-
Notifications
You must be signed in to change notification settings - Fork 0
/
libscrt
executable file
·60 lines (50 loc) · 1.72 KB
/
libscrt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
from Crypto.Cipher import Blowfish
import argparse
import codecs
import six
import sys
import re
def decrypt(password):
c1_code = '5F B0 45 A2 94 17 D9 16 C6 C6 A2 FF 06 41 82 B7'.replace(' ','')
c2_code = '24 A6 3D DE 5B D3 B3 82 9C 7E 06 F4 08 16 AA 07'.replace(' ','')
c1 = Blowfish.new(codecs.decode(c1_code, 'hex'), Blowfish.MODE_CBC, '\x00'*8)
c2 = Blowfish.new(codecs.decode(c2_code, 'hex'), Blowfish.MODE_CBC, '\x00'*8)
padded = c1.decrypt(c2.decrypt(codecs.decode(password, 'hex'))[4:-4])
p = bytes()
while padded[:2] != b'\x00\x00' :
p += padded[:2]
padded = padded[2:]
return codecs.decode(p, 'UTF-16')
def hostname(f):
x = open(f).read().replace('\x00', '')
REGEX_HOSTNAME = re.compile(six.u(r'S:"Hostname"=([^\r\n]*)'))
m = REGEX_HOSTNAME.search(x)
if m:
return m.group(1)
return ''
def password(f):
x = open(f).read().replace('\x00', '')
REGEX_PASWORD = re.compile(six.u(r'S:"Password"=u([0-9a-f]+)'))
m = REGEX_PASWORD.search(x)
if m:
return decrypt(m.group(1))
return ''
def port(f):
x = open(f).read().replace('\x00', '')
REGEX_PORT = re.compile(six.u(r'D:"\[SSH2\] Port"=([0-9a-f]{8})'))
m = REGEX_PORT.search(x)
if m:
return '%d'%(int(m.group(1), 16))
return ''
def username(f):
x = open(f).read().replace('\x00', '')
REGEX_USERNAME = re.compile(six.u(r'S:"Username"=([^\r\n]*)'))
m = REGEX_USERNAME.search(x)
if m:
return m.group(1)
return ''
if __name__ == '__main__':
file_list = sys.argv
file_list.pop(0)
for filename in file_list:
print('sshpass -p"'+password(filename)+'" ssh -p '+port(filename)+' '+username(filename)+'@'+hostname(filename))