in reply to Re^2: encrypt and decrypt text
in thread encrypt and decrypt text
>less -x4 obf.pl
#!/usr/bin/perl ###################################################################### +###### # This utility can modify a "string file" as defined below to obfuscat +e # those strings using a modified rot-13 type algorithm. String inform +ation # is to be supplied via filenames, or piped from a file/process into t +his # script. All output is to stdout, suitable for piping into a resulta +nt # file. # # The string file is to contain passwords or snmp community strings # ### # # Credits: Ideas taken from # http://www.perlmonks.org/index.pl?node_id=385552 # Thanks to TZapper and Tachyon's posts # http://search.cpan.org/author/JUERD/Crypt-Caesar-0.01/Caesar.pm # http://search.cpan.org/author/AYRNIEU/Crypt-Rot13-0.6/Rot13.pm # http://www.perlmonks.org/index.pl?node_id=421114 # Thanks to Tanktalus #
> less -x4 unobf.pl#--------------------------------------------------------------------- +-- # Copyright (C) 2005 Scott L. Miller (scott.l.miller@gmail.com) # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 # USA #--------------------------------------------------------------------- +-- # Date: # 01/28/2005 SLM Initial release # ###################################################################### +###### ###################################################################### +###### # The string files can contain blank lines and comments where the comm +ent # indicator '#' is the first non-blank character on the line. # # A rotation indicator must appear before the first string line, or ze +ro # rotation distance is assumed, and a zero rotation value line is adde +d to # the resulting output. # # Different rotational distances within a single input set can be hand +led. # # If the optional rotation degree is defined as non-zero on the comman +d # line, then all the string rotations and the rotation indicators will + be # adjusted by the given degree. # # If the optional rotation degree is not given, or is functionally # equivalent to zero, all obfuscated strings will be unobfuscated, and + # all rotational degree indicators will be set to 0. # # Data lines must follow the following layout # Unobfuscated-String-handle <whitespace> (to-be-)obfuscated-string # # The unobfuscated string HANDLE will never be obfuscated, and the whi +te # space between the strings can be a mixture of spaces and tabs. # # Spaces and tabs are illegal within either the handle or the string t +o be # obfuscated. ###################################################################### +###### sub Usage { print <<EOF; Usage: $0 [rotation-degree] <filename> or: <someprocess> | $0 [rotation-degree] where: [rotation-degree] is an optional positive or negative integer + indicating the amount to "rotate" the printable ascii table +. If left off or equivalent to zero, the resulting strings wi +ll be unobfuscated. <filename> or piped in text is a "string file" generally containing passwords or SNMP community strings that are, or will be obfuscated by this script. See script comments, or a "string file" comment header for +more information about the "string file" layout. EOF } ###################################################################### +###### # pwdrot uses the idea of rot13 and expands the characters affected by + the # rotations to include all 94 normal printable ascii characters. # ie. chr(33) '!' - chr(126) '~'. The rotations are thus mod 94. # # Default rotation if not supplied is 47 ###################################################################### +###### sub pwdrot { my $pwd = shift; my $degree = (@_ > 0) ? ((shift) % 94) : 47; if ($degree == 0) { return $pwd; } if (length($pwd) == 0) { return $pwd; } $rangestr = "\\" . sprintf("%03lo",$degree+33) . "-\\176\\041-\\" +. sprintf("%03lo",$degree+32); unless ($pwdrots{$degree}) { my $rangstr = "\\" . sprintf("%03lo",$degree+33) . "-\\176\\04 +1-\\" . sprintf("%03lo",$degree+32); $pwdrots{$degree} = eval "sub { \$_[0] =~ tr[\041-\176][$rangs +tr]; }" } $pwdrots{$degree}->($pwd); return $pwd; } ###################################################################### +###### # Replicate blank lines & comments in output, find rotation notations # characterized by a decimal number appearing alone on a line, make # adjustments to those notations, and either unobfuscate, or change th +e # strings' rotation as directed. ###################################################################### +###### sub process_line { s/(^\s+)//; #remove indentation if any if(/^$/) { print $_; return; } #ignore blank lines if(/^#/) { print $_; return; } #ignore comments chomp; my ($result,$handle,$whitespace,$snmpstring); ($handle,$whitespace,$snmpstring) = split /(\s+)/; if(!defined($snmpstring)) { $curdist = int($_); if($deltadist == 0) { print "0\n"; } else { printf "%d\n",($curdist+$deltadist) % 94; } return; } if(!defined($curdist)) { print "# Rotational distance was undefined, assuming 0\n"; print "0\n"; $curdist = 0; } if($deltadist == 0) { $result = pwdrot( $snmpstring, $curdist * -1 ); } else { $result = pwdrot( $snmpstring, $deltadist); } print $handle . $whitespace . $result . "\n"; return; } ###################################################################### +##### # Program begins here # # Read an optional rotation degree and process "string files" given vi +a the # command line, or piped in. # ###################################################################### +##### if( -t && scalar(@ARGV) == 0 ) { print " No file supplied!\n"; &Usage; exit 0; } local $deltadist; if(! -t) { $deltadist = (scalar(@ARGV) > 0) ? ((shift) % 94) : 0; } else { $deltadist = (scalar(@ARGV) > 1) ? ((shift) % 94) : 0; } if(! -t) { while(<STDIN>) { &process_line; } } if( scalar(@ARGV) > 0 ) { while (<>) { &process_line; } } exit;
