Decrypt symmetric encrypted passwords of plesk stored in "psa" database in table "accounts"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/php | |
| <?php | |
| /* | |
| * Decrypt symmetric encrypted passwords of plesk stored in "psa" database in table "accounts" | |
| * Script has to be run on the plesk server locally | |
| * | |
| * /usr/local/sbin/decrypt-sym | |
| * | |
| */ | |
| error_reporting(E_ERROR | E_WARNING | E_PARSE); | |
| $filename = "/etc/psa/private/secret_key"; | |
| $handle = fopen($filename, "r"); | |
| $key64 = base64_encode(fread($handle, filesize($filename))); | |
| fclose($handle); | |
| function decrypt_password($pass,$key) | |
| { | |
| if($pass == '') | |
| return ''; | |
| $base64encoded_ciphertext = explode('$', $pass); | |
| if($base64encoded_ciphertext[1] == '') | |
| { | |
| return "ERROR, no cipher-name found. Please use single quotes around the encrypted password!\n"; | |
| } else { | |
| return openssl_decrypt(base64_decode($base64encoded_ciphertext[3]), $base64encoded_ciphertext[1], base64_decode($key), OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, base64_decode($base64encoded_ciphertext[2])); | |
| } | |
| } | |
| if (php_sapi_name() != "cli") | |
| { | |
| echo "Script shall run only from shell\n"; | |
| } | |
| if ($argc != 2 || in_array($argv[1], array('--help', '-help', '-h', '-?'))) | |
| { | |
| ?> | |
| Usage: | |
| <?php echo $argv[0]; ?> <option> | |
| <option> Is a base64-encoded encrypted password in plesk, which you would like to decrypt, wrapped in single-quotes to avoid variable expansion | |
| With the --help, -help, -h, or -? options, you can get this help. | |
| <?php | |
| } else { | |
| echo decrypt_password($argv[1], $key64) . "\n"; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment