Index ¦ Archives ¦ Atom

WinSCP Session Password Decryption - Part 2

After this old article got some more attention recently, I decided to give this subject another shot.

The old C++ code was messy and the result of copying together the right WinSCP source code to create a deobfuscator. This time I decided to implement the same script in Python, adding the feature to read the newest values from this machine's registry, because I am pretty sure that this is the most common use case.

Here it goes:

The usage is much easier this time:

usage: winscp-deobfuscator.py [-h] [--hostname HOSTNAME] [--username USERNAME]
                          [--hash HASH]

Deobfuscate WinSCP password, using info either from registry (if no arguments
are given) or from the command line.

optional arguments:
  -h, --help           show this help message and exit
  --hostname HOSTNAME  HostName
  --username USERNAME  UserName
  --hash HASH          Password

Again: I hope that this will help someone, have fun!

(Fun fact for those of you who are using FileZilla: FileZilla stores the plain-text password in %APPDATA%/FileZilla/sitemanager.xml)

© Jonas Lieb. Built using Pelican. Theme based on Giulio Fidente's pelican-svbhack.