Module: C7Decrypt::Type7

Defined in:
lib/c7decrypt/type7/type7.rb,
lib/c7decrypt/type7/constants.rb,
lib/c7decrypt/type7/exceptions.rb

Defined Under Namespace

Modules: Constants, Exceptions

Class Method Summary collapse

Class Method Details

.check_seed(seed) ⇒ Nil

This method determines if an encryption seed is valid or not

and throw a specific exeception

Parameters:

  • the (FixNum)

    seed used in the encryption process

Returns:

  • (Nil)

Raises:



151
152
153
154
155
156
157
158
159
160
 
# File 'lib/c7decrypt/type7/type7.rb', line 151

def self.check_seed(seed)
  if seed < 0 ||
     seed > 15

    raise Exceptions::InvalidEncryptionSeed,
      "'#{seed.to_s}' seed is not a valid seed (only 0 - 15 allowed)"
  end

  return nil
end

.check_type_7_errors(e_text) ⇒ Nil

This method determines if an encrypted hash is corrupted/invalid

and throw a specific exeception

Parameters:

  • the (String)

    Cisco Type-7 Encrypted String

Returns:

  • (Nil)

Raises:



119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
 
# File 'lib/c7decrypt/type7/type7.rb', line 119

def self.check_type_7_errors(e_text)

  valid_first_chars = (0..15).to_a.collect {|c| sprintf("%02d", c)}
  first_char = e_text[0,2]

  # Check for an invalid first character in the has
  unless valid_first_chars.include? first_char
    raise Exceptions::InvalidFirstCharacter,
      "'#{e_text}' hash contains an invalid first chracter (only '00' - '15' allowed)"
  end

  # Check for an invalid character in the hash
  unless e_text.match(/^[A-Z0-9]+$/)
    raise Exceptions::InvalidCharacter,
      "'#{e_text}' hash contains an invalid character (only upper-alpha numeric allowed)"
  end

  # Check for an odd number of characters in the hash
  unless e_text.size % 2 == 0
    raise Exceptions::OddNumberOfCharacters,
      "'#{e_text}' hash contains odd length of chars (only even number of chars allowed)"
  end

  return nil

end

.decrypt(e_text) ⇒ String

The Decryption Method for Cisco Type-7 Encrypted Strings

Parameters:

  • the (String)

    Cisco Type-7 Encrypted String

Returns:

  • (String)

    the Decrypted String

Raises:



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/c7decrypt/type7/type7.rb', line 13

def self.decrypt(e_text)
  check_type_7_errors(e_text)

  d_text = ""
  seed = nil

  e_text.scan(/../).each_with_index do |char,i|
    if i == 0
      seed = char.to_i - 1
    else
      d_text += decrypt_char(char, i, seed)
    end
  end

  return d_text
end

.decrypt_array(pw_array) ⇒ Array

A helper method to decrypt an arracy of Cisco Type-7 Encrypted Strings

Parameters:

  • String] (Array)

    an array of Cisco Type-7 Encrypted Strings

Returns:

  • (Array)

    String] an array of Decrypted Strings

Raises:



76
77
78
 
# File 'lib/c7decrypt/type7/type7.rb', line 76

def self.decrypt_array(pw_array)
  pw_array.collect {|pw| decrypt(pw)}
end

.decrypt_char(char, i, seed) ⇒ String

The method for decrypting a single character

Parameters:

  • the (String)

    encrypted char

  • the (Integer)

    index of the char pair in encrypted string

  • the (Integer)

    seed used in the decryption process

Returns:

  • (String)

    the string of the decrypted char



66
67
68
 
# File 'lib/c7decrypt/type7/type7.rb', line 66

def self.decrypt_char(char, i, seed)
  (char.hex^Constants::VT_TABLE[(i + seed) % 53]).chr
end

.decrypt_config(file) ⇒ Array

This method scans a raw config file for type 7 passwords and

decrypts them

Parameters:

  • a (String)

    string of the config file path that contains Cisco Type-7 Encrypted Strings

Returns:

  • (Array)

    String] an array of Decrypted Strings

Raises:



99
100
101
102
 
# File 'lib/c7decrypt/type7/type7.rb', line 99

def self.decrypt_config(file)
  f = File.open(file, 'r').to_a
  decrypt_array(f.collect {|line| type_7_matches(line)}.flatten)
end

.encrypt(d_text, seed = 2) ⇒ String

The Encryption Method for Cisco Type-7 Encrypted Strings

Parameters:

  • the (String)

    plaintext password

  • the (String)

    seed for the encryption used

Returns:

  • (String)

    the encrypted password

Raises:



38
39
40
41
42
43
44
45
46
47
48
49
50
 
# File 'lib/c7decrypt/type7/type7.rb', line 38

def self.encrypt(d_text, seed = 2)
  check_seed(seed)

  e_text = sprintf("%02d", seed)

  d_text.each_char.each_with_index do |d_char,i|
    e_text += encrypt_char(d_char, i, seed)
  end

  check_type_7_errors(e_text)

  return e_text
end

.encrypt_array(pt_array, seed = 2) ⇒ Array

A helper method to encrypt an arracy of passwords

Parameters:

  • String] (Array)

    an array of plain-text passwords

Returns:

  • (Array)

    String] an array of encrypted passwords

Raises:



87
88
89
 
# File 'lib/c7decrypt/type7/type7.rb', line 87

def self.encrypt_array(pt_array, seed = 2)
  pt_array.collect {|pw| encrypt(pw, seed)}
end

.encrypt_char(char, i, seed) ⇒ String

The method for encrypting a single character

Parameters:

  • the (String)

    plain text char

  • the (FixNum)

    index of the char in plaintext string

  • the (FixNum)

    seed used in the encryption process

Returns:

  • (String)

    the string of the encrypted char



57
58
59
 
# File 'lib/c7decrypt/type7/type7.rb', line 57

def self.encrypt_char(char, i, seed)
  sprintf("%02X", char.unpack('C')[0] ^ Constants::VT_TABLE[(i + seed) % 53])
end

.type_7_matches(string) ⇒ Array

This method scans a config line for encrypted type-7 passwords and

returns an array of results

Parameters:

  • a (String)

    line with potential encrypted type-7 passwords

Returns:

  • (Array)

    String] an array of Cisco type-7 encrypted Strings



108
109
110
 
# File 'lib/c7decrypt/type7/type7.rb', line 108

def self.type_7_matches(string)
  Constants::TYPE_7_REGEXES.collect {|regex| string.scan(regex)}.flatten.uniq
end