Differences
This shows you the differences between the selected revisions of the page.
| 2008-04-10 | 2008-04-27 | ||
| scripting#hostkey (martin) | no summary (67.2.35.174) (hidden) | ||
| Line 58: | Line 58: | ||
| Note that the configuration also includes [[scripting#hostkey|verified SSH host keys]]. | Note that the configuration also includes [[scripting#hostkey|verified SSH host keys]]. | ||
| - | ===== Example ===== | + | #include <inttypes.h> |
| - | The example below connects to ''example.com'' server with account ''user'', downloads file and closes the session. Then it connects to the same server with the account ''user2'' and uploads the file back. | + | #include <stdio.h> |
| - | <code winscp> | + | #include <string.h> |
| - | # Automatically answer all prompts negatively not to stall | + | #include <sys/types.h> |
| - | # the script on errors | + | #include <unistd.h> |
| - | option batch on | + | #include <openssl/sha.h> |
| - | # Disable overwrite confirmations that conflict with the previous | + | #include <openssl/aes.h> |
| - | option confirm off | + | |
| - | # Connect using a password | + | |
| - | # open user:password@example.com | + | |
| - | # Connect | + | |
| - | open user@example.com | + | |
| - | # Change remote directory | + | |
| - | cd /home/user | + | |
| - | # Force binary mode transfer | + | |
| - | option transfer binary | + | |
| - | # Download file to the local directory d:\ | + | |
| - | get examplefile.txt d:\ | + | |
| - | # Disconnect | + | |
| - | close | + | |
| - | # Connect as a different user | + | |
| - | open user2@example.com | + | |
| - | # Change the remote directory | + | |
| - | cd /home/user2 | + | |
| - | # Upload the file to current working directory | + | |
| - | put d:\examplefile.txt | + | |
| - | # Disconnect | + | |
| - | close | + | |
| - | # Exit WinSCP | + | |
| - | exit | + | |
| - | </code> | + | |
| - | Save the script to the file ''example.txt''. To execute the script file use the following command. As the script connects the session itself, using the command ''open'', omit the ''session'' command-line parameter. | + | |
| - | <code> | + | |
| - | winscp.exe /console /script=example.txt | + | |
| - | </code> | + | |
| - | Instead of using ''open'' command you can also open a session using a [[commandline|command-line parameter]]. | + | struct { |
| - | <code> | + | unsigned char magic[ 4 ]; |
| - | winscp.exe /console /script=example.txt user@example.com | + | unsigned char version[ 3 ]; |
| - | </code> | + | unsigned char encrypted; |
| + | unsigned char unknownNull[4]; | ||
| + | unsigned int sizeOfData; | ||
| + | unsigned int footerSignatureOffset; | ||
| + | unsigned int footerCertOffset; | ||
| + | unsigned int footerCertLen; | ||
| + | unsigned char key1[ 32 ]; | ||
| + | unsigned char unknownVersion[ 4 ]; | ||
| + | unsigned char key2[ 16 ]; | ||
| + | unsigned char unknow3[ 1968 ]; | ||
| + | } header8900; | ||
| + | |||
| + | char inbuf[ 65536 ]; | ||
| + | char outbuf[ 65536 ]; | ||
| + | |||
| + | void convert_hex(char *str, uint8_t *bytes, int maxlen) { | ||
| + | int slen = strlen(str); | ||
| + | int bytelen = maxlen; | ||
| + | int rpos, wpos = 0; | ||
| + | |||
| + | for(rpos = 0; rpos < bytelen; rpos++) { | ||
| + | sscanf(&str[rpos*2], "%02hhx", &bytes[wpos++]); | ||
| + | } | ||
| + | } | ||
| + | |||
| + | void print_hex( char* text, uint8_t* data, uint32_t len ) | ||
| + | { | ||
| + | uint32_t ctr; | ||
| + | char* sep; | ||
| + | if( len > 64 ) | ||
| + | ··len = 64; | ||
| + | printf( "%s", text ); | ||
| + | for( ctr = 0; ctr < len; ctr++ ) | ||
| + | { | ||
| + | printf( "%02x ", data[ ctr ] ); | ||
| + | } | ||
| + | printf( "\n" ); | ||
| + | } | ||
| + | |||
| + | int main( int argc, char** argv ) | ||
| + | { | ||
