Home  >  Article  >  Database  >  A brief analysis of how to view connected and saved passwords in Navicat

A brief analysis of how to view connected and saved passwords in Navicat

青灯夜游
青灯夜游forward
2022-03-02 10:59:5613882browse

How to check NavicatThe database password that has been connected and saved? The following article will introduce to you how to view the saved passwords of Navicat. I hope it will be helpful to you!

A brief analysis of how to view connected and saved passwords in Navicat

When using Navicat, I habitually save the password. Over time, I will forget the database password, which is very uncomfortable,

But , here is a trick, you can view the password saved by navicat connection

First export the connection

Export the connection and get the connections.ncx file

A brief analysis of how to view connected and saved passwords in Navicat

Remember the export password here! ! ! Otherwise, the exported file does not contain the encrypted password

A brief analysis of how to view connected and saved passwords in Navicat

Then find the value of the password field in the file

Copy him out

A brief analysis of how to view connected and saved passwords in Navicat

Start deciphering the password

Thanks to a big guy on Github for writing I have a program; you can directly crack the encrypted password

The program is PHP; if PHP is not installed locally, it doesn’t matter, just find a tool that runs online https://tool.lu/coderunner/

Just paste the code

Then replace the value in the second to last line with the encrypted password you just copied, and then run it

$decode = $navicatPassword->decrypt('999239DEBFA1960BCCB12566F1F417A6');

A brief analysis of how to view connected and saved passwords in Navicat

version = $version;
        $this->blowKey = sha1('3DC5CA39', true);
        $this->blowIv = hex2bin('d9c7c3c8870d64bd');
    }
    
    public function encrypt($string)
    {
        $result = FALSE;
        switch ($this->version) {
            case 11:
                $result = $this->encryptEleven($string);
                break;
            case 12:
                $result = $this->encryptTwelve($string);
                break;
            default:
                break;
        }
        
        return $result;
    }
    
    protected function encryptEleven($string)
    {
        $round = intval(floor(strlen($string) / 8));
        $leftLength = strlen($string) % 8;
        $result = '';
        $currentVector = $this->blowIv;
        
        for ($i = 0; $i < $round; $i++) {
            $temp = $this->encryptBlock($this->xorBytes(substr($string, 8 * $i, 8), $currentVector));
            $currentVector = $this->xorBytes($currentVector, $temp);
            $result .= $temp;
        }
        
        if ($leftLength) {
            $currentVector = $this->encryptBlock($currentVector);
            $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector);
        }
        
        return strtoupper(bin2hex($result));
    }
    
    protected function encryptBlock($block)
    {
        return openssl_encrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA|OPENSSL_NO_PADDING); 
    }
    
    protected function decryptBlock($block)
    {
        return openssl_decrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA|OPENSSL_NO_PADDING); 
    }
    
    protected function xorBytes($str1, $str2)
    {
        $result = '';
        for ($i = 0; $i < strlen($str1); $i++) {
            $result .= chr(ord($str1[$i]) ^ ord($str2[$i]));
        }
        
        return $result;
    }
    
    protected function encryptTwelve($string)
    {
        $result = openssl_encrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv);
        return strtoupper(bin2hex($result));
    }
    
    public function decrypt($string)
    {
        $result = FALSE;
        switch ($this->version) {
            case 11:
                $result = $this->decryptEleven($string);
                break;
            case 12:
                $result = $this->decryptTwelve($string);
                break;
            default:
                break;
        }
        
        return $result;
    }
    
    protected function decryptEleven($upperString)
    {
        $string = hex2bin(strtolower($upperString));
        
        $round = intval(floor(strlen($string) / 8));
        $leftLength = strlen($string) % 8;
        $result = '';
        $currentVector = $this->blowIv;
        
        for ($i = 0; $i < $round; $i++) {
            $encryptedBlock = substr($string, 8 * $i, 8);
            $temp = $this->xorBytes($this->decryptBlock($encryptedBlock), $currentVector);
            $currentVector = $this->xorBytes($currentVector, $encryptedBlock);
            $result .= $temp;
        }
        
        if ($leftLength) {
            $currentVector = $this->encryptBlock($currentVector);
            $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector);
        }
        
        return $result;
    }
    
    protected function decryptTwelve($upperString)
    {
        $string = hex2bin(strtolower($upperString));
        return openssl_decrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv);
    }
}
 
 
use FatSmallTools\NavicatPassword;
 
//需要指定版本,11或12
$navicatPassword = new NavicatPassword(12);
//$navicatPassword = new NavicatPassword(11);
 
//解密
//$decode = $navicatPassword->decrypt('15057D7BA390');
$decode = $navicatPassword->decrypt(&#39;999239DEBFA1960BCCB12566F1F417A6&#39;);
echo $decode."\n";

Related recommendations: navicat tutorial

The above is the detailed content of A brief analysis of how to view connected and saved passwords in Navicat. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:cnblogs.com. If there is any infringement, please contact admin@php.cn delete