1.导出数据库连接 connections.ncx 文件
2.使用Java程序进行解密
Java在线运行环境:代码在线运行 - 在线工具,进入选择Java,将以下代码复制到在线运行环境中
import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.util.Arrays; public class NavicatPassword { public static void main(String[] args) throws Exception { NavicatPassword navicatPassword = new NavicatPassword(); // Navicat 11及以前的版本 轨迹星辰 // String decode = navicatPassword.decrypt("你的密码", 11); // Navicat 12及以后的版本 String decode = navicatPassword.decrypt("你的密码", 12); System.out.println(decode); } private static final String AES_KEY = "libcckeylibcckey"; private static final String AES_IV = "libcciv libcciv "; private static final String BLOW_KEY = "3DC5CA39"; private static final String BLOW_IV = "d9c7c3c8870d64bd"; public static String encrypt(String plaintext, int version) throws Exception { switch (version) { case 11: return encryptEleven(plaintext); case 12: return encryptTwelve(plaintext); default: throw new IllegalArgumentException("Unsupported version"); } } public static String decrypt(String ciphertext, int version) throws Exception { switch (version) { case 11: return decryptEleven(ciphertext); case 12: return decryptTwelve(ciphertext); default: throw new IllegalArgumentException("Unsupported version"); } } private static String encryptEleven(String plaintext) throws Exception { byte[] iv = hexStringToByteArray(BLOW_IV); byte[] key = hashToBytes(BLOW_KEY); int round = plaintext.length() / 8; int leftLength = plaintext.length() % 8; StringBuilder result = new StringBuilder(); byte[] currentVector = iv.clone(); Cipher cipher = Cipher.getInstance("Blowfish/ECB/NoPadding"); SecretKeySpec secretKeySpec = new SecretKeySpec(key, "Blowfish"); cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec); for (int i = 0; i < round; i++) { byte[] block = xorBytes(plaintext.substring(i * 8, (i + 1) * 8).getBytes(), currentVector); byte[] temp = cipher.doFinal(block); currentVector = xorBytes(currentVector, temp); result.append(bytesToHex(temp)); } if (leftLength > 0) { currentVector = cipher.doFinal(currentVector); byte[] block = xorBytes(plaintext.substring(round * 8).getBytes(), currentVector); result.append(bytesToHex(block)); } return result.toString().toUpperCase(); } private static String encryptTwelve(String plaintext) throws Exception { byte[] iv = AES_IV.getBytes(); byte[] key = AES_KEY.getBytes(); Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES"); IvParameterSpec ivParameterSpec = new IvParameterSpec(iv); cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec); byte[] result = cipher.doFinal(plaintext.getBytes()); return bytesToHex(result).toUpperCase(); } private static String decryptEleven(String ciphertext) throws Exception { byte[] iv = hexStringToByteArray(BLOW_IV); byte[] key = hashToBytes(BLOW_KEY); byte[] encrypted = hexStringToByteArray(ciphertext.toLowerCase()); int round = encrypted.length / 8; int leftLength = encrypted.length % 8; StringBuilder result = new StringBuilder(); byte[] currentVector = iv.clone(); Cipher cipher = Cipher.getInstance("Blowfish/ECB/NoPadding"); SecretKeySpec secretKeySpec = new SecretKeySpec(key, "Blowfish"); cipher.init(Cipher.DECRYPT_MODE, secretKeySpec); for (int i = 0; i < round; i++) { byte[] block = Arrays.copyOfRange(encrypted, i * 8, (i + 1) * 8); byte[] temp = xorBytes(cipher.doFinal(block), currentVector); currentVector = xorBytes(currentVector, block); result.append(new String(temp)); } if (leftLength > 0) { currentVector = cipher.doFinal(currentVector); byte[] block = Arrays.copyOfRange(encrypted, round * 8, round * 8 + leftLength); result.append(new String(xorBytes(block, currentVector), StandardCharsets.UTF_8)); } return result.toString(); } private static String decryptTwelve(String ciphertext) throws Exception { byte[] iv = AES_IV.getBytes(); byte[] key = AES_KEY.getBytes(); byte[] encrypted = hexStringToByteArray(ciphertext.toLowerCase()); Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES"); IvParameterSpec ivParameterSpec = new