Skip to content

Instantly share code, notes, and snippets.

@dguerri
Last active September 25, 2023 09:01
Show Gist options
  • Save dguerri/92d9330bf9e8f1303b4004ddd4e00f00 to your computer and use it in GitHub Desktop.
Save dguerri/92d9330bf9e8f1303b4004ddd4e00f00 to your computer and use it in GitHub Desktop.
Quick shell script to decrypt client-side encrypted file using QNAP HBS *Sync* jobs. Only work with version 2 files - Doesn't work with QNAP HBS Backup jobs!
#!/bin/sh
set -ue
[ "$#" -lt 2 ] && { echo "Syntax: $0 <filename> <key>"; exit 1; }
filename="$1"
key="$2"
# Compose the key by repeating the user input until we have 32 characters (64 hex digits)
openssl_key=""
while [ "$(printf '%s' "${openssl_key}" | wc -m)" -lt 64 ]; do
openssl_key=${openssl_key}$(printf '%s' "${key}" | od -An -tx1 | tr -d '\ \n')
done
openssl_key=$(printf '%s' "${openssl_key}" | cut -c1-64)
# Determine if the cleartext has been compressed
compressed="$(dd if="${filename}" bs=1 skip=9 count=1 2>/dev/null | od -An -tx1 | tr -d '\ \n')"
[ "${compressed}" -ne 0 ] && echo "Compressed, use bzip2 to decompress" >&2
# Decipher the header
header="$(dd if="${filename}" bs=1 skip=16 count=64 2>/dev/null | \
openssl aes-256-ecb -d -K "${openssl_key}" -nopad | od -An -tx1 | tr -d '\ \n')"
# Extract key and iv from the header
ckey="$(printf '%s' "${header}" | cut -c17-80)"
salt="$(printf '%s' "${header}" | cut -c81-112)"
# Decipher the file
dd if="${filename}" bs=1 skip=80 2>/dev/null | openssl aes-256-cbc -d -K "${ckey}" -iv "${salt}"
@dguerri
Copy link
Author

dguerri commented Aug 3, 2021

@dguerri
Copy link
Author

dguerri commented Aug 4, 2021

I did some testing.
I think that the encryption key used by QNAP HSB Backup is derived from the user password with a different algorithm.
From Sync jobs, the password used to decrypt the header is a 64 bytes long concatenation of the user password.

Maybe the backup job concatenates something to the user password... but honestly is hard to tell!

@ceelian
Copy link

ceelian commented Aug 20, 2021

@dguerry thank you, I was 2 weeks AFK. Will try soon and let you know. Thank you a lot for the investigations.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment