Skip to content

Instantly share code, notes, and snippets.

@sh4dowb

sh4dowb/decrypt_ruby_MessageEncryptor.py

Created April 8, 2021 07:34
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sh4dowb/0596fc4283a5b404132ef72b7d1a23de to your computer and use it in GitHub Desktop.
Save sh4dowb/0596fc4283a5b404132ef72b7d1a23de to your computer and use it in GitHub Desktop.
Download ZIP
Decrypt Ruby's ActiveSupport::MessageEncryptor on Python 3
Raw
decrypt_ruby_MessageEncryptor.py
import hashlib
import base64
from Crypto import Random
from Crypto.Cipher import AES
import rubymarshal.reader
from pbkdf2 import PBKDF2
SECRET = "a3f58debfe0c5b71edaebea3a627f4f"
SALT = "12345"
ITERATIONS = 65536
KEY_LENGTH = 32
ruby_encrypted_message = "" # "salt.base64message--base64salt--base64signature"
# we dont check for signature
parts = ruby_encrypted_message.split(".")[1].split("--")
key = PBKDF2(SECRET, SALT, ITERATIONS).read(KEY_LENGTH)
ciphertext = parts[0]
iv = parts[1]
aes = AES.new(key, AES.MODE_GCM, iv)
aes.decrypt(ciphertext)
data = rubymarshal.reader.loads(decrypted)
print(data) # plaintext
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment