search

HyperSine / how-does-SecureCRT-encrypt-password

Transferred from https://github.com/DoubleLabyrinth/how-does-SecureCRT-encrypt-password
270 stars 101 forks source link

Question about the Config Password #5

Closed JessePeden closed 1 year ago

JessePeden commented 1 year ago

This script works without any issues when the config password is known, but what about if that's NOT known? When you attempt to decerypt a stored session's password without supplying the config password (using -p ) in the string, you get back an error message about invalid cypher text length. For example, if you have the .ini files from a former employee's saved sessions but don't know the config password they used to get into SecureCRT, how do you decrypt the stored session's hash?

HyperSine commented 1 year ago

SecureCRT will store config passphrase in %APPDATA%\VanDyke\Config\Global.ini. However, the config passphrase in Global.ini is also encrypted by the config passphrase itself. That is why SecureCRT will ask user input passphrase when it starts up. Because if user doesn't provide passphrase, SecureCRT will not be able to decrypt passwords in session .ini files.

So, for your question, I think there is no easy ways to reveal those passwords if you don't know the config passphrase, except brute-force crack.

JessePeden commented 1 year ago

SecureCRT will store config passphrase in %APPDATA%\VanDyke\Config\Global.ini. However, the config passphrase in Global.ini is also encrypted by the config passphrase itself. That is why SecureCRT will ask user input passphrase when it starts up. Because if user doesn't provide passphrase, SecureCRT will not be able to decrypt passwords in session .ini files.

So, for your question, I think there is no easy ways to reveal those passwords if you don't know the config passphrase, except brute-force crack.

That was my conclusion as well, but I wanted to ask in case I was missing something.