IvParameterSpec(iv); cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec); byte[] result = cipher.doFinal(encrypted); return new String(result); } private static byte[] xorBytes(byte[] bytes1, byte[] bytes2) { byte[] result = new byte[bytes1.length]; for (int i = 0; i < bytes1.length; i++) { result[i] = (byte) (bytes1[i] ^ bytes2[i]); } return result; } private static byte[] hexStringToByteArray(String s) { int len = s.length(); byte[] data = new byte[len / 2]; for (int i = 0; i < len; i += 2) { data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16)); } return data; } private static byte[] hashToBytes(String s) throws Exception { return MessageDigest.getInstance("SHA-1").digest(s.getBytes()); } private static String bytesToHex(byte[] bytes) { StringBuilder result = new StringBuilder(); for (byte b : bytes) { result.append(String.format("%02X", b)); } return result.toString(); } }
3.解密 - 使用PHP程序进行解密
PHP在线运行环境:代码在线运行 - 在线工具,进入后选择PHP,将以下代码复制到在线运行环境中
<?php // Navicat 11及以前的版本 轨迹星辰
//$navicatPassword = new NavicatPassword(11); // Navicat 12及以后的版本 $navicatPassword = new NavicatPassword(12); $decode = $navicatPassword->decrypt('你的密码'); echo $decode . "\n"; class NavicatPassword { protected $version = 0; protected $aesKey = 'libcckeylibcckey'; protected $aesIv = 'libcciv libcciv '; protected $blowString = '3DC5CA39'; protected $blowKey = null; protected $blowIv = null; public function __construct($version = 12) { $this->version = $version; $this->blowKey = sha1('3DC5CA39', true); $this->blowIv = hex2bin('d9c7c3c8870d64bd'); } public function encrypt($string) { $result = FALSE; switch ($this->version) { case 11: $result = $this->encryptEleven($string); break; case 12: $result = $this->encryptTwelve($string); break; default: break; } return $result; } protected function encryptEleven($string) { $round = intval(floor(strlen($string) / 8)); $leftLength = strlen($string) % 8; $result = ''; $currentVector = $this->blowIv; for ($i = 0; $i < $round; $i++) { $temp = $this->encryptBlock($this->xorBytes(substr($string, 8 * $i, 8), $currentVector)); $currentVector = $this->xorBytes($currentVector, $temp); $result .= $temp; } if ($leftLength) { $currentVector = $this->encryptBlock($currentVector); $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector); } return strtoupper(bin2hex($result)); } protected function encryptBlock($block) { return openssl_encrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING); } protected function decryptBlock($block) { return openssl_decrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING); } protected function xorBytes($str1, $str2) { $result = ''; for ($i = 0; $i < strlen($str1); $i++) { $result .= chr(ord($str1[$i]) ^ ord($str2[$i])); } return $result; } protected function encryptTwelve($string) { $result = openssl_encrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv); return strtoupper(bin2hex($result)); } public function decrypt($string) { $result = FALSE; switch ($this->version) { case 11: $result = $this->decryptEleven($string); break; case 12: $result = $this->decryptTwelve($string); break; default: break; } return $result; } protected function decryptEleven($upperString) { $string = hex2bin(strtolower($upperString)); $round = intval(floor(strlen($string) / 8)); $leftLength = strlen($string) % 8; $result = ''; $currentVector = $this->blowIv; for ($i = 0; $i < $round; $i++) { $encryptedBlock = substr($string, 8 * $i, 8); $temp = $this->xorBytes($this->decryptBlock($encryptedBlock), $currentVector); $currentVector = $this->xorBytes($currentVector, $encryptedBlock); $result .= $temp; } if ($leftLength) { $currentVector = $this->encryptBlock($currentVector); $result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector); } return $result; } protected function decryptTwelve($upperString) { $string = hex2bin(strtolower($upperString)); return openssl_decrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv); } }
标签:Navicat16,String,数据库,currentVector,密码,result,return,byte,string From: https://www.cnblogs.com/qq-965324258/p/18539191