Skip to content

Instantly share code, notes, and snippets.

@gnanet
Created May 5, 2019 03:37
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save gnanet/99f5e284c0f71032498625368ba67659 to your computer and use it in GitHub Desktop.
Decrypt symmetric encrypted passwords of plesk stored in "psa" database in table "accounts"
#!/usr/bin/php
<?php
/*
* Decrypt symmetric encrypted passwords of plesk stored in "psa" database in table "accounts"
* Script has to be run on the plesk server locally
*
* /usr/local/sbin/decrypt-sym
*
*/
error_reporting(E_ERROR | E_WARNING | E_PARSE);
$filename = "/etc/psa/private/secret_key";
$handle = fopen($filename, "r");
$key64 = base64_encode(fread($handle, filesize($filename)));
fclose($handle);
function decrypt_password($pass,$key)
{
if($pass == '')
return '';
$base64encoded_ciphertext = explode('$', $pass);
if($base64encoded_ciphertext[1] == '')
{
return "ERROR, no cipher-name found. Please use single quotes around the encrypted password!\n";
} else {
return openssl_decrypt(base64_decode($base64encoded_ciphertext[3]), $base64encoded_ciphertext[1], base64_decode($key), OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, base64_decode($base64encoded_ciphertext[2]));
}
}
if (php_sapi_name() != "cli")
{
echo "Script shall run only from shell\n";
}
if ($argc != 2 || in_array($argv[1], array('--help', '-help', '-h', '-?')))
{
?>
Usage:
<?php echo $argv[0]; ?> <option>
<option> Is a base64-encoded encrypted password in plesk, which you would like to decrypt, wrapped in single-quotes to avoid variable expansion
With the --help, -help, -h, or -? options, you can get this help.
<?php
} else {
echo decrypt_password($argv[1], $key64) . "\n";
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment