Skip to content

Instantly share code, notes, and snippets.

@jpatters
Last active March 20, 2024 14:29
Show Gist options
  • Save jpatters/4553139 to your computer and use it in GitHub Desktop.
Save jpatters/4553139 to your computer and use it in GitHub Desktop.
Decodes a password from HeidiSQL. HeidiSQL passwords can be found in the registry. Use File -> Export Settings to dump all settings. Great for if you forget a password.
function heidiDecode(hex) {
var str = '';
var shift = parseInt(hex.substr(-1));
hex = hex.substr(0, hex.length - 1);
for (var i = 0; i < hex.length; i += 2)
str += String.fromCharCode(parseInt(hex.substr(i, 2), 16) - shift);
return str;
}
document.write(heidiDecode('755A5A585C3D8141786B3C385E3A393'));
@sjungwirth
Copy link

thanks!

@diegoarigony
Copy link

Awesome, thanks!

@deenfirdoush
Copy link

coool. saved my day

@trevorbicewebdesign
Copy link

I wrote a PHP version if you want to do this server side!
https://gist.github.com/trevorbicewebdesign/6b747ba8e00a2e9f8001

@yoch
Copy link

yoch commented Sep 22, 2016

Thanks ! Here a python version :

def decode(hx):
    shift = int(hx[-1])
    l = [int(hx[i:i+2], 16) for i in range(0, len(hx), 2)]
    return ''.join(chr(v - shift) for v in l)

@wendyliga
Copy link

wendyliga commented Mar 21, 2017

i try to make it more easy
just try this link
http://wendyliga.com/decoder/heidisqldecoder.html

thanks for Trevor Bice for php code

@pmarcus93
Copy link

It's never late to say thank you, right? :)
You guys saved my day too.

@Elektrik1
Copy link

https://github.com/Elektrik1/HeidiSQLDecode
Simple winforms aternative, fetches passwords right from registry, so no need to open/export at all. Quick and easy :)

@taodailOryx
Copy link

Good god, I'm an idiot. Thanks so much for this.

@nstr10
Copy link

nstr10 commented Mar 6, 2018

Thanks, @jpatters! Here, have a PowerShell version with bonus registry lookup:

function Get-HeidiCreds {
	$profile = "user@server"
	$password = (Get-Item -Path registry::HKEY_CURRENT_USER\SOFTWARE\HeidiSQL\Servers\).OpenSubKey($profile.toString()).GetValue("Password").toString()
	$username = (Get-Item -Path registry::HKEY_CURRENT_USER\SOFTWARE\HeidiSQL\Servers\).OpenSubKey($profile.toString()).GetValue("User").toString()
	$shift = [Convert]::ToInt64($password.substring($password.toString().length-1,1))
	$password = $password.substring(0,$password.toString().length-1)
	$str = ""
	for ($i=0; $i -lt $password.length; $i += 2) {
		$val = [Convert]::ToInt64($password.substring($i,2), 16)
		$val = '{0:x1}' -f ($val - $shift)
		$val = $val | ForEach-Object {[Convert]::ToInt32($_,16)} | ForEach-Object {[Convert]::ToChar($_)}
		$str += $val
	}
	$password = $str
	return $username, $password
}

Note: You can use the same method to get credentials for SSH tunnel if configured, just choose those registry keys instead.

@vuhanguyen
Copy link

Thank you so much, it saved my day

@joeyhub
Copy link

joeyhub commented Aug 23, 2018

PHP Decode:

php -r '$p=$argv[1];$s=substr($p,-1); echo implode(array_map(function($c)use($s){return chr($c - $s);},unpack("C*",hex2bin(substr($p,0,-1)))));' 303132333435363738390

Note that PHP's chr wraps negative numbers properly. Not all languages will do this. You may need ($c+256-$s)%256. To test for that you should see if whatever you're using for chr produces the same for 0 - s as 256 - s.

If you're encoding your own password (generating conf)...

php -r 'echo bin2hex("Sweet as a corn that'\''s not yet born."), 0;'

There's no point to bother shifting it. Shifting and hex encoding is so weak it might as well be plain text.

@joeyhub
Copy link

joeyhub commented Aug 23, 2018

@wendyliga Do you have everyone's password now :D?

@Gicheha
Copy link

Gicheha commented Oct 10, 2018

you are a lifesaver

@DRSDavidSoft
Copy link

Thank you!

@yani
Copy link

yani commented Jan 2, 2019

Thanks

@cpereiraweb
Copy link

THANKS A LOT!!!!

@meysam-mo
Copy link

Wow !! ♥ tnx

@rudikom
Copy link

rudikom commented Nov 5, 2019

thank you,,

@Godtooro
Copy link

Godtooro commented Mar 31, 2020

Hi!
Awesome! Thank u! We owe you one.
All the best.

@IsraelIglesiasBIT
Copy link

And how encode a password?

I need to generate a settings file for Heidi with php for my all databases connections?

@jordihernandez
Copy link

Thank you!

@Pes8
Copy link

Pes8 commented Aug 2, 2021

Thank You all :)

@erickcomp
Copy link

Thank you!

@cpc-zdunham
Copy link

@IsraelIglesiasBIT not sure if you still need it considering this comment was two years ago, but here's a PowerShell solution for encoding passwords for Heidi:

    $heidiPass = "password"
    $obfuscatedPass = ''
    $shift = Get-Random -Minimum 1 -Maximum 10

    for ($i = 0; $i -lt $heidiPass.Length; $i++) {
        $char = [int][char]$heidiPass[$i] + $shift
        $hex = $char.ToString("X")
        $obfuscatedPass += $hex
    }
    $obfuscatedPass += $shift.ToString()

@elgarfo
Copy link

elgarfo commented Nov 23, 2022

a javascript snippet to encode a password:

function heidiCrypt(plain) {
  crypted = ""
  shift = Math.floor(Math.random() * 10)
  for(i = 0; i < plain.length; i++) {
    crypted += (plain.charCodeAt(i) + shift).toString(16).toUpperCase();
  }
  return crypted + shift;
}

console.log(heidiCrypt("password"));

@IsraelIglesiasBIT
Copy link

@IsraelIglesiasBIT not sure if you still need it considering this comment was two years ago, but here's a PowerShell solution for encoding passwords for Heidi:

    $heidiPass = "password"
    $obfuscatedPass = ''
    $shift = Get-Random -Minimum 1 -Maximum 10

    for ($i = 0; $i -lt $heidiPass.Length; $i++) {
        $char = [int][char]$heidiPass[$i] + $shift
        $hex = $char.ToString("X")
        $obfuscatedPass += $hex
    }
    $obfuscatedPass += $shift.ToString()

😄 👍

@XIAIX-code
Copy link

Genius. This saved me big time. Thank you!

@an1creator
Copy link

for nodejs and extract host,port,user,password and save to file

https://gist.github.com/an1creator/c1ea0ca5da38253d2e883bc631e4cc64

@ahmad-511
Copy link

Nice, this saved me a few hours to find my old password backup
just in case, here is a MSX BASIC version of the code 😎😁

10 LINE INPUT h$
20 st$ = ""
30 sh = VAL(RIGHT$(h$, 1))
40 h$ = LEFT$(h$, LEN(h$) -1)
50 FOR i = 1 TO LEN(h$) STEP 2
60 st$ = st$ +  CHR$(VAL("&h" + MID$(h$, i, 2)) - sh)
70 NEXT i
80 PRINT st$

If you don't believe me, try it on https://msxpen.com/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment