расковырял шоп, но креды там зашифрованы.
есть privatekey админа:
$VAR1 = bless( {
'Version' => '1.91',
'Identity' => ' ',
'Checked' => 0,
'private' => {
'_phi' => '149395077348184646600315700547349939515239332042298583511570256444033559082585206500579637982661326497804449491108418397698665781731993373342445074971713183310045225960393851764978751358245642595954502860984734407337432521030883788174153163837358642723917443568880247588763881273323861095595544970493883011664',
'_dq' => '8621761539892758467575859040339679184007809564348605135881602493859625204546243784075385648343632414005563570147824363904525917833619551938470132811306129',
'_d' => '80016876040648449959019816601508729066999268098154704646583443576887345940719073478849298144061795363320441674731643233532486477415146121901620565812549798748023368809401482897512613183043754618050795114611382076786526028857379537245969824023360286203136397823440719759232033209579537851558582473324630078817',
'_n' => '149395077348184646600315700547349939515239332042298583511570256444033559082585206500579637982661326497804449491108418397698665781731993373342445074971713207810175651896281460771126035948078988021670018215330779769681178924677545881439638779931916708742024345469411756392982690946032841382010993265714048644899',
'_q' => '11432128556629136723374723302042276427028685619283667195206421370130665176837032713085188953900712934825448543211628805430561143468254047978624956380337673',
'_e' => '65537',
'_p' => '13068001869306750885631423982547556918397029896070678850155922376272981485256232772530905604165305172076451988297175413379111565512032367469670263785295563',
'_dp' => '8343645119844846179385100098047209541074588689918389395393814424108009784840041566348523949840441729410364481106962601239537121737117695109646192499380617',
'_u' => '4914050948747620932821478016782751802245253733180161363087682054456397289754519088588816277460581757207012227989331078600950575428584363816349259429325387'
},
'Cipher' => 'Blowfish'
}, 'Crypt::RSA::Key::Private' );
креды выглядят вот так:
ENCRSA:-----BEGIN COMPRESSED RSA ENCRYPTED MESSAGE-----
Version: 1.24
Scheme: Crypt::RSA::ES::OAEP
eJwBkQJu/TEwADY0MABDeXBoZXJ0ZXh0Q/zfgsY/1qwqtfeM5wmbRXijXXCl1oeZclEbOplsMEs9
UBAhQtzM4RA6XsVhzeiP3uaIpoa3/uiZg3KaBKD1uF5rN91WUyhSPWwvIwGpLTs+9wRnuPa0Ybph
6wNC2mnu281RIcSA0AgQCu8TiV/OoZBmp7rmCGx1GMGe2NKOgZ8lFrobscmOqCg1l7Bd0G1BbSez
7JESAFQkb+oZIEbQXFnHvv5/DKsMRxWLoolcVlAKBxMhoTjfEqU/h4lvuzDcYtvFdKmFGAAr5pvr
YairkH/KxaVZTyd86p31W1qk39SRnddffXZkeIuExiP7iYZwhchthgmzlLlFymn7OIe4ABHyT5re
oZYPVkCRukefOq5ju8RQeUeFcXzqMMeDzgtQxb+BAX4eEkNfCxA9tY+UdtfMJ/bgwke4s0N88bou
u6ENlCj1fg7MiRJZMVoSMuOKrtmToBpn+TBGVvAFVwoORaNEBwarmR8FQlRQMQ3jljxzZ0APkqBK
YFybUe5beZFQj+YrguhCFmEhvUK9s/1108+eiWteDfSY/siygHehSaLPxmoxaRq0VlUI0+hX7fvs
MadBZzJoQulMrWOCxvQoR36goQxM88zBzZAKMI+EB+WuT8CP3hfcI/cM6Tai0fjIVl3MIjcFrP4S
XRsOxI3Ts6g8R+TA0EHouwOQkBz3AsQrlNevTuFswcJFa9jGrX5dqUGaus2IPTLwlGZnbpbmH5TL
f1Tu6F4CYMpThg9/XAyDupz7/D7UlOQm6FJGZK/IZ18rQIkqfokyQl1cAy4Erl2zCSbMZCl5gOow
vjNsbq66Htyj2KWHmTjv7THEOd/UJSVb4whqMvHXW+IMVkx4QtWmP/s=
=sLeBl3WhneS/7L/LEtM6LA==
конфигурационный файл пишет:
Customer data file encryption stuff
#
#
# Armour is "A boolean parameter that forces cyphertext through a post processor after encrpytion.
# The default post processor is Convert::ASCII::Armour(3) that encodes binary octets in 6-bit
# clean ASCII messages. The cyphertext is returned as-is, when the Armour key is not present".
# Armour chops the cyphertext into \n delimited chunks.
#
# Any value for $use_encryption apart from YES (case insensitive) is interpreted as no.
#
# Crypt::RSA picks up its keys from files. In this case the public key is in plain
# and the private key is encrypted with Blowfish. Only the order management software
# decrypts the key and the Blowfish password is passed over SSL.
# It is possible to decrypt the private password and reencrypt it with a different password
# using Crypt::RSA features.
$use_encryption = 'YES';
$PrivateKeyFileName = 'a.private';
$PublicKeyFileName = 'a.public';
$armour = 1;
}, 'Crypt::RSA::Key::Private' );
так вот чем расшифровать креды?
