Last active
October 5, 2022 07:00
-
-
Save lanbugs/2ac443528349b11fbd9ae29eed391c28 to your computer and use it in GitHub Desktop.
Teampass shell exporter - Export all secrets from encrypted teampass database in cleartext
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Teampass Shell Exporter | |
// Written by Maximilian Thoma 2022 | |
// Variables | |
// ************************************************** | |
// Path to sources directory of teampass | |
$path = "/var/www/html/sources"; | |
// Salt from teampass-seckey.txt | |
$salt = "<salt>"; | |
// Database connection | |
$host = "<host>"; | |
$user = "<user>"; | |
$passwd = "<password>"; | |
$dbname = "<db>"; | |
// ************************************************** | |
set_include_path(get_include_path() . PATH_SEPARATOR . $path); | |
chdir($path); | |
$db = mysqli_connect($host, $user, $passwd, $dbname); | |
session_start(); | |
$_SESSION['CPM'] = 1; | |
require_once '../includes/config/settings.php'; | |
require_once 'main.functions.php'; | |
$sql = 'SELECT label, pw, url, login FROM teampass_items'; | |
$req = $db->query($sql); | |
while($row = $req->fetch_object()) { | |
$decpass = $row->pw; | |
$compte = $row->label; | |
$url = $row->url; | |
$login = $row->login; | |
$res = cryption($decpass,$salt,"decrypt"); | |
echo 'Description: '.$compte."\r\n"; | |
echo 'Access link: '.$url."\r\n"; | |
echo 'Login Id: '.$login."\r\n"; | |
echo 'Clear text password: '.$res['string']."\r\n"; | |
echo "#######################################################\r\n"; | |
} | |
$db->close(); | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment