##
#-----------------------------------------------------------------------
# Copyright (C) 2005 Scott L. Miller (scott.l.miller@gmail.com)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
# USA
#-----------------------------------------------------------------------
# Date:
# 01/28/2005 SLM Initial release
#
############################################################################
############################################################################
# The string files can contain blank lines and comments where the comment
# indicator '#' is the first non-blank character on the line.
#
# A rotation indicator must appear before the first string line, or zero
# rotation distance is assumed, and a zero rotation value line is added to
# the resulting output.
#
# Different rotational distances within a single input set can be handled.
#
# If the optional rotation degree is defined as non-zero on the command
# line, then all the string rotations and the rotation indicators will be
# adjusted by the given degree.
#
# If the optional rotation degree is not given, or is functionally
# equivalent to zero, all obfuscated strings will be unobfuscated, and
# all rotational degree indicators will be set to 0.
#
# Data lines must follow the following layout
# Unobfuscated-String-handle (to-be-)obfuscated-string
#
# The unobfuscated string HANDLE will never be obfuscated, and the white
# space between the strings can be a mixture of spaces and tabs.
#
# Spaces and tabs are illegal within either the handle or the string to be
# obfuscated.
############################################################################
sub Usage {
print <
or: | $0 [rotation-degree]
where: [rotation-degree] is an optional positive or negative integer
indicating the amount to "rotate" the printable ascii table.
If left off or equivalent to zero, the resulting strings will
be unobfuscated.
or piped in text is a "string file" generally
containing passwords or SNMP community strings that are, or
will be obfuscated by this script.
See script comments, or a "string file" comment header for more
information about the "string file" layout.
EOF
}
############################################################################
# pwdrot uses the idea of rot13 and expands the characters affected by the
# rotations to include all 94 normal printable ascii characters.
# ie. chr(33) '!' - chr(126) '~'. The rotations are thus mod 94.
#
# Default rotation if not supplied is 47
############################################################################
sub pwdrot {
my $pwd = shift;
my $degree = (@_ > 0) ? ((shift) % 94) : 47;
if ($degree == 0) {
return $pwd;
}
if (length($pwd) == 0) {
return $pwd;
}
$rangestr = "\\" . sprintf("%03lo",$degree+33) . "-\\176\\041-\\" . sprintf("%03lo",$degree+32);
unless ($pwdrots{$degree}) {
my $rangstr = "\\" . sprintf("%03lo",$degree+33) . "-\\176\\041-\\" . sprintf("%03lo",$degree+32);
$pwdrots{$degree} = eval "sub { \$_[0] =~ tr[\041-\176][$rangstr]; }"
}
$pwdrots{$degree}->($pwd);
return $pwd;
}
############################################################################
# Replicate blank lines & comments in output, find rotation notations
# characterized by a decimal number appearing alone on a line, make
# adjustments to those notations, and either unobfuscate, or change the
# strings' rotation as directed.
############################################################################
sub process_line {
s/(^\s+)//; #remove indentation if any
if(/^$/) { print $_; return; } #ignore blank lines
if(/^#/) { print $_; return; } #ignore comments
chomp;
my ($result,$handle,$whitespace,$snmpstring);
($handle,$whitespace,$snmpstring) = split /(\s+)/;
if(!defined($snmpstring)) {
$curdist = int($_);
if($deltadist == 0) {
print "0\n";
} else {
printf "%d\n",($curdist+$deltadist) % 94;
}
return;
}
if(!defined($curdist)) {
print "# Rotational distance was undefined, assuming 0\n";
print "0\n";
$curdist = 0;
}
if($deltadist == 0) {
$result = pwdrot( $snmpstring, $curdist * -1 );
} else {
$result = pwdrot( $snmpstring, $deltadist);
}
print $handle . $whitespace . $result . "\n";
return;
}
###########################################################################
# Program begins here
#
# Read an optional rotation degree and process "string files" given via the
# command line, or piped in.
#
###########################################################################
if( -t && scalar(@ARGV) == 0 ) {
print " No file supplied!\n";
&Usage;
exit 0;
}
local $deltadist;
if(! -t) {
$deltadist = (scalar(@ARGV) > 0) ? ((shift) % 94) : 0;
} else {
$deltadist = (scalar(@ARGV) > 1) ? ((shift) % 94) : 0;
}
if(! -t) {
while() {
&process_line;
}
}
if( scalar(@ARGV) > 0 ) {
while (<>) {
&process_line;
}
}
exit;
## ##
#!/usr/bin/perl
############################################################################
# Given a valid obfuscated string file format, it will quickly print
# out the string "handles", and the unobfuscated strings.
#
# No comments, blank lines or rotation values are printed.
#
###
#
# The string file format is discussed in the obf.pl file and should be
# present in most string files themselves.
#
# If the rotations given are inaccurate, and you really need to know what
# the real strings are, I've left it as an excersize for you to generate
# all string rotations possible. Have fun.
#
###
#
# Credits: Ideas taken from
# http://www.perlmonks.org/index.pl?node_id=385552
# Thanks to TZapper and Tachyon's posts
# http://search.cpan.org/author/JUERD/Crypt-Caesar-0.01/Caesar.pm
# http://search.cpan.org/author/AYRNIEU/Crypt-Rot13-0.6/Rot13.pm
# http://www.perlmonks.org/index.pl?node_id=421114
# Thanks to Tanktalus
#
#-----------------------------------------------------------------------
# Copyright (C) 2005 Scott L. Miller (scott.l.miller@gmail.com)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
# USA
#-----------------------------------------------------------------------
# Written January, 2005 by Scott L. Miller
#
# Date:
# 01/28/2005 SLM Initial release
#
############################################################################
sub Usage {
print <
or: | $0
where: or piped in text is a "string file" generally
containing passwords or SNMP community strings that are
obfuscated.
this script will unobfuscate all strings within a correctly
formated "string file" provided all rotation identification
numbers for those strings are acurate.
