Decrypt symmetric encrypted passwords of plesk stored in "psa" database in table "accounts"
#!/usr/bin/php | |
<?php | |
/* | |
* Decrypt symmetric encrypted passwords of plesk stored in "psa" database in table "accounts" | |
* Script has to be run on the plesk server locally | |
* | |
* /usr/local/sbin/decrypt-sym | |
* | |
*/ | |
error_reporting(E_ERROR | E_WARNING | E_PARSE); | |
$filename = "/etc/psa/private/secret_key"; | |
$handle = fopen($filename, "r"); | |
$key64 = base64_encode(fread($handle, filesize($filename))); | |
fclose($handle); | |
function decrypt_password($pass,$key) | |
{ | |
if($pass == '') | |
return ''; | |
$base64encoded_ciphertext = explode('$', $pass); | |
if($base64encoded_ciphertext[1] == '') | |
{ | |
return "ERROR, no cipher-name found. Please use single quotes around the encrypted password!\n"; | |
} else { | |
return openssl_decrypt(base64_decode($base64encoded_ciphertext[3]), $base64encoded_ciphertext[1], base64_decode($key), OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, base64_decode($base64encoded_ciphertext[2])); | |
} | |
} | |
if (php_sapi_name() != "cli") | |
{ | |
echo "Script shall run only from shell\n"; | |
} | |
if ($argc != 2 || in_array($argv[1], array('--help', '-help', '-h', '-?'))) | |
{ | |
?> | |
Usage: | |
<?php echo $argv[0]; ?> <option> | |
<option> Is a base64-encoded encrypted password in plesk, which you would like to decrypt, wrapped in single-quotes to avoid variable expansion | |
With the --help, -help, -h, or -? options, you can get this help. | |
<?php | |
} else { | |
echo decrypt_password($argv[1], $key64) . "\n"; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment