Stash file
Eduardo Poyart
I lost a password that is stashed on a stash file.
I found on the IHS readme page that the password in a stash file is not
encrypted, but rather altered in such a way "not to be recognized by a casual
observer".
How can I recover the password from the stash file?
The problem is that I have a certificate that is running on this keyfile, but
I can't alter the keyfile because I lost the password.
Best regards
Eduardo Poyart
Olivier Metenier
Just run this script under Perl environment
#!/usr/bin/perl -w
#
# unstash.pl - "decrypt" IBM HTTP server stash files. No, really. They *are* this
pathetic.
#
# sploit (BoByRiTe) 1999, Major Malfunction, code by Ben Laurie, cos I dudn't dud
perly thing.
use strict;
die "Usage: $0 <stash file>\n" if $#ARGV != 0;
my $file=$ARGV[0];
open(F,$file) || die "Can't open $file: $!";
my $stash;
read F,$stash,1024;
my @unstash=map { $_^0xf5 } unpack("C*",$stash);
foreach my $c (@unstash) {
last if $c eq 0;
printf "%c",$c;
}
printf "\n";
Eduardo Poyart
The script gives an error:
$ ./unstash.pl key.sth
Missing $ on loop variable at ./unstash.pl line 19.
What is wrong? My perl is 5.002.
Best regards
Eduardo poyart
Paul Risenhoover
in front of them.
"Eduardo Poyart" <nos...@nospam.com> wrote in message
news:3ACDD7A8...@nospam.com...
Lasse Hillerře Petersen
<pr...@stl.rural.usda.gov> wrote:
>"Eduardo Poyart" <nos...@nospam.com> wrote in message
>news:3ACDD7A8...@nospam.com...
>> Hi Olivier,
>>
>> The script gives an error:
>>
>> $ ./unstash.pl key.sth
>> Missing $ on loop variable at ./unstash.pl line 19.
>>
>> What is wrong? My perl is 5.002.
>you've got a typo. verify all references to your loop variable have a "$"
>in front of them.
Ah, no. Eduardo actually had the right idea, since he included his perl
version. The "for my" notation to get a local loop variable is not
available in 5.002 AFAIK.
Solution:
replace
for my $c
with
my $c;
for $c
-Lasse