Created
March 21, 2012 02:38
-
-
Save robinp/2143870 to your computer and use it in GitHub Desktop.
lost Android keystore password recovery utility
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import subprocess as sp | |
import sys | |
# here you define general mutation rules | |
def upperCaseAllTs(x): return x.replace("t", "T") | |
def mySecretStrategy(x): return x.replace("34", "#$") | |
def cap(x): return x.capitalize() | |
# and put the mutator strategies here | |
strats = [upperCaseAllTs, mySecretStrategy, cap] | |
def subsets(lst): | |
""" Returns all subsets of the list """ | |
bound = 1 << len(lst) | |
subs = [] | |
for s in range(0, bound): | |
sub = [] | |
for j in range(0, len(lst)): | |
if ((s >> j) & 1) == 0: sub.append(lst[j]) | |
subs.append(sub) | |
return subs | |
# stores all possible mutator combinations | |
# it is assumed that mutators can be independently applied in any order | |
strat_sets = subsets(strats) | |
# this will accumulate possible passwords | |
collection = set() | |
def variants(accum, parts): | |
""" | |
Depth-first produce all password variants. | |
Note that not all leafs are different, since a mutation strategy may leave a part intact | |
""" | |
if len(parts) == 0: | |
collection.add(accum) | |
else: | |
part = parts[0] | |
for strat_seq in strat_sets: | |
# apply the sequence | |
p0 = part | |
for strat in strat_seq: | |
p0 = strat(p0) | |
variants(accum + p0, parts[1:]) | |
# ok, now you have to call the variants method with the ordered password parts to be mutated and joined | |
# | |
# if you think you had password like FooBarT or fooBar or Bartfoo or the like, then do: | |
variants("", ["foo", "bar"]) | |
variants("", ["foo", "bart"]) | |
variants("", ["bart", "foo"]) | |
variants("", ["foo"]) | |
for c in collection: | |
print ">"+c+"<" | |
# PHASE 1, recover the store password | |
# comment next line in PHASE 2 | |
p = sp.Popen("keytool -list -keystore my.keystore -storepass " + c, stdout = sp.PIPE) | |
# PHASE 2, recover the key password | |
#p = sp.Popen("jarsigner -keystore my.keystore -storepass ThePassIRecoveredInPhase1 -keypass " + c + " -verbose some_unsigned.apk alias_name", stdout = sp.PIPE) | |
ret = p.stdout.readline() | |
print ret | |
rc = p.wait() | |
if rc == 0: | |
print "FOUND", c | |
sys.exit(0) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment