IPSwitch WS_FTP ?

Vasili · **Joined:** 30 Apr 2009 21:06 **Posts:** 22

What algorithm does IPSwitch WS_FTP use to encrypt their stored passwords?
the password show look like this :
_oEEbbzFf0RwTeVzP1MnsYYAwMcERCjz6tn9WJAs9LKV5aDNbZSAfmw==
not crypted is :
3907841

Thanks

aluigi · **Posted:** 11 Jun 2009 16:56

get my decoder from http://aluigi.org/pwdrec/wsftppwd.zip
then create a new file (for example call it test.txt) and put that password in it using a syntax like the following:

Code:

PWD="_oEEbbzFf0RwTeVzP1MnsYYAwMcERCjz6tn9WJAs9LKV5aDNbZSAfmw=="

Vasili · **Joined:** 30 Apr 2009 21:06 **Posts:** 22

Thanks aluigi didnt saw this but yeah i have a hard work ...
as i dont know the c langage is hard for me to convert it to c
altought i may need the password algo in theory...

Thanks

aluigi · **Posted:** 11 Jun 2009 17:48

the algorithm is very trivial because it's just the usage of some openssl functions.
first you must decode the string with base64 to obtain the sequence of bytes (remember to skip the first _ char of the string before you decode it) and then:

Code:

    unsigned char       key[] =
                        "\xE1\xF0\xC3\xD2\xA5\xB4\x87\x96\x69\x78\x4B\x5A\x2D\x3C\x0F\x1E"
                        "\x34\x12\x78\x56\xab\x90\xef\xcd";
    EVP_CIPHER_CTX      ctx;

    EVP_CIPHER_CTX_init(&ctx);
    EVP_DecryptInit(&ctx, EVP_des_ede3_cbc(), key, key + 16);
    EVP_DecryptUpdate(&ctx, pwd, &len, pwd, len);
    EVP_CIPHER_CTX_cleanup(&ctx);

where:
- key is that sequence of 24 bytes
- pwd is the sequence of bytes
- len is their length

that's all :)

Vasili · **Joined:** 30 Apr 2009 21:06 **Posts:** 22

ok Thanks aluigi i hope i understand what you mean
ok first step done
old

Code:

PWD="_oEEbbzFf0RwTeVzP1MnsYYAwMcERCjz6tn9WJAs9LKV5aDNbZSAfmw=="

remove the first _ char of the string and decode it it show now

Code:

PWD="Ao1_??y\????????a???01??
<????V$=,??yh3[e ???"

ok now i dont have any idea how to implement cipher on vb6 :s
hope you can help me to sort this cause i really need to decrypt it

aluigi · **Posted:** 11 Jun 2009 22:57

I know only C and the openssl functions are there so I can't do much.
anyway the resulted string you have pasted is ok so the first part is done.

Vasili · **Joined:** 30 Apr 2009 21:06 **Posts:** 22

hmm searching around on some forums via google , and found a guy who is searching the same as me

Code:

http://www.xtremevbtalk.com/showthread.php?t=304177

but doesnt help...
i really appreciate your help Aluigi but the bad luck is that you dont code on vb6...
i hope someone here with vb6 knowledge can help to bypass this

Thanks

aluigi · **Posted:** 12 Jun 2009 15:03

uhmm let me resume: I have made the reversing job, I have released the decoder, I have released the full source code of the decoder, I have even highlighted the part of code which does the job which simply uses the functions of one of the most used libraries on the world... a cappuccino? coffee and brioches, no? :)

oh come on, never let the other people to do the work you can do alone otherwise it's better to disconnect the brain because becomes useless.

mrt · **Joined:** 08 Nov 2010 11:36 **Posts:** 2

Please, tell me, can i decrypt ws_ftp pass with the help of wincrypt functions (CryptAcquireContext, CryptDecrypt and etc.) ?

OpenSSL static lib is too big for me :)

Luigi Auriemma

IPSwitch WS_FTP ?