Created
December 15, 2021 16:31
-
-
Save Crypt0s/82b778e89437cacdde65b22977aaab15 to your computer and use it in GitHub Desktop.
Apache Geronimo Simple Encryption Password Decrypter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
from Crypto.Cipher import AES #https://pycryptodome.readthedocs.io/en/latest/src/cipher/cipher.html | |
import javaobj #https://pypi.org/project/javaobj-py3/ | |
import struct | |
import base64 | |
import sys | |
if len(sys.argv) < 2: | |
print("Usage:\n\tpython3 decrypt_geronimo.py [base64_{SIMPLE} Value]") | |
# hardcoded Apache Geronimo key: https://github.com/apache/geronimo/blob/trunk/framework/modules/geronimo-crypto/src/main/java/org/apache/geronimo/crypto/SimpleEncryption.java#L46 | |
key = [-45, -15, 100, -34, 70, 83, 75, -100, -75, 61, 26, 114, -20, -58, 114, 77] | |
key = struct.pack('bbbbbbbbbbbbbbbb',*key) | |
# Geronimo {simple} and {standard} passwords will actually be a base64-encoded Java sealed object | |
# Example: | |
#"rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2JqZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW50cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWxncQB+AAJ4cHB1cgACW0Ks8xf4BghU4AIAAHhwAAAAEHnh03EmiNu4VTuWH+xZiRBwdAADQUVT" | |
sealed_object = sys.argv[1] | |
sealed_object = base64.b64decode(sealed_object) | |
# The sealed object contents can be accessed with some help from the javaobj python library which can parse serialized java object strings. | |
sealed_object = javaobj.loads(sealed_object) | |
ciphertext = sealed_object.encryptedContent._data | |
ciphertext = struct.pack('b'*len(ciphertext), *ciphertext) | |
# The simple encryption uses "AES" as the cipher, which by default in Java will be AES MODE_ECB. | |
ecb = AES.new(key, AES.MODE_ECB) | |
plaintext = ecb.decrypt(ciphertext) | |
# this will print out the raw serialized object, but the password will show up as plaintext. | |
print(plaintext) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment