GithubHelp home page GithubHelp logo

xdecrypt's Introduction

Xdecrypt

Xshell Xftp password decrypt

Setup

pip3 install -r requirements.txt

Usage

usage: Xdecrypt.py [-h] [-s SID] [-p PASSWORD]

xsh, xfp password decrypt

optional arguments:
  -h, --help            show this help message and exit
  -s SID, --sid SID     `username`+`sid`, user `whoami /user` in command.
  -p PASSWORD, --password PASSWORD
                        the password in sessions or path of sessions

$ whoami /user
用户信息
----------------

用户名               SID
==================== =============================================
computername\username sid

$ python3 Xdecrypt.py
=============C:\Users\yourname\Documents\NetSarang Computer\6\Xftp\Sessions\192.168.1.2.xfp=============
Host:     192.168.1.2:22
Username: root
Password: test
==========C:\Users\d2x3\Documents\NetSarang Computer\6\Xshell\Sessions\192.168.1.2.xsh===========
Host:     192.168.1.2:22
Username: root
Password: test
========C:\Users\d2x3\Documents\NetSarang Computer\6\Xshell\Sessions\test\192.168.1.2.xsh========
Host:     192.168.1.2:22
Username: root
Password: test

$ python3 Xdecrypt.py -s username+sid -p "D:\somewhere\NetSarang Computer"
=============D:\somewhere\NetSarang Computer\6\Xftp\Sessions\192.168.1.2.xfp=============
Host:     192.168.1.2:22
Username: root
Password: test
==========D:\somewhere\NetSarang Computer\6\Xshell\Sessions\192.168.1.2.xsh===========
Host:     192.168.1.2:22
Username: root
Password: test
========D:\somewhere\NetSarang Computer\6\Xshell\Sessions\test\192.168.1.2.xsh========
Host:     192.168.1.2:22
Username: root
Password: test

$ python Xdecrypt.py -s username+sid -p password
test

xdecrypt's People

Contributors

b1tg avatar dzxs avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

cjjduck jumbo-wjb nazicc dm2333 pingod zhuizhuhaomeng kyhvedn xianlimei qsdj alinuxsa eniac888 niummm triplekill superdong0 0xa-saline xxnbyy 02bx a200332 sgseo chunhualiu nevinhappy mehome anhilo whoamisysteminfo weizx208 baka9moe stkeeper attackgithub shad0wpf asd88645438 withflyingfree 0x13c luckypickle oyjouokong safly illimitati jackbro killvxk wisdark weiwhy hack2012 mmfan c0d1007 dogdogs losiry ghostgod blee0036 xxdnxb jinligen dxcqs pyking mondayice freefv xinxin899 g00d600d5tudydaydayup vrirus loverone fdlucifer crackercat i-liberty h062team luckylong1998 andotorg generalk2016 n0noorz vxer-lee ilililililililili lc11535 cooiut lkl9561 caiguilin waylonwang2020 qz elvistan devotionzhu cherrzz laowang1026 liun02163 firedon xfjh beikuzi lxkxc fuzz-security mygit2014 zming hackerxj007 crishavk324 jinxinjiazi ping1234e zhujinrun raspberryhusky gamblingmaster2020 ccqtv123 ziger2019 fkcode1030 chixxx gysf666 emptywatson jeromeyoung farhang-negari

xdecrypt's Issues

cannot be used independently from the original environment

import os
import sys
import argparse
import base64
import configparser

from win32api import GetComputerName, GetUserName
from win32security import LookupAccountName, ConvertSidToStringSid
from Crypto.Hash import SHA256
from Crypto.Cipher import ARC4

def decrypt_string(a1, a2):
v1 = base64.b64decode(a2)
v3 = ARC4.new(SHA256.new(a1.encode('ascii')).digest()).decrypt(v1[:len(v1) - 0x20])
if SHA256.new(v3).digest() == v1[-32:]:
return v3.decode('ascii')
else:
return None

VERSION_6_CONFIG_PATH = os.path.join(os.environ["USERPROFILE"], r"Documents\NetSarang Computer\6")
VERSION_7_CONFIG_PATH = os.path.join(os.environ["USERPROFILE"], r"Documents\NetSarang Computer\7")

config_path = ""
parser = argparse.ArgumentParser(description="xsh, xfp password decrypt")
parser.add_argument("-v", "--version", default="7", help="Xshell version, eg. 6 or 7")
parser.add_argument("-s", "--sid", default="", type=str, help="sid, get by whoami /user in command.")
parser.add_argument("-u", "--user", default="", type=str, help="username, get by whoami /user in command.")
parser.add_argument("-p", "--password", default="", type=str, help="the password in sessions or path of sessions")
args = parser.parse_args()

if not args.password:
if os.path.exists(VERSION_6_CONFIG_PATH):
config_path = VERSION_6_CONFIG_PATH
elif os.path.exists(VERSION_7_CONFIG_PATH):
config_path = VERSION_7_CONFIG_PATH
else:
print("Error: can't found valid session path")
sys.exit(0)
args.password = config_path

if not args.sid:
# method from https://github.com/JDArmy/SharpXDecrypt
if config_path == VERSION_7_CONFIG_PATH:
tmp = GetUserName()[::-1] + ConvertSidToStringSid(LookupAccountName(GetComputerName(), GetUserName())[0])
args.token = tmp[::-1]
else:
args.token = GetUserName() + ConvertSidToStringSid(LookupAccountName(GetComputerName(), GetUserName())[0])
else:
if args.version == '7':
args.token = (args.user[::-1] + args.sid)[::-1]
else:
args.token = args.user + args.sid

if not os.path.isdir(args.password):
r = decrypt_string(args.token, args.password)
if r:
print(r)

for root, dirs, files in os.walk(args.password):
for f in files:
if f.endswith(".xsh") or f.endswith(".xfp"):
filepath = os.path.join(root, f)
cfg = configparser.ConfigParser()
try:
cfg.read(filepath)
except UnicodeDecodeError:
cfg.read(filepath, encoding="utf-16")

        try:
            if f.endswith(".xsh"):
                host = "{}:{}".format(cfg["CONNECTION"]["Host"], cfg["CONNECTION"]["Port"])
                username = cfg["CONNECTION:AUTHENTICATION"]["UserName"]
                password = decrypt_string(args.token, cfg["CONNECTION:AUTHENTICATION"]["Password"])
            else:
                host = "{}:{}".format(cfg["Connection"]["Host"], cfg["Connection"]["Port"])
                username = cfg["Connection"]["UserName"]
                password = decrypt_string(args.token, cfg["Connection"]["Password"])
            print(
                f"{filepath:=^100}\nHost:     {host}\nUsername: {username}\nPassword: {password}")
        except Exception as e:
            print(f"{filepath:=^100}\nError:{e}")

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.