前提条件:数据库密码忘记了,但是在Navicat连接过且目前能连接上的状态!
1.导出数据库连接 connections.ncx 文件
选择你要导出密码的数据库连接,切记要勾上导出密码
2.使用文本编辑工具打开导出的connections.ncx 文件
找到Password="",将双引号中间的密码复制出来使用下面的Java程序或PHP程序进行解密!
3.解密 - 使用Java程序进行解密
Java在线运行环境:代码在线运行 - 在线工具,进入选择Java,将以下代码复制到在线运行环境中
选择你自己的Navicat版本,把代码中的密码替换为你自己connections.ncx文件中的密码,然后执行即可输出(实测Navicat16可以成功解密)
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.Arrays;
public class NavicatPassword {
public static void main(String[] args) throws Exception {
NavicatPassword navicatPassword = new NavicatPassword();
// Navicat 11及以前的版本
// String decode = navicatPassword.decrypt("你的密码", 11);
// Navicat 12及以后的版本
String decode = navicatPassword.decrypt("你的密码", 12);
System.out.println(decode);
}
private static final String AES_KEY = "libcckeylibcckey";
private static final String AES_IV = "libcciv libcciv ";
private static final String BLOW_KEY = "3DC5CA39";
private static final String BLOW_IV = "d9c7c3c8870d64bd";
public static String encrypt(String plaintext, int version) throws Exception {
switch (version) {
case 11:
return encryptEleven(plaintext);
case 12:
return encryptTwelve(plaintext);
default:
throw new IllegalArgumentException("Unsupported version");
}
}
public static String decrypt(String ciphertext, int version) throws Exception {
switch (version) {
case 11:
return decryptEleven(ciphertext);
case 12:
return decryptTwelve(ciphertext);
default:
throw new IllegalArgumentException("Unsupported version");
}
}
private static String encryptEleven(String plaintext) throws Exception {
byte[] iv = hexStringToByteArray(BLOW_IV);
byte[] key = hashToBytes(BLOW_KEY);
int round = plaintext.length() / 8;
int leftLength = plaintext.length() % 8;
StringBuilder result = new StringBuilder();
byte[] currentVector = iv.clone();
Cipher cipher = Cipher.getInstance("Blowfish/ECB/NoPadding");
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "Blowfish");
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
for (int i = 0; i < round; i++) {
byte[] block = xorBytes(plaintext.substring(i * 8, (i + 1) * 8).getBytes(), currentVector);
byte[] temp = cipher.doFinal(block);
currentVector = xorBytes(currentVector, temp);
result.append(bytesToHex(temp));
}
if (leftLength > 0) {
currentVector = cipher.doFinal(currentVector);
byte[] block = xorBytes(plaintext.substring(round * 8).getBytes(), currentVector);
result.append(bytesToHex(block));
}
return result.toString().toUpperCase();
}
private static String encryptTwelve(String plaintext) throws Exception {
byte[] iv = AES_IV.getBytes();
byte[] key = AES_KEY.getBytes();
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec);
byte[] result = cipher.doFinal(plaintext.getBytes());
return bytesToHex(result).toUpperCase();
}
private static String decryptEleven(String ciphertext) throws Exception {
byte[] iv = hexStringToByteArray(BLOW_IV);
byte[] key = hashToBytes(BLOW_KEY);
byte[] encrypted = hexStringToByteArray(ciphertext.toLowerCase());
int round = encrypted.length / 8;
int leftLength = encrypted.length % 8;
StringBuilder result = new StringBuilder();
byte[] currentVector = iv.clone();
Cipher cipher = Cipher.getInstance("Blowfish/ECB/NoPadding");
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "Blowfish");
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
for (int i = 0; i < round; i++) {
byte[] block = Arrays.copyOfRange(encrypted, i * 8, (i + 1) * 8);
byte[] temp = xorBytes(cipher.doFinal(block), currentVector);
currentVector = xorBytes(currentVector, block);
result.append(new String(temp));
}
if (leftLength > 0) {
currentVector = cipher.doFinal(currentVector);
byte[] block = Arrays.copyOfRange(encrypted, round * 8, round * 8 + leftLength);
result.append(new String(xorBytes(block, currentVector), StandardCharsets.UTF_8));
}
return result.toString();
}
private static String decryptTwelve(String ciphertext) throws Exception {
byte[] iv = AES_IV.getBytes();
byte[] key = AES_KEY.getBytes();
byte[] encrypted = hexStringToByteArray(ciphertext.toLowerCase());
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);
