MCPcopy
hub / github.com/fortra/impacket / test_decryptVCrd

Method test_decryptVCrd

tests/misc/test_dpapi.py:278–301  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

276 unhexlify('756ff73b0ee4980e2dd722fbcd0badb9a6be89590304eb6d58b6e8ab7aaaec1d'))
277
278 def test_decryptVCrd(self):
279 blob = VAULT_VCRD(self.vcrdFile)
280 blob.dump()
281 key = unhexlify('acf4ff323558de5514be1731598e37c1ae5a6bf9016d5906097aee46712a5fe7')
282
283 cleartext = None
284 for i, entry in enumerate(blob.attributesLen):
285 if entry > 28:
286 attribute = blob.attributes[i]
287 if 'IV' in attribute.fields and len(attribute['IV']) == 16:
288 cipher = AES.new(key, AES.MODE_CBC, iv=attribute['IV'])
289 else:
290 cipher = AES.new(key, AES.MODE_CBC)
291 cleartext = cipher.decrypt(attribute['Data'])
292
293 if cleartext is not None:
294 # Lookup schema Friendly Name and print if we find one
295 if blob['FriendlyName'].decode('utf-16le')[:-1] in VAULT_KNOWN_SCHEMAS:
296 # Found one. Cast it and print
297 vault = VAULT_KNOWN_SCHEMAS[blob['FriendlyName'].decode('utf-16le')[:-1]](cleartext)
298 vault.dump()
299 self.assertEqual(vault['Username'], 'CONTOSO\\Administrator\x00'.encode('utf-16le'))
300 else:
301 raise Exception('No valid Schema')
302
303
304# Process command-line arguments.

Callers

nothing calls this directly

Calls 6

dumpMethod · 0.95
VAULT_VCRDClass · 0.90
encodeMethod · 0.80
decryptMethod · 0.45
decodeMethod · 0.45
dumpMethod · 0.45

Tested by

no test coverage detected