After disassembling Xmanager by IDA, I found Xmanager uses a stream cipher to encrypt password. The stream cipher is an RC4 stream cipher. The following will tell you what Xmanager did:
Based on the version of session files, the key is generated by different algorithms.
Both Xshell and Xftp use MD5 algorithm to generate the key that is used in RC4 cipher.
-
Xshell use the MD5 digest, 16 bytes long, of an ASCII string,
"!X@s#h$e%l^l&"
, as RC4 cipher key. The value is// Key = MD5("!X@s#h$e%l^l&"); unsigned char Key[16] = { 0xba, 0x2d, 0x9b, 0x7e, 0x9c, 0xca, 0x73, 0xd1, 0x52, 0xb2, 0x67, 0x72, 0x66, 0x2d, 0xf5, 0x5e };
-
Xftp use the MD5 digest, 16 bytes long, of an ASCII string,
"!X@s#c$e%l^l&"
which only has one different char with the string in Xshell, as RC4 cipher key. The value is// Key = MD5("!X@s#c$e%l^l&"); unsigned char Key[16] = { 0x30, 0x6e, 0x98, 0x35, 0xde, 0x92, 0x91, 0xd2, 0x27, 0xbb, 0x28, 0xb2, 0xf7, 0x2d, 0xca, 0x33 };
Both XShell and XFtp use SHA-256 algorithm to generate key.
The key is the SHA-256 digest, 32 bytes long, of current OS account's SID string. You can use whoami /user
in Command Prompt to check your current OS account's SID string.
For example, if your current OS account's SID string is
S-1-5-21-917267712-1342860078-1792151419-512
the 32-bytes-long SHA-256 digest would be
unsigned char Key[32] = {
0xCE, 0x97, 0xBE, 0xA9, 0x0C, 0x2A, 0x40, 0xB9,
0x5C, 0xC0, 0x79, 0x74, 0x1D, 0xDC, 0x03, 0xCB,
0x39, 0xAB, 0x3D, 0xE5, 0x26, 0x7A, 0x3B, 0x11,
0x05, 0x4B, 0x96, 0x3C, 0x93, 0x6F, 0x9C, 0xD4
};
This situation is similar with the former one (version 5.1 or 5.2).
The key is the SHA-256 digest of the combination of current OS account's name(case sensitive) and current OS account's SID string.
For example, if your current OS account's name and SID are
Administrator
S-1-5-21-917267712-1342860078-1792151419-512
the key is the 32-bytes-long SHA-256 digest of a string "AdministratorS-1-5-21-917267712-1342860078-1792151419-512"
:
unsigned char Key[32] = {
0x8E, 0x12, 0x29, 0xDC, 0x1F, 0x34, 0x56, 0xB9,
0xBB, 0xCD, 0x94, 0xC2, 0xAB, 0x0A, 0xF3, 0xB9,
0x95, 0x96, 0x6F, 0x06, 0xE3, 0x9D, 0x24, 0x80,
0x6A, 0x74, 0xCD, 0x7E, 0x0B, 0x69, 0xB3, 0x78
};
The key is the SHA-256 digest of the master key set by user.
For example, if I set master password with "123123"
, the key that is used in RC4 cipher is
unsigned char Key[32] = {
0x96, 0xca, 0xe3, 0x5c, 0xe8, 0xa9, 0xb0, 0x24,
0x41, 0x78, 0xbf, 0x28, 0xe4, 0x96, 0x6c, 0x2c,
0xe1, 0xb8, 0x38, 0x57, 0x23, 0xa9, 0x6a, 0x6b,
0x83, 0x88, 0x58, 0xcd, 0xd6, 0xca, 0x0a, 0x1e
};
This step will be executed for session file version >= 5.1 only.
If your original password is "This is a test"
, the SHA-256 digest would be:
unsigned char Checksum[32] = {
0xC7, 0xBE, 0x1E, 0xD9, 0x02, 0xFB, 0x8D, 0xD4,
0xD4, 0x89, 0x97, 0xC6, 0x45, 0x2F, 0x5D, 0x7E,
0x50, 0x9F, 0xBC, 0xDB, 0xE2, 0x80, 0x8B, 0x16,
0xBC, 0xF4, 0xED, 0xCE, 0x4C, 0x07, 0xD1, 0x4E
};
This 32-bytes-long data will be regarded as the checksum and appended to the encrypted password.