byte[] result = cipher.doFinal(encrypted);
return new String(result);
}
private static byte[] xorBytes(byte[] bytes1, byte[] bytes2) {
byte[] result = new byte[bytes1.length];
for (int i = 0; i < bytes1.length; i++) {
result[i] = (byte) (bytes1[i] ^ bytes2[i]);
}
return result;
}
private static byte[] hexStringToByteArray(String s) {
int len = s.length();
byte[] data = new byte[len / 2];
for (int i = 0; i < len; i += 2) {
data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16));
}
return data;
}
private static byte[] hashToBytes(String s) throws Exception {
return MessageDigest.getInstance("SHA-1").digest(s.getBytes());
}
private static String bytesToHex(byte[] bytes) {
StringBuilder result = new StringBuilder();
for (byte b : bytes) {
result.append(String.format("%02X", b));
}
return result.toString();
}
}
3.解密 - 使用PHP程序进行解密
PHP在线运行环境:代码在线运行 - 在线工具,进入后选择PHP,将以下代码复制到在线运行环境中
选择你自己的Navicat版本,把代码中的密码替换为你自己connections.ncx文件中的密码,然后执行即可输出(实测Navicat16可以成功解密)
// Navicat 11及以前的版本
//$navicatPassword = new NavicatPassword(11);
// Navicat 12及以后的版本
$navicatPassword = new NavicatPassword(12);
$decode = $navicatPassword->decrypt('68AB8FC887BE22ACD71F6E139DA7C141');
echo $decode . "\n";
class NavicatPassword
{
protected $version = 0;
protected $aesKey = 'libcckeylibcckey';
protected $aesIv = 'libcciv libcciv ';
protected $blowString = '3DC5CA39';
protected $blowKey = null;
protected $blowIv = null;
public function __construct($version = 12)
{
$this->version = $version;
$this->blowKey = sha1('3DC5CA39', true);
$this->blowIv = hex2bin('d9c7c3c8870d64bd');
}
public function encrypt($string)
{
$result = FALSE;
switch ($this->version) {
case 11:
$result = $this->encryptEleven($string);
break;
case 12:
$result = $this->encryptTwelve($string);
break;
default:
break;
}
return $result;
}
protected function encryptEleven($string)
{
$round = intval(floor(strlen($string) / 8));
$leftLength = strlen($string) % 8;
$result = '';
$currentVector = $this->blowIv;
for ($i = 0; $i < $round; $i++) {
$temp = $this->encryptBlock($this->xorBytes(substr($string, 8 * $i, 8), $currentVector));
$currentVector = $this->xorBytes($currentVector, $temp);
$result .= $temp;
}
if ($leftLength) {
$currentVector = $this->encryptBlock($currentVector);
$result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector);
}
return strtoupper(bin2hex($result));
}
protected function encryptBlock($block)
{
return openssl_encrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING);
}
protected function decryptBlock($block)
{
return openssl_decrypt($block, 'BF-ECB', $this->blowKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING);
}
protected function xorBytes($str1, $str2)
{
$result = '';
for ($i = 0; $i < strlen($str1); $i++) {
$result .= chr(ord($str1[$i]) ^ ord($str2[$i]));
}
return $result;
}
protected function encryptTwelve($string)
{
$result = openssl_encrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv);
return strtoupper(bin2hex($result));
}
public function decrypt($string)
{
$result = FALSE;
switch ($this->version) {
case 11:
$result = $this->decryptEleven($string);
break;
case 12:
$result = $this->decryptTwelve($string);
break;
default:
break;
}
return $result;
}
protected function decryptEleven($upperString)
{
$string = hex2bin(strtolower($upperString));
$round = intval(floor(strlen($string) / 8));
$leftLength = strlen($string) % 8;
$result = '';
$currentVector = $this->blowIv;
for ($i = 0; $i < $round; $i++) {
$encryptedBlock = substr($string, 8 * $i, 8);
$temp = $this->xorBytes($this->decryptBlock($encryptedBlock), $currentVector);
$currentVector = $this->xorBytes($currentVector, $encryptedBlock);
$result .= $temp;
}
if ($leftLength) {
$currentVector = $this->encryptBlock($currentVector);
$result .= $this->xorBytes(substr($string, 8 * $i, $leftLength), $currentVector);
}
return $result;
}
protected function decryptTwelve($upperString)
{
$string = hex2bin(strtolower($upperString));
return openssl_decrypt($string, 'AES-128-CBC', $this->aesKey, OPENSSL_RAW_DATA, $this->aesIv);
}
}