当前位置:物联沃-IOTWORD物联网 > 技术教程 > 查看Navicat已保存的数据库连接密码
代码收藏家代码收藏家 技术教程

查看Navicat已保存的数据库连接密码

前提条件:数据库密码忘记了,但是在Navicat连接过且目前能连接上的状态!

1.导出数据库连接 connections.ncx 文件

选择你要导出密码的数据库连接,切记要勾上导出密码

2.使用文本编辑工具打开导出的connections.ncx 文件

找到Password="",将双引号中间的密码复制出来使用下面的Java程序或PHP程序进行解密!

3.解密 – 使用Java程序进行解密

Java在线运行环境:代码在线运行 – 在线工具,进入选择Java,将以下代码复制到在线运行环境中

选择你自己的Navicat版本,把代码中的密码替换为你自己connections.ncx文件中的密码,然后执行即可输出(实测Navicat16可以成功解密)

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.Arrays;

public class NavicatPassword {
	public static void main(String[] args) throws Exception {
		NavicatPassword navicatPassword = new NavicatPassword();

		// Navicat 11及以前的版本
        // String decode = navicatPassword.decrypt("你的密码", 11);

		// Navicat 12及以后的版本
		String decode = navicatPassword.decrypt("你的密码", 12);

		System.out.println(decode);
	}

	private static final String AES_KEY = "libcckeylibcckey";
	private static final String AES_IV = "libcciv libcciv ";
	private static final String BLOW_KEY = "3DC5CA39";
	private static final String BLOW_IV = "d9c7c3c8870d64bd";

	public static String encrypt(String plaintext, int version) throws Exception {
		switch (version) {
			case 11:
				return encryptEleven(plaintext);
			case 12:
				return encryptTwelve(plaintext);
			default:
				throw new IllegalArgumentException("Unsupported version");
		}
	}

	public static String decrypt(String ciphertext, int version) throws Exception {
		switch (version) {
			case 11:
				return decryptEleven(ciphertext);
			case 12:
				return decryptTwelve(ciphertext);
			default:
				throw new IllegalArgumentException("Unsupported version");
		}
	}

	private static String encryptEleven(String plaintext) throws Exception {
		byte[] iv = hexStringToByteArray(BLOW_IV);
		byte[] key = hashToBytes(BLOW_KEY);

		int round = plaintext.length() / 8;
		int leftLength = plaintext.length() % 8;
		StringBuilder result = new StringBuilder();
		byte[] currentVector = iv.clone();

		Cipher cipher = Cipher.getInstance("Blowfish/ECB/NoPadding");
		SecretKeySpec secretKeySpec = new SecretKeySpec(key, "Blowfish");
		cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);

		for (int i = 0; i < round; i++) {
			byte[] block = xorBytes(plaintext.substring(i * 8, (i + 1) * 8).getBytes(), currentVector);
			byte[] temp = cipher.doFinal(block);
			currentVector = xorBytes(currentVector, temp);
			result.append(bytesToHex(temp));
		}

		if (leftLength > 0) {
			currentVector = cipher.doFinal(currentVector);
			byte[] block = xorBytes(plaintext.substring(round * 8).getBytes(), currentVector);
			result.append(bytesToHex(block));
		}

		return result.toString().toUpperCase();
	}

	private static String encryptTwelve(String plaintext) throws Exception {
		byte[] iv = AES_IV.getBytes();
		byte[] key = AES_KEY.getBytes();

		Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
		SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
		IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
		cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec);

		byte[] result = cipher.doFinal(plaintext.getBytes());
		return bytesToHex(result).toUpperCase();
	}

	private static String decryptEleven(String ciphertext) throws Exception {
		byte[] iv = hexStringToByteArray(BLOW_IV);
		byte[] key = hashToBytes(BLOW_KEY);
		byte[] encrypted = hexStringToByteArray(ciphertext.toLowerCase());

		int round = encrypted.length / 8;
		int leftLength = encrypted.length % 8;
		StringBuilder result = new StringBuilder();
		byte[] currentVector = iv.clone();

		Cipher cipher = Cipher.getInstance("Blowfish/ECB/NoPadding");
		SecretKeySpec secretKeySpec = new SecretKeySpec(key, "Blowfish");
		cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);

		for (int i = 0; i < round; i++) {
			byte[] block = Arrays.copyOfRange(encrypted, i * 8, (i + 1) * 8);
			byte[] temp = xorBytes(cipher.doFinal(block), currentVector);
			currentVector = xorBytes(currentVector, block);
			result.append(new String(temp));
		}

		if (leftLength > 0) {
			currentVector = cipher.doFinal(currentVector);
			byte[] block = Arrays.copyOfRange(encrypted, round * 8, round * 8 + leftLength);

			result.append(new String(xorBytes(block, currentVector), StandardCharsets.UTF_8));
		}

		return result.toString();
	}

	private static String decryptTwelve(String ciphertext) throws Exception {
		byte[] iv = AES_IV.getBytes();
		byte[] key = AES_KEY.getBytes();
		byte[] encrypted = hexStringToByteArray(ciphertext.toLowerCase());

		Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
		SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
		IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
		cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);

		byte[] result = cipher.doFinal(encrypted);
		return new String(result);
	}

	private static byte[] xorBytes(byte[] bytes1, byte[] bytes2) {
		byte[] result = new byte[bytes1.length];
		for (int i = 0; i < bytes1.length; i++) {
			result[i] = (byte) (bytes1[i] ^ bytes2[i]);
		}
		return result;
	}

	private static byte[] hexStringToByteArray(String s) {
		int len = s.length();
		byte[] data = new byte[len / 2];
		for (int i = 0; i < len; i += 2) {
			data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16));
		}
		return data;
	}

	private static byte[] hashToBytes(String s) throws Exception {
		return MessageDigest.getInstance("SHA-1").digest(s.getBytes());
	}

	private static String bytesToHex(byte[] bytes) {
		StringBuilder result = new StringBuilder();
		for (byte b : bytes) {
			result.append(String.format("%02X", b));
		}
		return result.toString();
	}
}

3.解密 – 使用PHP程序进行解密

PHP在线运行环境:代码在线运行 – 在线工具,进入后选择PHP,将以下代码复制到在线运行环境中

选择你自己的Navicat版本,把代码中的密码替换为你自己connections.ncx文件中的密码,然后执行即可输出(实测Navicat16可以成功解密)

<?php

// Navicat 11及以前的版本
//$navicatPassword = new NavicatPassword(11);

// Navicat 12及以后的版本
$navicatPassword = new NavicatPassword(12);

$decode = $navicatPassword->decrypt('68AB8FC887BE22ACD71F6E139DA7C141');
echo $decode . "\n";

class NavicatPassword
{
    protected $version = 0;
    protected $aesKey = 'libcckeylibcckey';
    protected $aesIv = 'libcciv libcciv ';
    protected $blowString = '3DC5CA39';
    protected $blowKey = null;
    protected $blowIv = null;

    public function __construct($version = 12)
    {
        $this->version = $version;
        $this->blowKey = sha1('3DC5CA39', true);
        $this->blowIv = hex2bin('d9c7c3c8870d64bd');
    }

    public function encrypt($string)
    {
        $result = FALSE;
        switch ($this->version) {
            case 11:
                $result = $this->encryptEleven($string);
                break;
            case 12:
                $result = $this->encryptTwelve($string);
                break;
            default:
                break;
        }

        return $result;
    }

    protected function encryptEleven($string)
    {
        $round = intval(floor(strlen($string) / 8));
        $leftLength = strlen($string) % 8;
        $result = '';
        $currentVector = $this->blowIv;

        for ($i = 0; $i < $round; $i++) {
            $temp = $this->encryptBlock($this->xorBytes(substr($string, 8 * $i, 8), $currentVector));
            $currentVector = $this->xorBytes($currentVector, $temp);
            $result .= $temp;
        }

        if ($leftLength) {
            $currentVector = $this->encryptBlock($currentVector);
            $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector);
        }

        return strtoupper(bin2hex($result));
    }

    protected function encryptBlock($block)
    {
        return openssl_encrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING);
    }

    protected function decryptBlock($block)
    {
        return openssl_decrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING);
    }

    protected function xorBytes($str1, $str2)
    {
        $result = '';
        for ($i = 0; $i < strlen($str1); $i++) {
            $result .= chr(ord($str1[$i]) ^ ord($str2[$i]));
        }

        return $result;
    }

    protected function encryptTwelve($string)
    {
        $result = openssl_encrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv);
        return strtoupper(bin2hex($result));
    }

    public function decrypt($string)
    {
        $result = FALSE;
        switch ($this->version) {
            case 11:
                $result = $this->decryptEleven($string);
                break;
            case 12:
                $result = $this->decryptTwelve($string);
                break;
            default:
                break;
        }

        return $result;
    }

    protected function decryptEleven($upperString)
    {
        $string = hex2bin(strtolower($upperString));

        $round = intval(floor(strlen($string) / 8));
        $leftLength = strlen($string) % 8;
        $result = '';
        $currentVector = $this->blowIv;

        for ($i = 0; $i < $round; $i++) {
            $encryptedBlock = substr($string, 8 * $i, 8);
            $temp = $this->xorBytes($this->decryptBlock($encryptedBlock), $currentVector);
            $currentVector = $this->xorBytes($currentVector, $encryptedBlock);
            $result .= $temp;
        }

        if ($leftLength) {
            $currentVector = $this->encryptBlock($currentVector);
            $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector);
        }

        return $result;
    }

    protected function decryptTwelve($upperString)
    {
        $string = hex2bin(strtolower($upperString));
        return openssl_decrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv);
    }
}

作者:有树汁的ikun

物联沃分享整理
物联沃-IOTWORD物联网 » 查看Navicat已保存的数据库连接密码

代码收藏家 普通

分享到:

相关推荐

发表回复