#include #include /* * by W.J.hengeveld sep 1995 * itsme@xs4all.nl * * novell rconsole password encryption decoder * */ typedef unsigned char byte; /* // example: encrypted // "GEZOND", 00000002,02608ca7e9aa -> 47455a4d4c248c9c // decrypt with command: // rcon 47455a4d4c248c9c 00000002 02608ca7e9aa */ /* rspc socket nr = 8104 only the first 8 characters of the password are significant. So this encryption basically stinks. 0cc4 ; ref *00ab0 ; 'rconsole decryption' ; bp+8 = crypted password ; bp+c = internetwork address 00cc4 push ebp 00cc5 mov ebp,esp 00cc7 push eax 00cc8 push ebx 00cc9 push esi 00cca push edi 00ccb mov edi,dword ptr [ebp+08] - pw 00cce mov esi,dword ptr [ebp+0c] - addr 00cd1 sub eax,eax 00cd3 mov byte ptr [ebp-01],al ; i=0 00cd6 mov ebx,eax ; l=0 00cd8 mov al,byte ptr [ebp-01] 00cdb cmp al,80 ; while (i<0x80) 00cdd jae 0d00 00cdf movzx eax,al 00ce2 movzx ebx,bl 00ce5 mov dl,byte ptr [esi+ebx] 00ce8 xor byte ptr [edi+eax],dl ; pw[i]^=addr[i%10] 00ceb add byte ptr [esi+ebx],15 ; addr[i%10]+=0x15 00cef inc byte ptr [ebp-01] ; i++ 00cf2 xchg eax,ebx 00cf3 inc eax 00cf4 cdq 00cf5 mov ecx,0000000a 00cfa idiv ecx 00cfc mov ebx,edx 00cfe jmp 0cd8 0d00 ; ref 00cdd 00d00 pop edi 00d01 pop esi 00d02 pop ebx 00d03 leave 00d04 ret */ void rconscrypt(char *pw, char *nodeaddr) { int l=strlen(pw+1); int c,d; c=pw[0]; while (l<0x80) { if (pw[l]==pw[l+1]) { pw[l]=c; c=(c*237+1)%256; } l++; } d=0; c=0; do { pw[d]^=nodeaddr[c]; nodeaddr[c]+=21; d++; c=(c+1)%10; } while (d<0x80); } void rcdecr(byte *pw, byte *addr) { int i; for (i=0 ; i<128 ; i++) { pw[i]^=addr[i%10]; addr[i%10]+=0x15; } } void dumpasc(byte *p, int max, int n) { while (n--) { if (max>0) { if (*p<' ') putchar('.'); else putchar(*p); p++; max--; } else printf(" "); } } void dumphex(byte *p, int max, int n) { while (n--) { if (max>0) { printf("%02x ", *p++); max--; } else printf(" "); } } void dump(byte *pkt,int len) { int i; for (i=0 ; i='0' && c<='9') return c-'0'; else if (c>='A' && c<='F') return c-'A'+10; else if (c>='a' && c<='f') return c-'a'+10; return 0; } void shl(byte *b, int n) { while (n--) { b[0] = (b[0]<<4)|(b[1]>>4); b++; } b[-1]&=0xf0; } void gethex(char *s, byte *b, int n) { byte c; memset(b, n, 0); while (*s) { c=getnybl(*s++); shl(b,n); b[n-1]|=c; } } void main(int argc, char **argv) { byte addr[10]; char pw[130]; if (argc!=4) { printf("Usage: rcpw \n"); } memset(pw, 0, sizeof(pw)); gethex(argv[1],pw,8); gethex(argv[2],addr,4); gethex(argv[3],addr+4, 6); rcdecr(pw,addr); printf("decrypted pw:\n"); dump(pw, 16); printf("node address after encryption:\n"); dump(addr,10); }