Skip to content

HyperSine/how-does-SecureCRT-encrypt-password

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
doc
doc
 
 
python3
python3
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Reveal password encrypted by SecureCRT

1. How does it work?

how does SecureCRT encrypt password

NOTE: Wait to be updated for SecureCRT 9.4+

2. How to use?

Please make sure you have installed python3 and the module pycryptodome.

You can install the module by

$ pip3 install pycryptodome

Usage:

$ ./securecrt_cipher.py -h
usage: securecrt_cipher.py [-h] {enc,dec} ...

positional arguments:
  {enc,dec}
    enc       perform encrypt operation
    dec       perform decrypt operation

options:
  -h, --help  show this help message and exit
$ ./securecrt_cipher.py enc -h
usage: securecrt_cipher.py enc [-h] [-2] [--prefix {02,03}] [-p PASSPHRASE]
                               PASSWORD

positional arguments:
  PASSWORD              the plain password to encrypt

options:
  -h, --help            show this help message and exit
  -2, --v2              encrypt/decrypt with "Password V2" algorithm
  --prefix {02,03}      the prefix of encrypted passwords generated with
                        "Password V2" algorithm
  -p PASSPHRASE, --passphrase PASSPHRASE
                        the config passphrase that SecureCRT uses
$ ./securecrt_cipher.py dec -h
usage: securecrt_cipher.py dec [-h] [-2] [--prefix {02,03}] [-p PASSPHRASE]
                               PASSWORD

positional arguments:
  PASSWORD              the encrypted password to reveal

options:
  -h, --help            show this help message and exit
  -2, --v2              encrypt/decrypt with "Password V2" algorithm
  --prefix {02,03}      the prefix of encrypted passwords generated with
                        "Password V2" algorithm
  -p PASSPHRASE, --passphrase PASSPHRASE
                        the config passphrase that SecureCRT uses

3. Example

If you have SecureCRT session file example.com.ini looking like

S:"Username"=root
S:"Password"=
S:"Password V2"=03:7f59810d05b03f8e49b96e091dad49cb474c2e8435a5dbe53fc5d1e7aa228a8df8938cb01a7dd0c72cc361595ef5c2b675d8b2a64663776b95b065fec9b0fc36f168ffe3ae6fdedc3e1897389609536f
S:"Login Script V2"=
...

You can reveal password by

$ ./securecrt_cipher.py dec -2 --prefix 03 7f59810d05b03f8e49b96e091dad49cb474c2e8435a5dbe53fc5d1e7aa228a8df8938cb01a7dd0c72cc361595ef5c2b675d8b2a64663776b95b065fec9b0fc36f168ffe3ae6fdedc3e1897389609536f
Hypersine

If the session file is generated by SecureCRT whose version is prior to 7.3.3, the sensitive data should be

...
S:"Username"=root
D:"[SSH2] Port"=00000016
S:"Password"=uc71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2
D:"Session Password Saved"=00000001
...

You can reveal password by

$ ./securecrt_cipher.py dec c71bd1c86f3b804e42432f53247c50d9287f410c7e59166969acab69daa6eaadbe15c0c54c0e076e945a6d82f9e13df2
DoubleLabyrinth

About

Transferred from https://github.com/DoubleLabyrinth/how-does-SecureCRT-encrypt-password

Resources

Readme
Activity

Stars

270 stars

Watchers

9 watching

Forks

101 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages