Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Decodes a password from HeidiSQL. HeidiSQL passwords can be found in the registry. Use File -> Export Settings to dump all settings. Great for if you forget a password.
function heidiDecode(hex) {
var str = '';
var shift = parseInt(hex.substr(-1));
hex = hex.substr(0, hex.length - 1);
for (var i = 0; i < hex.length; i += 2)
str += String.fromCharCode(parseInt(hex.substr(i, 2), 16) - shift);
return str;
Copy link

hao365 commented Oct 10, 2015

Thank you!

Copy link

IljaN commented Nov 16, 2015

Thanks 👍

Copy link

dborsatto commented Jan 14, 2016

Thanks, I fired up a console in Firefox and retrieved my password!

Copy link

sjungwirth commented Mar 23, 2016


Copy link

diegoarigony commented Mar 29, 2016

Awesome, thanks!

Copy link

deenfirdoush commented Mar 31, 2016

coool. saved my day

Copy link

trevorbicewebdesign commented Apr 11, 2016

I wrote a PHP version if you want to do this server side!

Copy link

yoch commented Sep 22, 2016

Thanks ! Here a python version :

def decode(hx):
    shift = int(hx[-1])
    l = [int(hx[i:i+2], 16) for i in range(0, len(hx), 2)]
    return ''.join(chr(v - shift) for v in l)

Copy link

wendyliga commented Mar 21, 2017

i try to make it more easy
just try this link

thanks for Trevor Bice for php code

Copy link

pmarcus93 commented Apr 6, 2017

It's never late to say thank you, right? :)
You guys saved my day too.

Copy link

Elektrik1 commented May 20, 2017
Simple winforms aternative, fetches passwords right from registry, so no need to open/export at all. Quick and easy :)

Copy link

taodailOryx commented Feb 8, 2018

Good god, I'm an idiot. Thanks so much for this.

Copy link

nstr10 commented Mar 6, 2018

Thanks, @jpatters! Here, have a PowerShell version with bonus registry lookup:

function Get-HeidiCreds {
	$profile = "user@server"
	$password = (Get-Item -Path registry::HKEY_CURRENT_USER\SOFTWARE\HeidiSQL\Servers\).OpenSubKey($profile.toString()).GetValue("Password").toString()
	$username = (Get-Item -Path registry::HKEY_CURRENT_USER\SOFTWARE\HeidiSQL\Servers\).OpenSubKey($profile.toString()).GetValue("User").toString()
	$shift = [Convert]::ToInt64($password.substring($password.toString().length-1,1))
	$password = $password.substring(0,$password.toString().length-1)
	$str = ""
	for ($i=0; $i -lt $password.length; $i += 2) {
		$val = [Convert]::ToInt64($password.substring($i,2), 16)
		$val = '{0:x1}' -f ($val - $shift)
		$val = $val | ForEach-Object {[Convert]::ToInt32($_,16)} | ForEach-Object {[Convert]::ToChar($_)}
		$str += $val
	$password = $str
	return $username, $password

Note: You can use the same method to get credentials for SSH tunnel if configured, just choose those registry keys instead.

Copy link

vuhanguyen commented May 16, 2018

Thank you so much, it saved my day

Copy link

joeyhub commented Aug 23, 2018

PHP Decode:

php -r '$p=$argv[1];$s=substr($p,-1); echo implode(array_map(function($c)use($s){return chr($c - $s);},unpack("C*",hex2bin(substr($p,0,-1)))));' 303132333435363738390

Note that PHP's chr wraps negative numbers properly. Not all languages will do this. You may need ($c+256-$s)%256. To test for that you should see if whatever you're using for chr produces the same for 0 - s as 256 - s.

If you're encoding your own password (generating conf)...

php -r 'echo bin2hex("Sweet as a corn that'\''s not yet born."), 0;'

There's no point to bother shifting it. Shifting and hex encoding is so weak it might as well be plain text.

Copy link

joeyhub commented Aug 23, 2018

@wendyliga Do you have everyone's password now :D?

Copy link

Gicheha commented Oct 10, 2018

you are a lifesaver

Copy link

DRSDavidSoft commented Dec 25, 2018

Thank you!

Copy link

yani commented Jan 2, 2019


Copy link

cpereiraweb commented Jan 31, 2019


Copy link

meysam-mo commented Feb 24, 2019

Wow !! tnx

Copy link

rudikom commented Nov 5, 2019

thank you,,

Copy link

Godtooro commented Mar 31, 2020

Awesome! Thank u! We owe you one.
All the best.

Copy link

IsraelIglesiasBIT commented Apr 3, 2020

And how encode a password?

I need to generate a settings file for Heidi with php for my all databases connections?

Copy link

jordihernandez commented Jun 30, 2020

Thank you!

Copy link

Pes8 commented Aug 2, 2021

Thank You all :)

Copy link

erickcomp commented Apr 25, 2022

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment