crash.software
Projects
Pull Requests
Issues
Builds
DonPAPI
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY DonPAPI Commits fd12ca21
🤬
  • ■ ■ ■ ■ ■
    software/sysadmin/vnc.py
    skipped 38 lines
    39 39   f"[{self.options.target_ip}] exception in do_crypt")
    40 40   self.logging.debug(ex)
    41 41   
    42  - def unhex(self, s):
    43  - try:
    44  - s = codecs.decode(s, 'hex')
    45  - except TypeError as e:
    46  - if e.message == 'Odd-length string':
    47  - self.logging.debug('%s . Chopping last char off... "%s"' % (e.message, s[:-1]))
    48  - s = codecs.decode(s[:-1], 'hex')
    49  - else:
    50  - return False
    51  - return s
    52  - 
    53 42   def reverse_vncpassword(self, hash):
    54 43   try:
    55  - encpasswd = self.unhex(hash)
     44 + encpasswd = hash.hex()
    56 45   pwd = None
    57 46   if encpasswd:
    58 47   # If the hex encoded passwd length is longer than 16 hex chars and divisible
    59 48   # by 16, then we chop the passwd into blocks of 64 bits (16 hex chars)
    60 49   # (1 hex char = 4 binary bits = 1 nibble)
    61  - hexpasswd = codecs.encode(encpasswd, 'hex')
     50 + hexpasswd = bytes.fromhex(encpasswd)
    62 51   if len(hexpasswd) > 16 and (len(hexpasswd) % 16) == 0:
    63 52   splitstr = self.split_len(codecs.encode(hash, 'hex'), 16)
    64 53   cryptedblocks = []
    skipped 1 lines
    66 55   cryptedblocks.append(self.do_crypt(codecs.decode(sblock, 'hex'), True))
    67 56   pwd = b''.join(cryptedblocks)
    68 57   elif len(hexpasswd) <= 16:
    69  - pwd = self.do_crypt(encpasswd, True)
     58 + pwd = self.do_crypt(hash, True)
    70 59   else:
    71  - pwd = self.do_crypt(encpasswd, True)
     60 + pwd = self.do_crypt(hash, True)
    72 61   except Exception as ex:
    73 62   self.logging.debug(f"Exception reverse_vncpassword {hash} ")
    74 63   self.logging.debug(ex)
    skipped 29 lines
    104 93   continue
    105 94   
    106 95   try:
    107  - enc_pwd = myvalue.rstrip('\x00')
     96 + enc_pwd = myvalue.rstrip(b'\x00')
    108 97   self.logging.debug(f"[{self.options.target_ip}] Found VNC {vnc[0]} encoded password in reg {enc_pwd}")
    109 98   # enc_pwd=myvalue
    110 99   except Exception as ex:
    skipped 109 lines
Please wait...
Page is in error, reload to recover