EOF
}
############################################################################
# pwdrot uses the idea of rot13 and expands the characters affected by the
# rotations to include all 94 normal printable ascii characters.
# ie. chr(33) '!' - chr(126) '~'. The rotations are thus mod 94.
#
# Default rotation if not supplied is 47
############################################################################
sub pwdrot {
my $pwd = shift;
my $degree = (@_ > 0) ? ((shift) % 94) : 47;
if ($degree == 0) {
return $pwd;
}
if (length($pwd) == 0) {
return $pwd;
}
$rangestr = "\\" . sprintf("%03lo",$degree+33) . "-\\176\\041-\\" . sprintf("%03lo",$degree+32);
unless ($pwdrots{$degree}) {
my $rangstr = "\\" . sprintf("%03lo",$degree+33) . "-\\176\\041-\\" . sprintf("%03lo",$degree+32);
$pwdrots{$degree} = eval "sub { \$_[0] =~ tr[\041-\176][$rangstr]; }"
}
$pwdrots{$degree}->($pwd);
return $pwd;
}
############################################################################
# Find rotation notations characterized by a decimal number appearing alone
# on a line, unobfuscate the strings using the given rotation information.
############################################################################
sub process_line {
s/(^\s+)//; #remove indentation if any
if(/^$/) { return; } #ignore blank lines
if(/^#/) { return; } #ignore comments
chomp;
my ($result,$handle,$whitespace,$snmpstring);
($handle,$whitespace,$snmpstring) = split /(\s+)/;
if(!defined($snmpstring)) {
$curdist = int($_);
return;
}
if(!defined($curdist)) {
print "# Rotation undefined, assuming 0 rotation.\n";
$curdist = 0;
}
$result = pwdrot( $snmpstring, $curdist * -1 );
print $handle . $whitespace . $result . "\n";
return;
}
###########################################################################
# Program begins here
#
# Read "string files" given via the command line, and/or piped in.
###########################################################################
if( -t && scalar(@ARGV) == 0 ) {
print " No file supplied!\n";
&Usage;
exit 0;
}
local $curdist;
if(! -t) {
while() {
&process_line;
}
}
if( scalar(@ARGV) > 0 ) {
while (<>) {
&process_line;
}
}
exit;
## ##
#########################################################################
# SNMP community string list
# This list is (or should be) obfuscated, not to be confused with
# the word "encrypted", on purpose. It is obfuscated in an attempt
# to keep these strings from being read on accident, as in someone
# watching over your shoulder. It is trivially easy to convert
# these to the original strings, you do that by running the unobf.pl
# script against this file. If you have the rights to read this,
# you should also have the rights to run that script to see what the
# strings really are.
#
# Format:
# A line with only a number indicates the rotation amount for the
# string lines following that number. Valid rotation amounts
# include 0 to 93 inclusive, though negative and larger numbers
# will be transformed, and non-integers will be truncated into
# integers.
#
# Any string lines that appears before a rotation value is given
# are assumed to be zero, or not rotated. More than one rotation
# value within the file is perfectly valid; that new value will
# be used for the strings following it, up to the next rotation
# value.
#
# string lines are made up of the following:
# Handle or Name of the string
# whitespace
# the (to-be?) obfuscated SNMP string
#########################################################################
####
> cat test.dat
public public
private private
our-read 0uR3ad
our-write 0wR1t3
their-read th31read
their-write theirwrong
blah-blah blah-bl@h
foo-bar barfoobar
##
##
> obf.pl 13 test.dat > t.1
> cat t.1
# Rotational distance was undefined, assuming 0
13
public }$oyvp
private }!v%n#r
our-read =$_@nq
our-write =&_>#@
their-read #u@>!rnq
their-write #urv!&!|{t
blah-blah oynu:oyMu
foo-bar on!s||on!
####
> obf.pl 31 test.dat > t.2
> cat t.2
# Rotational distance was undefined, assuming 0
31
public 16#-*$
private 13*7"5&
our-read O6qR"%
our-write O8qP5R
their-read 5)RP3&"%
their-write 5)&*3830/(
blah-blah #-")L#-_)
foo-bar #"3'00#"3
##
##
> obf.pl 42 test.dat > t.3
> cat t.3
# Rotational distance was undefined, assuming 0
42
public 5B-@1
our-read ZA|]-0
our-write ZC|[@]
their-read @4][>1-0
their-write @415>C>;:3
blah-blah .8-4W.8j4
foo-bar .->2;;.->