随笔- 5 文章- 0 评论- 0 阅读- 39698

查看Navicat16已保存的数据库连接密码

1.导出数据库连接 connections.ncx 文件

2.使用Java程序进行解密

Java在线运行环境：代码在线运行 - 在线工具，进入选择Java，将以下代码复制到在线运行环境中

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.Arrays;
  
public class NavicatPassword {
    public static void main(String[] args) throws Exception {
        NavicatPassword navicatPassword = new NavicatPassword();
  
        // Navicat 11及以前的版本 轨迹星辰
        // String decode = navicatPassword.decrypt("你的密码", 11);
  
        // Navicat 12及以后的版本
        String decode = navicatPassword.decrypt("你的密码", 12);
  
        System.out.println(decode);
    }
  
    private static final String AES_KEY = "libcckeylibcckey";
    private static final String AES_IV = "libcciv libcciv ";
    private static final String BLOW_KEY = "3DC5CA39";
    private static final String BLOW_IV = "d9c7c3c8870d64bd";
  
    public static String encrypt(String plaintext, int version) throws Exception {
        switch (version) {
            case 11:
                return encryptEleven(plaintext);
            case 12:
                return encryptTwelve(plaintext);
            default:
                throw new IllegalArgumentException("Unsupported version");
        }
    }
  
    public static String decrypt(String ciphertext, int version) throws Exception {
        switch (version) {
            case 11:
                return decryptEleven(ciphertext);
            case 12:
                return decryptTwelve(ciphertext);
            default:
                throw new IllegalArgumentException("Unsupported version");
        }
    }
  
    private static String encryptEleven(String plaintext) throws Exception {
        byte[] iv = hexStringToByteArray(BLOW_IV);
        byte[] key = hashToBytes(BLOW_KEY);
  
        int round = plaintext.length() / 8;
        int leftLength = plaintext.length() % 8;
        StringBuilder result = new StringBuilder();
        byte[] currentVector = iv.clone();
  
        Cipher cipher = Cipher.getInstance("Blowfish/ECB/NoPadding");
        SecretKeySpec secretKeySpec = new SecretKeySpec(key, "Blowfish");
        cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
  
        for (int i = 0; i < round; i++) {
            byte[] block = xorBytes(plaintext.substring(i * 8, (i + 1) * 8).getBytes(), currentVector);
            byte[] temp = cipher.doFinal(block);
            currentVector = xorBytes(currentVector, temp);
            result.append(bytesToHex(temp));
        }
  
        if (leftLength > 0) {
            currentVector = cipher.doFinal(currentVector);
            byte[] block = xorBytes(plaintext.substring(round * 8).getBytes(), currentVector);
            result.append(bytesToHex(block));
        }
  
        return result.toString().toUpperCase();
    }
  
    private static String encryptTwelve(String plaintext) throws Exception {
        byte[] iv = AES_IV.getBytes();
        byte[] key = AES_KEY.getBytes();
  
        Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
        SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
        cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec);
  
        byte[] result = cipher.doFinal(plaintext.getBytes());
        return bytesToHex(result).toUpperCase();
    }
  
    private static String decryptEleven(String ciphertext) throws Exception {
        byte[] iv = hexStringToByteArray(BLOW_IV);
        byte[] key = hashToBytes(BLOW_KEY);
        byte[] encrypted = hexStringToByteArray(ciphertext.toLowerCase());
  
        int round = encrypted.length / 8;
        int leftLength = encrypted.length % 8;
        StringBuilder result = new StringBuilder();
        byte[] currentVector = iv.clone();
  
        Cipher cipher = Cipher.getInstance("Blowfish/ECB/NoPadding");
        SecretKeySpec secretKeySpec = new SecretKeySpec(key, "Blowfish");
        cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
  
        for (int i = 0; i < round; i++) {
            byte[] block = Arrays.copyOfRange(encrypted, i * 8, (i + 1) * 8);
            byte[] temp = xorBytes(cipher.doFinal(block), currentVector);
            currentVector = xorBytes(currentVector, block);
            result.append(new String(temp));
        }
  
        if (leftLength > 0) {
            currentVector = cipher.doFinal(currentVector);
            byte[] block = Arrays.copyOfRange(encrypted, round * 8, round * 8 + leftLength);
  
            result.append(new String(xorBytes(block, currentVector), StandardCharsets.UTF_8));
        }
  
        return result.toString();
    }
  
    private static String decryptTwelve(String ciphertext) throws Exception {
        byte[] iv = AES_IV.getBytes();
        byte[] key = AES_KEY.getBytes();
        byte[] encrypted = hexStringToByteArray(ciphertext.toLowerCase());
  
        Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
        SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
        cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);
  
        byte[] result = cipher.doFinal(encrypted);
        return new String(result);
    }
  
    private static byte[] xorBytes(byte[] bytes1, byte[] bytes2) {
        byte[] result = new byte[bytes1.length];
        for (int i = 0; i < bytes1.length; i++) {
            result[i] = (byte) (bytes1[i] ^ bytes2[i]);
        }
        return result;
    }
  
    private static byte[] hexStringToByteArray(String s) {
        int len = s.length();
        byte[] data = new byte[len / 2];
        for (int i = 0; i < len; i += 2) {
            data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16));
        }
        return data;
    }
  
    private static byte[] hashToBytes(String s) throws Exception {
        return MessageDigest.getInstance("SHA-1").digest(s.getBytes());
    }
  
    private static String bytesToHex(byte[] bytes) {
        StringBuilder result = new StringBuilder();
        for (byte b : bytes) {
            result.append(String.format("%02X", b));
        }
        return result.toString();
    }
}

3.解密 - 使用PHP程序进行解密

PHP在线运行环境：代码在线运行 - 在线工具，进入后选择PHP，将以下代码复制到在线运行环境中

<?php
  
// Navicat 11及以前的版本 轨迹星辰//$navicatPassword = new NavicatPassword(11); // Navicat 12及以后的版本 $navicatPassword = new NavicatPassword(12); $decode = $navicatPassword->decrypt('你的密码'); echo $decode . "\n"; class NavicatPassword { protected $version = 0; protected $aesKey = 'libcckeylibcckey'; protected $aesIv = 'libcciv libcciv '; protected $blowString = '3DC5CA39'; protected $blowKey = null; protected $blowIv = null; public function __construct($version = 12) { $this->version = $version; $this->blowKey = sha1('3DC5CA39', true); $this->blowIv = hex2bin('d9c7c3c8870d64bd'); } public function encrypt($string) { $result = FALSE; switch ($this->version) { case 11: $result = $this->encryptEleven($string); break; case 12: $result = $this->encryptTwelve($string); break; default: break; } return $result; } protected function encryptEleven($string) { $round = intval(floor(strlen($string) / 8)); $leftLength = strlen($string) % 8; $result = ''; $currentVector = $this->blowIv; for ($i = 0; $i < $round; $i++) { $temp = $this->encryptBlock($this->xorBytes(substr($string, 8 * $i, 8), $currentVector)); $currentVector = $this->xorBytes($currentVector, $temp); $result .= $temp; } if ($leftLength) { $currentVector = $this->encryptBlock($currentVector); $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector); } return strtoupper(bin2hex($result)); } protected function encryptBlock($block) { return openssl_encrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING); } protected function decryptBlock($block) { return openssl_decrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING); } protected function xorBytes($str1, $str2) { $result = ''; for ($i = 0; $i < strlen($str1); $i++) { $result .= chr(ord($str1[$i]) ^ ord($str2[$i])); } return $result; } protected function encryptTwelve($string) { $result = openssl_encrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv); return strtoupper(bin2hex($result)); } public function decrypt($string) { $result = FALSE; switch ($this->version) { case 11: $result = $this->decryptEleven($string); break; case 12: $result = $this->decryptTwelve($string); break; default: break; } return $result; } protected function decryptEleven($upperString) { $string = hex2bin(strtolower($upperString)); $round = intval(floor(strlen($string) / 8)); $leftLength = strlen($string) % 8; $result = ''; $currentVector = $this->blowIv; for ($i = 0; $i < $round; $i++) { $encryptedBlock = substr($string, 8 * $i, 8); $temp = $this->xorBytes($this->decryptBlock($encryptedBlock), $currentVector); $currentVector = $this->xorBytes($currentVector, $encryptedBlock); $result .= $temp; } if ($leftLength) { $currentVector = $this->encryptBlock($currentVector); $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector); } return $result; } protected function decryptTwelve($upperString) { $string = hex2bin(strtolower($upperString)); return openssl_decrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv); } }