After this old article got some more attention recently, I decided to give this subject another shot.
The old C++ code was messy and the result of copying together the right WinSCP source code to create a deobfuscator. This time I decided to implement the same script in Python, adding the feature to read the newest values from this machine’s registry, because I am pretty sure that this is the most common use case.
Here it goes:
The usage is much easier this time:
usage: winscp-deobfuscator.py [-h] [--hostname HOSTNAME] [--username USERNAME]
[--hash HASH]
Deobfuscate WinSCP password, using info either from registry (if no arguments
are given) or from the command line.
optional arguments:
-h, --help show this help message and exit
--hostname HOSTNAME HostName
--username USERNAME UserName
--hash HASH Password
Again: I hope that this will help someone, have fun!
(Fun fact for those of you who are using FileZilla: FileZilla stores the plain-text password in %APPDATA%/FileZilla/sitemanager.xml
)