Xmanager use the key generated to initialize RC4 cipher.
Xmanager use the initialized RC4 cipher encrypt original password.
If original password is "This is a test"
, the result would be
-
Encrypted by XShell
unsigned char EncryptedPassword[] = { 0xff, 0xa2, 0x9a, 0x4e, 0xb2, 0xb0, 0x9b, 0x47, 0x26, 0x86, 0xbd, 0x32, 0x01, 0x64 };
-
Encrypted by XFtp
unsigned char EncryptedPassword[] = { 0x4c, 0xf2, 0x92, 0x83, 0x44, 0x10, 0xea, 0x8e, 0xfd, 0xe6, 0xf9, 0xcf, 0x20, 0xcb };
unsigned char EncryptedPassword[] = {
0x84, 0x83, 0x31, 0x23, 0x24, 0x37, 0x1D, 0xB2,
0x6C, 0x54, 0x87, 0x5B, 0x6E, 0xE9
};
unsigned char EncryptedPassword[] = {
0xCE, 0xFD, 0xB5, 0x3B, 0x5C, 0x78, 0xDE, 0xA4,
0x6C, 0xDD, 0xCE, 0x4D, 0x72, 0x40
};
unsigned char EncryptedPassword[] = {
0x46, 0xb9, 0xb7, 0x3f, 0x70, 0x0b, 0xd2, 0x20,
0xd5, 0xee, 0x70, 0x5b, 0x4b, 0x66
};
This step will be executed for session file version >= 5.1 only.
unsigned char FinalResult[] = {
0x84, 0x83, 0x31, 0x23, 0x24, 0x37, 0x1D, 0xB2,
0x6C, 0x54, 0x87, 0x5B, 0x6E, 0xE9, 0xC7, 0xBE,
0x1E, 0xD9, 0x02, 0xFB, 0x8D, 0xD4, 0xD4, 0x89,
0x97, 0xC6, 0x45, 0x2F, 0x5D, 0x7E, 0x50, 0x9F,
0xBC, 0xDB, 0xE2, 0x80, 0x8B, 0x16, 0xBC, 0xF4,
0xED, 0xCE, 0x4C, 0x07, 0xD1, 0x4E
};
unsigned char FinalResult[] = {
0xCE, 0xFD, 0xB5, 0x3B, 0x5C, 0x78, 0xDE, 0xA4,
0x6C, 0xDD, 0xCE, 0x4D, 0x72, 0x40, 0xC7, 0xBE,
0x1E, 0xD9, 0x02, 0xFB, 0x8D, 0xD4, 0xD4, 0x89,
0x97, 0xC6, 0x45, 0x2F, 0x5D, 0x7E, 0x50, 0x9F,
0xBC, 0xDB, 0xE2, 0x80, 0x8B, 0x16, 0xBC, 0xF4,
0xED, 0xCE, 0x4C, 0x07, 0xD1, 0x4E
};
unsigned char FinalResult[] = {
0x46, 0xb9, 0xb7, 0x3f, 0x70, 0x0b, 0xd2, 0x20,
0xd5, 0xee, 0x70, 0x5b, 0x4b, 0x66, 0xC7, 0xBE,
0x1E, 0xD9, 0x02, 0xFB, 0x8D, 0xD4, 0xD4, 0x89,
0x97, 0xC6, 0x45, 0x2F, 0x5D, 0x7E, 0x50, 0x9F,
0xBC, 0xDB, 0xE2, 0x80, 0x8B, 0x16, 0xBC, 0xF4,
0xED, 0xCE, 0x4C, 0x07, 0xD1, 0x4E
};
Convert final result to Base64 format. Then the base64 string will be stored into session file.
-
XShell
/6KaTrKwm0cmhr0yAWQ=
-
XFtp
TPKSg0QQ6o795vnPIMs=
hIMxIyQ3HbJsVIdbbunHvh7ZAvuN1NSJl8ZFL11+UJ+82+KAixa89O3OTAfRTg==
zv21O1x43qRs3c5NckDHvh7ZAvuN1NSJl8ZFL11+UJ+82+KAixa89O3OTAfRTg==
Rrm3P3AL0iDV7nBbS2bHvh7ZAvuN1NSJl8ZFL11+UJ+82+KAixa89O3OTAfRTg==