Saturday, March 22, 2025

Mass OpenSSH Decryption - Linux Bash Script

Running all the decryption models on a file is a fast and efficient way to unlock an openssl coded file, document, binary or anything, if you were not sure, how it was encrypted. You can do it with this command :

$ openssl enc -d -aes-256-cbc -in secret -out decrypted.txt -pass pass:vgrohhfyek0wkfi5fv13anexapy3sso6
 
However, to insert all the cipher commands one by one, would take a good 15 minutes.  
Cipher commands (see the `enc' command for more details)
aes-128-cbc       aes-128-ecb       aes-192-cbc       aes-192-ecb       
aes-256-cbc       aes-256-ecb       aria-128-cbc      aria-128-cfb      
aria-128-cfb1     aria-128-cfb8     aria-128-ctr      aria-128-ecb      
aria-128-ofb      aria-192-cbc      aria-192-cfb      aria-192-cfb1     
aria-192-cfb8     aria-192-ctr      aria-192-ecb      aria-192-ofb      
aria-256-cbc      aria-256-cfb      aria-256-cfb1     aria-256-cfb8     
aria-256-ctr      aria-256-ecb      aria-256-ofb      base64            
bf                bf-cbc            bf-cfb            bf-ecb            
bf-ofb            camellia-128-cbc  camellia-128-ecb  camellia-192-cbc  
camellia-192-ecb  camellia-256-cbc  camellia-256-ecb  cast              
cast-cbc          cast5-cbc         cast5-cfb         cast5-ecb         
cast5-ofb         des               des-cbc           des-cfb           
des-ecb           des-ede           des-ede-cbc       des-ede-cfb       
des-ede-ofb       des-ede3          des-ede3-cbc      des-ede3-cfb      
des-ede3-ofb      des-ofb           des3              desx              
rc2               rc2-40-cbc        rc2-64-cbc        rc2-cbc           
rc2-cfb           rc2-ecb           rc2-ofb           rc4               
rc4-40            seed              seed-cbc          seed-cfb          
seed-ecb          seed-ofb          sm4-cbc           sm4-cfb           
sm4-ctr           sm4-ecb           sm4-ofb           zlib

 

LET'S WRITE A SCRIPT

 
$ nano mass_decrypt.sh
 
In the script:
  • Basically you just have to replace the password with your password, if you had it.
  • Put your input file in place of input_file.
  • Change output directory name if wanted.
-----------------------------------------------------

#!/bin/bash

password="vgrohhfyek0wkfi5fv13anexapy3sso6"
input_file="secret"
output_dir="decrypted_attempts"

# Create output directory
mkdir -p $output_dir

# Get a list of all available OpenSSL ciphers
algorithms=$(openssl list -cipher-algorithms)

echo "Starting mass decryption with all available algorithms..."

for algo in $algorithms; do
    output_file="$output_dir/decrypted_$algo.txt"
    echo "Trying $algo..."
    openssl enc -d -$algo -in $input_file -out $output_file -pass pass:$password 2>/dev/null
    if [ $? -eq 0 ]; then
        echo "[+] Success with $algo! Output saved to $output_file"
    fi
done

echo "Decryption complete. Check the $output_dir directory for results."
-----------------------------------------------------
$ chmod +x mass_decrypt.sh
$ ./mass_decrypt.sh

Here you go, either you are looking for one particular file, maybe one particular string, you can filter with grep if needed. 

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Sharepoint sync and lock issues - solutions

 Sharepoint synced down to your PC by onedrive can have a ton of errors. It is caused by the simple dis-functionality of this badly thought ...