After this old article got some more attention recently, I decided to give this subject another shot.
The old C++ code was messy and the result of copying together the right WinSCP source code to create a deobfuscator. This time I decided to implement the same script in Python, adding the feature to read the newest values from this machine’s registry, because I am pretty sure that this is the most common use case.
Here it goes:
The usage is much easier this time:
usage: winscp-deobfuscator.py [-h] [--hostname HOSTNAME] [--username USERNAME] [--hash HASH] Deobfuscate WinSCP password, using info either from registry (if no arguments are given) or from the command line. optional arguments: -h, --help show this help message and exit --hostname HOSTNAME HostName --username USERNAME UserName --hash HASH Password
Again: I hope that this will help someone, have fun!
(Fun fact for those of you who are using FileZilla: FileZilla stores the plain-text password in