We use cookies to ensure you get the best experience on our website
Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
0ct0pu5
/
CyberChef
1
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Ver Fonte

Merge branch 'citrix' of https://github.com/bwhitn/CyberChef into bwhitn-citrix

n1474335 há 6 anos atrás
pai
20ea050728 c378bcb00b
commit
1653d0212a
4 ficheiros alterados com 142 adições e 0 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 2 0
      src/core/config/Categories.json
  2. 57 0
      src/core/operations/DecodeCitrixCTX1.mjs
  3. 50 0
      src/core/operations/EncodeCitrixCTX1.mjs
  4. 33 0
      test/tests/operations/Ciphers.mjs

+ 2 - 0
src/core/config/Categories.json
Ver Ficheiro 

@@ -68,6 +68,8 @@
 
             "Blowfish Decrypt",
 
             "DES Encrypt",
 
             "DES Decrypt",
 
+            "Citrix CTX1 Encode",
 
+            "Citrix CTX1 Decode",
 
             "Triple DES Encrypt",
 
             "Triple DES Decrypt",
 
             "RC2 Encrypt",

+ 57 - 0
src/core/operations/DecodeCitrixCTX1.mjs
Ver Ficheiro 

@@ -0,0 +1,57 @@
 
+/**
 
+ * @author bwhitn [brian.m.whitney@gmail.com]
 
+ * @copyright Crown Copyright 2017
 
+ * @license Apache-2.0
 
+ */
 
+
 
+import Operation from "../Operation";
 
+import cptable from "../vendor/js-codepage/cptable.js";
 
+
 
+/**
 
+ * Encode Citrix CTX1 class
 
+ */
 
+class DecodeCitrixCTX1 extends Operation {
 
+
 
+    /**
 
+     * EncodeCitrixCTX1 constructor
 
+     */
 
+    constructor() {
 
+        super();
 
+
 
+        this.name = "Citrix CTX1 Decode";
 
+        this.module = "Ciphers";
 
+        this.description = "Decodes strings in a Citrix CTX1 password format to plaintext.";
 
+        this.infoURL = "https://www.reddit.com/r/AskNetsec/comments/1s3r6y/citrix_ctx1_hash_decoding/";
 
+        this.inputType = "byteArray";
 
+        this.outputType = "string";
 
+        this.args = [];
 
+    }
 
+
 
+    /**
 
+     * @param {byteArray} input
 
+     * @param {Object[]} args
 
+     * @returns {string}
 
+     */
 
+    run(input, args) {
 
+        if (input.length % 4 !== 0) {
 
+            return "";
 
+        }
 
+        const revinput = input.reverse();
 
+        const result = [];
 
+        let temp = 0;
 
+        for (let i = 0; i < revinput.length; i+=2) {
 
+            if (i+2 >= revinput.length) {
 
+                temp = 0;
 
+            } else {
 
+                temp = ((revinput[i + 2] - 0x41) & 0xf) ^ (((revinput[i + 3]- 0x41) << 4) & 0xf0);
 
+            }
 
+            temp = (((revinput[i] - 0x41) & 0xf) ^ (((revinput[i + 1] - 0x41) << 4) & 0xf0)) ^ 0xa5 ^ temp;
 
+            result.push(temp);
 
+        }
 
+        // Decodes a utf-16le string
 
+        return cptable.utils.decode(1200, result.reverse());
 
+    }
 
+
 
+}
 
+
 
+export default DecodeCitrixCTX1;

+ 50 - 0
src/core/operations/EncodeCitrixCTX1.mjs
Ver Ficheiro 

@@ -0,0 +1,50 @@
 
+/**
 
+ * @author bwhitn [brian.m.whitney@gmail.com]
 
+ * @copyright Crown Copyright 2017
 
+ * @license Apache-2.0
 
+ */
 
+
 
+import Operation from "../Operation";
 
+import cptable from "../vendor/js-codepage/cptable.js";
 
+
 
+/**
 
+ * Encode Citrix CTX1 class
 
+ */
 
+class EncodeCitrixCTX1 extends Operation {
 
+
 
+    /**
 
+     * EncodeCitrixCTX1 constructor
 
+     */
 
+    constructor() {
 
+        super();
 
+
 
+        this.name = "Citrix CTX1 Encode";
 
+        this.module = "Ciphers";
 
+        this.description = "Encodes strings to Citrix CTX1 password format.";
 
+        this.infoURL = "https://www.reddit.com/r/AskNetsec/comments/1s3r6y/citrix_ctx1_hash_decoding/";
 
+        this.inputType = "string";
 
+        this.outputType = "byteArray";
 
+        this.args = [];
 
+    }
 
+
 
+    /**
 
+     * @param {string} input
 
+     * @param {Object[]} args
 
+     * @returns {byteArray}
 
+     */
 
+    run(input, args) {
 
+        const utf16pass = Buffer.from(cptable.utils.encode(1200, input));
 
+        const result = [];
 
+        let temp = 0;
 
+        for (let i = 0; i < utf16pass.length; i++) {
 
+            temp = utf16pass[i] ^ 0xa5 ^ temp;
 
+            result.push(((temp >>> 4) & 0xf) + 0x41);
 
+            result.push((temp & 0xf) + 0x41);
 
+        }
 
+
 
+        return result;
 
+    }
 
+
 
+}
 
+
 
+export default EncodeCitrixCTX1;

+ 33 - 0
test/tests/operations/Ciphers.mjs
Ver Ficheiro 

@@ -220,6 +220,39 @@ TestRegister.addTests([
 
             }
 
         ],
 
     },
 
+    {
 
+        name: "Citrix CTX1 Encode",
 
+        input: "Password1",
 
+        expectedOutput: "PFFAJEDBOHECJEDBODEGIMCJPOFLJKDPKLAO",
 
+        recipeConfig: [
 
+            {
 
+                "op": "Citrix CTX1 Encode",
 
+                "args": []
 
+            }
 
+        ],
 
+    },
 
+    {
 
+        name: "Citrix CTX1 Decode: normal",
 
+        input: "PFFAJEDBOHECJEDBODEGIMCJPOFLJKDPKLAO",
 
+        expectedOutput: "Password1",
 
+        recipeConfig: [
 
+            {
 
+                "op": "Citrix CTX1 Decode",
 
+                "args": []
 
+            }
 
+        ],
 
+    },
 
+    {
 
+        name: "Citrix CTX1 Decode: invalid length",
 
+        input: "PFFAJEDBOHECJEDBODEGIMCJPOFLJKDPKLA",
 
+        expectedOutput: "",
 
+        recipeConfig: [
 
+            {
 
+                "op": "Citrix CTX1 Decode",
 
+                "args": []
 
+            }
 
+        ],
 
+    },
 
     {
 
         name: "Vigenère Encode: no input",
 
         input: "",

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5