> cat string-file-header.dat#!/usr/bin/perl ###################################################################### +###### # Given a valid obfuscated string file format, it will quickly print # out the string "handles", and the unobfuscated strings. # # No comments, blank lines or rotation values are printed. # ### # # The string file format is discussed in the obf.pl file and should be # present in most string files themselves. # # If the rotations given are inaccurate, and you really need to know w +hat # the real strings are, I've left it as an excersize for you to genera +te # all string rotations possible. Have fun. # ### # # Credits: Ideas taken from # http://www.perlmonks.org/index.pl?node_id=385552 # Thanks to TZapper and Tachyon's posts # http://search.cpan.org/author/JUERD/Crypt-Caesar-0.01/Caesar.pm # http://search.cpan.org/author/AYRNIEU/Crypt-Rot13-0.6/Rot13.pm # http://www.perlmonks.org/index.pl?node_id=421114 # Thanks to Tanktalus # #--------------------------------------------------------------------- +-- # Copyright (C) 2005 Scott L. Miller (scott.l.miller@gmail.com) # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 # USA #--------------------------------------------------------------------- +-- # Written January, 2005 by Scott L. Miller # # Date: # 01/28/2005 SLM Initial release # ###################################################################### +###### sub Usage { print <<EOF; Usage: $0 <filename> or: <someprocess> | $0 where: <filename> or piped in text is a "string file" generally containing passwords or SNMP community strings that are obfuscated. this script will unobfuscate all strings within a correctly formated "string file" provided all rotation identification numbers for those strings are acurate. EOF } ###################################################################### +###### # pwdrot uses the idea of rot13 and expands the characters affected by + the # rotations to include all 94 normal printable ascii characters. # ie. chr(33) '!' - chr(126) '~'. The rotations are thus mod 94. # # Default rotation if not supplied is 47 ###################################################################### +###### sub pwdrot { my $pwd = shift; my $degree = (@_ > 0) ? ((shift) % 94) : 47; if ($degree == 0) { return $pwd; } if (length($pwd) == 0) { return $pwd; } $rangestr = "\\" . sprintf("%03lo",$degree+33) . "-\\176\\041-\\" +. sprintf("%03lo",$degree+32); unless ($pwdrots{$degree}) { my $rangstr = "\\" . sprintf("%03lo",$degree+33) . "-\\176\\04 +1-\\" . sprintf("%03lo",$degree+32); $pwdrots{$degree} = eval "sub { \$_[0] =~ tr[\041-\176][$rangs +tr]; }" } $pwdrots{$degree}->($pwd); return $pwd; } ###################################################################### +###### # Find rotation notations characterized by a decimal number appearing +alone # on a line, unobfuscate the strings using the given rotation informat +ion. ###################################################################### +###### sub process_line { s/(^\s+)//; #remove indentation if any if(/^$/) { return; } #ignore blank lines if(/^#/) { return; } #ignore comments chomp; my ($result,$handle,$whitespace,$snmpstring); ($handle,$whitespace,$snmpstring) = split /(\s+)/; if(!defined($snmpstring)) { $curdist = int($_); return; } if(!defined($curdist)) { print "# Rotation undefined, assuming 0 rotation.\n"; $curdist = 0; } $result = pwdrot( $snmpstring, $curdist * -1 ); print $handle . $whitespace . $result . "\n"; return; } ###################################################################### +##### # Program begins here # # Read "string files" given via the command line, and/or piped in. ###################################################################### +##### if( -t && scalar(@ARGV) == 0 ) { print " No file supplied!\n"; &Usage; exit 0; } local $curdist; if(! -t) { while(<STDIN>) { &process_line; } } if( scalar(@ARGV) > 0 ) { while (<>) { &process_line; } } exit;
###################################################################### +### # SNMP community string list # This list is (or should be) obfuscated, not to be confused with # the word "encrypted", on purpose. It is obfuscated in an attempt # to keep these strings from being read on accident, as in someone # watching over your shoulder. It is trivially easy to convert # these to the original strings, you do that by running the unobf.pl # script against this file. If you have the rights to read this, # you should also have the rights to run that script to see what the # strings really are. # # Format: # A line with only a number indicates the rotation amount for the # string lines following that number. Valid rotation amounts # include 0 to 93 inclusive, though negative and larger numbers # will be transformed, and non-integers will be truncated into # integers. # # Any string lines that appears before a rotation value is given # are assumed to be zero, or not rotated. More than one rotation # value within the file is perfectly valid; that new value will # be used for the strings following it, up to the next rotation # value. # # string lines are made up of the following: # Handle or Name of the string # whitespace # the (to-be?) obfuscated SNMP string ###################################################################### +###
Then run the obf.pl script against it, with a rotation of 13:> cat test.dat <p> public public private private our-read 0uR3ad our-write 0wR1t3 their-read th31read their-write theirwrong blah-blah blah-bl@h foo-bar barfoobar
> obf.pl 13 test.dat > t.1 > cat t.1 # Rotational distance was undefined, assuming 0 13 public }$oyvp private }!v%n#r our-read =$_@nq our-write =&_>#@ their-read #u@>!rnq their-write #urv!&!|{t blah-blah oynu:oyMu foo-bar on!s||on!
And another with rotation of "The Answer":> obf.pl 31 test.dat > t.2 <p> > cat t.2 <p> # Rotational distance was undefined, assuming 0 31 public 16#-*$ private 13*7"5& our-read O6qR"% our-write O8qP5R their-read 5)RP3&"% their-write 5)&*3830/( blah-blah #-")L#-_) foo-bar #"3'00#"3
And then, cat them together, and use pieces from each file provided the rotation number preceded the group or line with the appropriate rotations.> obf.pl 42 test.dat > t.3 <p> > cat t.3 <p> # Rotational distance was undefined, assuming 0 42 public <A.85/ private <>5B-@1 our-read ZA|]-0 our-write ZC|[@] their-read @4][>1-0 their-write @415>C>;:3 blah-blah .8-4W.8j4 foo-bar .->2;;.->
-Scott L. Miller
|
|---|