gnanet/decrypt-sym-pass-plesk.php

## decrypt-sym-pass-plesk.php
#!/usr/bin/php
<?php
/*
 * Decrypt symmetric encrypted passwords of plesk stored in "psa" database in table "accounts"
 * Script has to be run on the plesk server locally
 *
 * /usr/local/sbin/decrypt-sym
 *
 */


error_reporting(E_ERROR | E_WARNING | E_PARSE);

$filename = "/etc/psa/private/secret_key";
$handle = fopen($filename, "r");
$key64 = base64_encode(fread($handle, filesize($filename)));
fclose($handle);

function decrypt_password($pass,$key)
{
    if($pass == '')
        return '';

    $base64encoded_ciphertext = explode('$', $pass);
    if($base64encoded_ciphertext[1] == '')
    {
        return "ERROR, no cipher-name found. Please use single quotes around the encrypted password!\n";
    } else {
        return openssl_decrypt(base64_decode($base64encoded_ciphertext[3]), $base64encoded_ciphertext[1], base64_decode($key), OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, base64_decode($base64encoded_ciphertext[2]));
    }
}


if (php_sapi_name() != "cli")
{
    echo "Script shall run only from shell\n";
}

if ($argc != 2 || in_array($argv[1], array('--help', '-help', '-h', '-?')))
{
?>
Usage:
  <?php echo $argv[0]; ?> <option>

  <option> Is a base64-encoded encrypted password in plesk, which you would like to decrypt, wrapped in single-quotes to avoid variable expansion
  With the --help, -help, -h, or -? options, you can get this help.

<?php
} else {
    echo decrypt_password($argv[1], $key64) . "\n";
}
	#!/usr/bin/php
	<?php
	/*
	* Decrypt symmetric encrypted passwords of plesk stored in "psa" database in table "accounts"
	* Script has to be run on the plesk server locally
	*
	* /usr/local/sbin/decrypt-sym
	*
	*/


	error_reporting(E_ERROR \| E_WARNING \| E_PARSE);

	$filename = "/etc/psa/private/secret_key";
	$handle = fopen($filename, "r");
	$key64 = base64_encode(fread($handle, filesize($filename)));
	fclose($handle);

	function decrypt_password($pass,$key)
	{
	if($pass == '')
	return '';

	$base64encoded_ciphertext = explode('$', $pass);
	if($base64encoded_ciphertext[1] == '')
	{
	return "ERROR, no cipher-name found. Please use single quotes around the encrypted password!\n";
	} else {
	return openssl_decrypt(base64_decode($base64encoded_ciphertext[3]), $base64encoded_ciphertext[1], base64_decode($key), OPENSSL_RAW_DATA \| OPENSSL_NO_PADDING, base64_decode($base64encoded_ciphertext[2]));
	}
	}


	if (php_sapi_name() != "cli")
	{
	echo "Script shall run only from shell\n";
	}

	if ($argc != 2 \|\| in_array($argv[1], array('--help', '-help', '-h', '-?')))
	{
	?>
	Usage:
	<?php echo $argv[0]; ?> <option>

	<option> Is a base64-encoded encrypted password in plesk, which you would like to decrypt, wrapped in single-quotes to avoid variable expansion
	With the --help, -help, -h, or -? options, you can get this help.

	<?php
	} else {
	echo decrypt_password($argv[1], $key64) . "\n";
	}