Tibco password revealer

Description

A simple script to decrypt mangled and obfuscated passwords from Tibco EMS

Features

• Support mangled "$man$" and obfuscated "#!" passwords
• Standalone Windows executable available

Options

$ python tibcopasswordrevealer.py -h
Usage: tibcopasswordrevealer.py [options] '<obfuscated_password>' (on UNIX, do not forget to simple quote the password to avoid bash interpretation)
Version: 1.0

Options:
  -h, --help            show this help message and exit

  Mangled password:
    -m MANGLED_PASSWORD, --mangled-password=MANGLED_PASSWORD
                        mangled password that you want to unmangle. Ex. -m
                        '$man$Dc6rE3mh8giUDcPkQEhEE5CnUKA='

  Obfuscated password:
    -o OBFUSCATED_PASSWORD, --obfuscated-password=OBFUSCATED_PASSWORD
                        obfuscated password that you want to deobfuscate Ex:
                        -o '#!/Zbs+cF+HftERpGvBh03jFtPMJQuLItP'

Examples

Mangled password

$ python tibcopasswordrevealer.py '$man$Dc6rE3mh8giUDcPkQEhEE5CnUKA='
tibcopasswordrevealer.py version 1.0

[+] mangled password:	$man$Dc6rE3mh8giUDcPkQEhEE5CnUKA=
[+] unmangled password:	toto

Obfuscated password

> tibcopasswordrevealer.exe #!/Zbs+cF+HftERpGvBh03jFtPMJQuLItP
tibcopasswordrevealer.py version 1.0

[+] obfuscated password:        #!/Zbs+cF+HftERpGvBh03jFtPMJQuLItP
[+] deobfuscated password:      lolilol

Dependencies

• For the Python version: PyCrypto (apt-get install python-crypto or pip install pycrypto)
• For the Windows standalone version: nothing

Changelog

• version 1.0 - 03/06/2016: Initial commit

Greetings

• Tibco for their clear API and their false sense of security with the use of 'obfuscation' as a security measure for credentials storage: 'Passwords encrypted using Obfuscate Utility cannot be decrypted. Ownership is with customers to remember passwords in clear text. There is no utility provided by TIBCO to decrypt passwords encrypted using Obfuscate Utility.'
• Previous research around decryption