есть privatekey админа:
$VAR1 = bless( {
'Version' => '1.91',
'Identity' => ' ',
'Checked' => 0,
'private' => {
'_phi' => '149395077348184646600315700547349939515239332042298583511570256444033559082585206500579637982661326497804449491108418397698665781731993373342445074971713183310045225960393851764978751358245642595954502860984734407337432521030883788174153163837358642723917443568880247588763881273323861095595544970493883011664',
'_dq' => '8621761539892758467575859040339679184007809564348605135881602493859625204546243784075385648343632414005563570147824363904525917833619551938470132811306129',
'_d' => '80016876040648449959019816601508729066999268098154704646583443576887345940719073478849298144061795363320441674731643233532486477415146121901620565812549798748023368809401482897512613183043754618050795114611382076786526028857379537245969824023360286203136397823440719759232033209579537851558582473324630078817',
'_n' => '149395077348184646600315700547349939515239332042298583511570256444033559082585206500579637982661326497804449491108418397698665781731993373342445074971713207810175651896281460771126035948078988021670018215330779769681178924677545881439638779931916708742024345469411756392982690946032841382010993265714048644899',
'_q' => '11432128556629136723374723302042276427028685619283667195206421370130665176837032713085188953900712934825448543211628805430561143468254047978624956380337673',
'_e' => '65537',
'_p' => '13068001869306750885631423982547556918397029896070678850155922376272981485256232772530905604165305172076451988297175413379111565512032367469670263785295563',
'_dp' => '8343645119844846179385100098047209541074588689918389395393814424108009784840041566348523949840441729410364481106962601239537121737117695109646192499380617',
'_u' => '4914050948747620932821478016782751802245253733180161363087682054456397289754519088588816277460581757207012227989331078600950575428584363816349259429325387'
},
'Cipher' => 'Blowfish'
}, 'Crypt::RSA::Key::Private' );
креды выглядят вот так:
ENCRSA:-----BEGIN COMPRESSED RSA ENCRYPTED MESSAGE-----
Version: 1.24
Scheme: Crypt::RSA::ES::OAEP
eJwBkQJu/TEwADY0MABDeXBoZXJ0ZXh0Q/zfgsY/1qwqtfeM5wmbRXijXXCl1oeZclEbOplsMEs9
UBAhQtzM4RA6XsVhzeiP3uaIpoa3/uiZg3KaBKD1uF5rN91WUyhSPWwvIwGpLTs+9wRnuPa0Ybph
6wNC2mnu281RIcSA0AgQCu8TiV/OoZBmp7rmCGx1GMGe2NKOgZ8lFrobscmOqCg1l7Bd0G1BbSez
7JESAFQkb+oZIEbQXFnHvv5/DKsMRxWLoolcVlAKBxMhoTjfEqU/h4lvuzDcYtvFdKmFGAAr5pvr
YairkH/KxaVZTyd86p31W1qk39SRnddffXZkeIuExiP7iYZwhchthgmzlLlFymn7OIe4ABHyT5re
oZYPVkCRukefOq5ju8RQeUeFcXzqMMeDzgtQxb+BAX4eEkNfCxA9tY+UdtfMJ/bgwke4s0N88bou
u6ENlCj1fg7MiRJZMVoSMuOKrtmToBpn+TBGVvAFVwoORaNEBwarmR8FQlRQMQ3jljxzZ0APkqBK
YFybUe5beZFQj+YrguhCFmEhvUK9s/1108+eiWteDfSY/siygHehSaLPxmoxaRq0VlUI0+hX7fvs
MadBZzJoQulMrWOCxvQoR36goQxM88zBzZAKMI+EB+WuT8CP3hfcI/cM6Tai0fjIVl3MIjcFrP4S
XRsOxI3Ts6g8R+TA0EHouwOQkBz3AsQrlNevTuFswcJFa9jGrX5dqUGaus2IPTLwlGZnbpbmH5TL
f1Tu6F4CYMpThg9/XAyDupz7/D7UlOQm6FJGZK/IZ18rQIkqfokyQl1cAy4Erl2zCSbMZCl5gOow
vjNsbq66Htyj2KWHmTjv7THEOd/UJSVb4whqMvHXW+IMVkx4QtWmP/s=
=sLeBl3WhneS/7L/LEtM6LA==
конфигурационный файл пишет:
Customer data file encryption stuff
#
#
# Armour is "A boolean parameter that forces cyphertext through a post processor after encrpytion.
# The default post processor is Convert::ASCII::Armour(3) that encodes binary octets in 6-bit
# clean ASCII messages. The cyphertext is returned as-is, when the Armour key is not present".
# Armour chops the cyphertext into \n delimited chunks.
#
# Any value for $use_encryption apart from YES (case insensitive) is interpreted as no.
#
# Crypt::RSA picks up its keys from files. In this case the public key is in plain
# and the private key is encrypted with Blowfish. Only the order management software
# decrypts the key and the Blowfish password is passed over SSL.
# It is possible to decrypt the private password and reencrypt it with a different password
# using Crypt::RSA features.
$use_encryption = 'YES';
$PrivateKeyFileName = 'a.private';
$PublicKeyFileName = 'a.public';
$armour = 1;
}, 'Crypt::RSA::Key::Private' );
так вот чем расшифровать креды?