Last active
January 10, 2018 14:24
-
-
Save NRockhouse/cfd301435151e20ec834258389122115 to your computer and use it in GitHub Desktop.
Telekom Malaysia (TM) Innacomm ADSL-MARITIME-W3410N Router Backup Configuration File Decrypter & Encrypter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# ============================================================= | |
# Telekom Malaysia (TM) Innacomm ADSL-MARITIME-W3410N | |
# Router Configuration Settings Backup File Decryption Tool | |
# | |
# This Python script is used to decrypt the backup configuration | |
# settings file of the TM Innacomm ADSL-MARITIME-W3410N (which | |
# is apparently a rebranded PROLiNK ADSL2 PRS1241B modem according | |
# to blog.fpmurphy.com). The usage is pretty self-explanatory | |
# so I won't make a whole guide about it, it will decrypt an | |
# encrypted file and encrypt a decrypted file if given (which | |
# is just how XOR encryption works). Redistribution is allowed | |
# but credits must be given, also feel free to use this as a | |
# wrapper to decrypt XOR-encrypted files by changing the | |
# "secretkey" variable. The XOR key used for this decryption tool | |
# is discovered through personal research and not obtained through | |
# other public articles. I found that article only after I finished | |
# making this decryption tool. | |
# | |
# By NRockhouse (https://blog.rockhouse.ga/) | |
# | |
# DISCLAIMER: This tool is released for testing and | |
# educational purposes only. Please do not use it for | |
# any malicious intent. | |
# | |
# REFERENCES: | |
# 1. https://stackoverflow.com/a/2612730/3123557 | |
# 2. https://www.tutorialspoint.com/python/python_command_line_arguments.htm | |
# ============================================================= | |
import sys | |
from os.path import isfile | |
def main(argv): | |
xorWord = lambda ss,cc: ''.join(chr(ord(s)^ord(c)) for s,c in zip(ss,cc*1000)) | |
secretkey = "\x81\x8c\x8d\x80\x9b\x9d\x90\x9c\xa5\xa9\xad\xa0\xb8\xa9\xf5\xb8\xb5\xb8\xb8\xd0\xc0\xc5\xc4\xa2\xcd\xcc\xc5\xca\xd4\xdb\xe9\xdc\xd3\xde\xac\xd8\xeb\xe7\x9d\xaa\xe9\xff\xfb\xfa\xe0\xef\x9e\x94\xe1\xe1\x8d\xa9\xfd\xfe\xf5\x8a\x85\x87\xbe\x8c\x00\x8e\x8a\xf8\x00\x8a\xe4\xc9\x88\x85\xc7\x80\x84\x84\x87\x84\x9a\xf6\xf0\xa8\x95\x98\x93\x80\xa1\xbc\xf9\xa4\xaf\x96\xa9\xa3\xad\x81\xef\xe7\xdd\xb9\xf6\xd2\xd6\xd1\x8b\xd8\xc6\xf0\xc8\xc4\xc9\xb6\xc1\x88\xb5\xb4\xb1\xbe\xba\xf9\xab\xb8\xb3\xb0\xd5\xb0\x00\xa8\xc5\xa1\xd2\xec\xce\xff\xe5\xe8\xc9\x90\xe3\xae\xa5\xea\x8b\x8a\xd5\xa8\xbf\xda\xc8\xa2\xa2\xf9\xe4\xfc\xb4\xb5\xb7\xb5\xa1\xad\xab\xaf\xe5\xd4\xe1\xe5\xe0\xaa\xeb\x93\xe3\xc6\xcd\xa0\x84\xa3\xdf\x94\xaa\xae\xe3\xe0\xa5\x8e\xdc\x8b\x99\xf4\x90\xcf\x90\xa6\xb4\xb8\xc4\xd6\x97\xf6\xc4\xcc\xc4\xb1\xce\xc2\xf2\x87\xd6\xd2\xca\x9c\xd1\x86\x80\xde\x00\xd1\xfd\xb4\xb0\xbe\xd8\xb2\xb0\xc9\xc9\xc2\x00\xf0\xac\xfe\xea\x8f\x8e\xbd\xd1\x91\x85\xc0\xa2\xbd\xf1\xfc\xac\x85\x9f\xd8\xfc\xe3\xc8\xa8\x8c\x94\x94\xb6\x98\xcd\x95\xa6" | |
inputfile = outputfile = text = '' | |
action = 0 # 0 = decryption, 1 = encryption | |
if '-h' in argv or '--help' in argv or len(argv) < 2: | |
print "[*] Usage: %s [-o <outputfile>] <inputfile>" % argv[0] | |
sys.exit() | |
for i in range(1,len(argv)): | |
if argv[i] == '-o': | |
outputfile = argv[i+1] | |
elif argv[i-1] != '-o' and argv[i][0] != '-': | |
inputfile = argv[i] | |
if(isfile(inputfile)): | |
f = open(inputfile,"r") | |
text = f.read() | |
f.close() | |
if text[0:24] == "<Config_Information_File": | |
print "[*] Decrypted router configuration file detected. Encrypting..." | |
text = xorWord(text, secretkey) | |
action = 0 | |
elif text[0:24] == xorWord("<Config_Information_File", secretkey): | |
print "[*] Encrypted router configuration file detected. Decrypting..." | |
text = xorWord(text, secretkey) | |
action = 1 | |
else: | |
print "[*] Unable to recognize configuration file. Exiting..." | |
else: | |
print "[*] Cannot find file \'%s\'" % inputfile | |
if(outputfile == ''): | |
print "[*] Dumping %s file..." % ("decrypted" if not action else "encrypted") | |
print "" | |
print text | |
else: | |
if(isfile(outputfile)): | |
answer = raw_input("[*] The file \'%s\' exists, are you sure you want to replace the file? [y/N] " % outputfile) | |
if answer.lower() in ('y','yes'): | |
pass | |
else: | |
sys.exit() | |
f = open(outputfile,"w") | |
f.write(text) | |
f.close() | |
print "[*] Configuration settings backup file %s successfully and saved to \'%s\'. Exiting..." % (("decrypted" if not action else "encrypted"),outputfile) | |
if __name__ == "__main__": | |
main(sys.argv) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment