破解Navicat 保存的密码
找出加密的密码
- Navicat(11.2.7、12.1.15、15.1.17、16.0.6上述版本均已通过测试)
- 进入注册表进行查询
使用【Win】+ 【R】组合快捷键,快速打开运行命令框,在打开后面键入命令:【Regedit】打开注册表编辑器
文件路径:
计算机\HKEY_CURRENT_USER\SOFTWARE\PremiumSoft\Navicat\Servers\
以Navicat16为例,通过上方路径,找到注册表中存储密码值的位置(如下图),选中要查看密码的连接名称,双击Pwd项,复制对应的值,至此获得了密文
- Navicat导出(推荐)
以Navicat16为例,菜单栏上点击文件,选择导出连接...,一定要选中导出密码!!!导出格式为*.ncx(该ncx本质上是xml文件,文件中包含连接的全部信息)
注:Navicat11版本没有勾选导出密码选项,直接导出即可;Navicat12+版本要勾选【导出密码】选项!
解密密文
https://www.nhooo.com/tool/java8/
运行代码
import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import javax.xml.bind.DatatypeConverter; import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.util.Arrays; public class Main { public static void main(String []args) { //navicat11解密 Navicat11Cipher de = new Navicat11Cipher(); System.out.println(de.decryptString("密文放此处")); //navicat12+解密 Navicat12Cipher de12 = new Navicat12Cipher(); System.out.println(de12.decryptString("密文放此处")); } static class Navicat11Cipher { public static final String DefaultUserKey = "3DC5CA39"; private static byte[] _IV; private static SecretKeySpec _Key; private static Cipher _Encryptor; private static Cipher _Decryptor; private static void initKey(String UserKey) { try { MessageDigest sha1 = MessageDigest.getInstance("SHA1"); byte[] userkey_data = UserKey.getBytes(StandardCharsets.UTF_8); sha1.update(userkey_data, 0, userkey_data.length); _Key = new SecretKeySpec(sha1.digest(), "Blowfish"); } catch (Exception e) { e.printStackTrace(); } } private static void initChiperEncrypt() { try { // Must use NoPadding _Encryptor = Cipher.getInstance("Blowfish/ECB/NoPadding"); _Encryptor.init(Cipher.ENCRYPT_MODE, _Key); } catch (Exception e) { e.printStackTrace(); } } private static void initChiperDecrypt() { try { // Must use NoPadding _Decryptor = Cipher.getInstance("Blowfish/ECB/NoPadding"); _Decryptor.init(Cipher.DECRYPT_MODE, _Key); } catch (Exception e) { e.printStackTrace(); } } private static void initIV() { try { byte[] initVec = DatatypeConverter.parseHexBinary("FFFFFFFFFFFFFFFF"); _IV = _Encryptor.doFinal(initVec); } catch (Exception e) { e.printStackTrace(); } } private void xorBytes(byte[] a, byte[] b) { for (int i = 0; i < a.length; i++) { int aVal = a[i] & 0xff; // convert byte to integer int bVal = b[i] & 0xff; a[i] = (byte) (aVal ^ bVal); // xor aVal and bVal and typecast to byte } } private void xorBytes(byte[] a, byte[] b, int l) { for (int i = 0; i < l; i++) { int aVal = a[i] & 0xff; // convert byte to integer int bVal = b[i] & 0xff; a[i] = (byte) (aVal ^ bVal); // xor aVal and bVal and typecast to byte } } static { initKey(DefaultUserKey); initChiperEncrypt(); initChiperDecrypt(); initIV(); } private byte[] Encrypt(byte[] inData) { try { byte[] CV = Arrays.copyOf(_IV, _IV.length); byte[] ret = new byte[inData.length]; int blocks_len = inData.length / 8; int left_len = inData.length % 8; for (int i = 0; i < blocks_len; i++) { byte[] temp = Arrays.copyOfRange(inData, i * 8, (i * 8) + 8); xorBytes(temp, CV); temp = _Encryptor.doFinal(temp); xorBytes(CV, temp); System.arraycopy(temp, 0, ret, i * 8, 8); } if (left_len != 0) { CV = _Encryptor.doFinal(CV); byte[] temp = Arrays.copyOfRange(inData, blocks_len * 8, (blocks_len * 8) + left_len); xorBytes(temp, CV, left_len); System.arraycopy(temp, 0, ret, blocks_len * 8, temp.length); } return ret; } catch (Exception e) { e.printStackTrace(); return null; } } public String encryptString(String inputString) { try { byte[] inData = inputString.getBytes(StandardCharsets.UTF_8); byte[] outData = Encrypt(inData); return DatatypeConverter.printHexBinary(outData); } catch (Exception e) { e.printStackTrace(); return ""; } } private byte[] Decrypt(byte[] inData) { try { byte[] CV = Arrays.copyOf(_IV, _IV.length); byte[] ret = new byte[inData.length]; int blocks_len = inData.length / 8; int left_len = inData.length % 8; for (int i = 0; i < blocks_len; i++) { byte[] temp = Arrays.copyOfRange(inData, i * 8, (i * 8) + 8); temp = _Decryptor.doFinal(temp); xorBytes(temp, CV); System.arraycopy(temp, 0, ret, i * 8, 8); for (int j = 0; j < CV.length; j++) { CV[j] = (byte) (CV[j] ^ inData[i * 8 + j]); } } if (left_len != 0) { CV = _Encryptor.doFinal(CV); byte[] temp = Arrays.copyOfRange(inData, blocks_len * 8, (blocks_len * 8) + left_len); xorBytes(temp, CV, left_len); for (int j = 0; j < temp.length; j++) { ret[blocks_len * 8 + j] = temp[j]; } } return ret; } catch (Exception e) { e.printStackTrace(); return null; } } public String decryptString(String hexString) { try { byte[] inData = DatatypeConverter.parseHexBinary(hexString); byte[] outData = Decrypt(inData); return new String(outData, StandardCharsets.UTF_8); } catch (Exception e) { e.printStackTrace(); return ""; } } } static class Navicat12Cipher { private static SecretKeySpec _AesKey; private static IvParameterSpec _AesIV; static { _AesKey = new SecretKeySpec("libcckeylibcckey".getBytes(StandardCharsets.UTF_8), "AES"); _AesIV = new IvParameterSpec("libcciv libcciv ".getBytes(StandardCharsets.UTF_8)); } public String encryptString(String plaintext) { try { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, _AesKey, _AesIV); byte[] ret = cipher.doFinal(plaintext.getBytes(StandardCharsets.UTF_8)); return DatatypeConverter.printHexBinary(ret); } catch (Exception e) { e.printStackTrace(); return ""; } } public String decryptString(String ciphertext) { try { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, _AesKey, _AesIV); byte[] ret = cipher.doFinal(DatatypeConverter.parseHexBinary(ciphertext)); return new String(ret, StandardCharsets.UTF_8); } catch (Exception e) { e.printStackTrace(); return ""; } } } }
本文仅仅简单介绍了此工具的使用,此项目源代码已开源,欢迎大家下载体验,如果有帮到您,麻烦点下star,谢谢!
项目源码:
github : https://github.com/Zhuoyuan1/navicat_password_decrypt
如果github打不开,码云地址:https://gitee.com/lzy549876/navicat_password_decrypt
另外网上大多数流传的都是PHP语言版本的,希望能帮助到大家!
声明:该工具源码仅仅只作学术性研究,不可商业用途!
参考:https://blog.csdn.net/kkk123445/article/details/122514124
