(msg)
(dk, iv) = self.get_derived_key(self._passphrase, self._salt, self._iteration)
crypter = des(dk, CBC, iv)
text = crypter.decrypt(enc_text)
return re.sub(r'[\x01-\x08]', '', text)