| + | FILE *infile, *outfile; | ||
| + | int encrypted; | ||
| + | off_t data_begin, data_current, data_end, data_len; | ||
| + | AES_KEY ctx, aes_decrypt_key; | ||
| + | uint8_t aes_key[16]; | ||
| + | |||
| + | unsigned char ramdiskKey[32]="188458A6D15034DFE386F23B61D43774"; | ||
| + | unsigned char ramdiskiv[1]; | ||
| + | |||
| + | unsigned char keybuf[ 16 ]; | ||
| + | unsigned char iv[ AES_BLOCK_SIZE ]; | ||
| + | |||
| + | if( argc != 3 ) | ||
| + | { | ||
| + | fprintf( stderr, "Usage: %s infile outfile\n", argv[ 0 ] ); | ||
| + | return 1; | ||
| + | } | ||
| + | |||
| + | infile = fopen( argv[ 1 ], "r" ); | ||
| + | if( !infile ) | ||
| + | { | ||
| + | perror( "infile fopen" ); | ||
| + | return 1; | ||
| + | } | ||
| + | |||
| + | outfile = fopen( argv[ 2 ], "w+" ); | ||
| + | if( !outfile ) | ||
| + | { | ||
| + | perror( "outfile fopen" ); | ||
| + | return 1; | ||
| + | } | ||
| + | |||
| + | if( sizeof( header8900 ) != fread( &header8900, 1, sizeof( header8900 ), infile ) ) | ||
| + | { | ||
| + | fprintf( stderr, "Can't read header\n" ); | ||
| + | return 1; | ||
| + | } | ||
| + | |||
| + | if( ( header8900.magic[ 0 ] != 0x38 ) && // 8 | ||
| + | ( header8900.magic[ 1 ] != 0x39 ) && // 9 | ||
| + | ( header8900.magic[ 2 ] != 0x30 ) && // 0 | ||
| + | ( header8900.magic[ 3 ] != 0x30 ) ) // 0 | ||
| + | { | ||
| + | fprintf( stderr, "Bad magic\n" ); | ||
| + | return 1; | ||
| + | } | ||
| + | |||
| + | if( header8900.encrypted == 0x03 ) | ||
| + | ··encrypted = 1; | ||
| + | else if( header8900.encrypted = 0x04 ) | ||
| + | encrypted = 0; | ||
| + | |||
| + | data_begin = sizeof( header8900 ); | ||
| + | data_len = header8900.sizeOfData; | ||
| + | |||
| + | printf( "iPhone 8900 decryptor by PmgR,\n"); | ||
| + | printf( "extended and modified from original file by aljen.\n"); | ||
| + | printf( "Thanks to hardware decrypt key found by by dev & elite teams.\n\n"); | ||
| + | printf( "[*] filename \t\t: %s\n", argv[ 1 ] ); | ||
| + | printf( "[*] magic \t\t: %s\n", header8900.magic ); | ||
| + | printf( "[*] version \t\t: %s\n", header8900.version ); | ||
| + | printf( "[*] encrypted \t\t: %d\n", encrypted ); | ||
| + | printf( "[*] start of data \t\t: 0x%02x\n", data_begin ); | ||
| + | printf( "[*] size of data\t\t: 0x%02x\n", header8900.sizeOfData ); | ||
| + | printf( "[*] footer signature offset\t: 0x%02x\n", header8900.footerSignatureOffset ); | ||
| + | printf( "[*] footer certificate offset\t: 0x%02x\n", header8900.footerCertOffset ); | ||
| + | printf( "[*] footer certificate length\t: 0x%02x\n", header8900.footerCertLen ); | ||
| + | print_hex( "[*] header key 1\t\t: ", header8900.key1, sizeof( header8900.key1 ) ); | ||
| + | print_hex( "[*] header key 2\t\t: ", header8900.key2, sizeof( header8900.key2 ) ); | ||
| + | |||
| + | ·//memset( keybuf, 0, 32 ); | ||
| + | //memcpy( keybuf, header8900.key1, 32 ); | ||
| + | convert_hex(ramdiskKey, aes_key, 16); | ||
| + | AES_set_decrypt_key( aes_key, 128, &aes_decrypt_key ); | ||
| + | memset( iv, 0, AES_BLOCK_SIZE ); | ||
| + | //memcpy( iv, header8900.key2, 16 ); | ||
| + | |||
| + | fseek( infile, data_begin, SEEK_SET ); | ||
| + | //printf("dataend: %d\n", data_len); | ||
| + | |||
| + | data_current=0; | ||
| + | while( fread( &inbuf, 1, AES_BLOCK_SIZE, infile ) > 0 & data_current<data_len) | ||
| + | { | ||
| + | |||
| + | AES_cbc_encrypt( inbuf, outbuf, AES_BLOCK_SIZE, &aes_decrypt_key, iv, AES_DECRYPT ); | ||
| + | fwrite( outbuf, 1, AES_BLOCK_SIZE, outfile ); | ||
| + | data_current = data_current + AES_BLOCK_SIZE; | ||
| + | } | ||
| + | |||
| + | if( infile ) | ||
| + | fclose( infile ); | ||
| + | if( outfile ) | ||
| + | fclose( outfile ); | ||
| + | return 0; | ||
| + | } | ||
| ===== Useful Scripts ===== | ===== Useful Scripts ===== | ||