C:\u>java -cp jython-2.2.1.jar org.python.util.jython
Jython 2.2.1 on java1.7.0_80
Type "copyright", "credits" or "license" for more information.
>>> from javax.crypto.spec import IvParameterSpec
>>> import array
>>> key = array.array('b', [ 28, -89, -101, -111, 91, -113, 26, -70, 98, -80, -23, -53, -118, 93, -83, -17, 28, -89, -101, -111, 91, -113, 26, -70 ]).tostring()
>>> import base64
>>> encrypted_password = base64.decodestring("NEAK6ZkmhgwHmL8t7wDwm9e9/sIrku4w+ERJAND+w2s=")
>>> from javax.crypto import Cipher
>>> dec = Cipher.getInstance("DESede/CBC/NoPadding")
>>> from javax.crypto.spec import SecretKeySpec
>>> sks = SecretKeySpec(key, "DESede")
>>> iv = IvParameterSpec(encrypted_password[:8])
>>> dec.init(Cipher.DECRYPT_MODE, sks, iv)
>>> map (chr, dec.doFinal(encrypted_password[8:]))
['q', '\x00', 's', '\x00', 'p', '\x00', 't', '\x00', 'e', '\x00', 'm', '\x00', 's', '\x00', 'p', '\x00', 'r', '\x00', '\x06', '\x06', '\x06', '\x06', '\x06', '\x06']
>>> reduce(lambda x,y:x+y, map(chr, filter(lambda n: n>10, dec.doFinal(encrypted_password[8:]))))
'qsptemspr'
Friday, 30 June 2017
20161208: TIBCO Mangled Passwords with TIBCO JARs
>>> map (ord, base64.decodestring("AzRdHXdb5Xu5PFK1FQhWlRjdDSM="))
[3, 52, 93, 29, 119, 91, 229, 123, 185, 60, 82, 181, 21, 8, 86, 149, 24, 221, 13, 35]
>>> password = map (ord, base64.decodestring("AzRdHXdb5Xu5PFK1FQhWlRjdDSM="))
>>>
>>> j = password[0]
>>> k = password[1]
>>>
>>> i1 = (password[3] ^ j) << 8 & 0xFF00 | (password[2] ^ k) & 0xFF
>>> i1 = i1 & 0xFFFF
>>> i1 = i1 - 7777
>>>
>>> unmangled_passwd = password[4:4+i1]
>>>
>>> for n in xrange(i1):
... if (n % 2 != 0):
... i = k
... else:
... i = j
... print unmangled_passwd[n], i, unmangled_passwd[n] ^ i
... unmangled_passwd[n] = unmangled_passwd[n] ^ i
... m = i & 0x1
... i = i >> 1
...
... if m != 0:
... i = i | 0x80
... else:
... i = i & 0x7F
...
... if n % 2 != 0:
... k = i
... else:
... j = i
...
119 3 116
91 52 111
229 129 100
123 26 97
185 192 121
60 13 49
82 96 50
181 134 51
>>> unmangled_passwd
[116, 111, 100, 97, 121, 49, 50, 51]
>>> map (chr, unmangled_passwd)
['t', 'o', 'd', 'a', 'y', '1', '2', '3']
>>>
20170630 - Selenium 3.4.0 via Kotlin 1.1
Helpful URLs:
- https://stackoverflow.com/questions/16952514/selenium-webdriver-findelementby-xpath-not-working-for-me
- http://www.guru99.com/xpath-selenium.html
- http://asynchrony.blogspot.com.au/2008/11/enter-key-press-in-selenium.html
- https://stackoverflow.com/questions/1629053/typing-enter-return-key-in-selenium
- https://seleniumhq.github.io/selenium/docs/api/java/org/openqa/selenium/WebElement.html#sendKeys-java.lang.CharSequence...-
- https://seleniumhq.github.io/selenium/docs/api/java/org/openqa/selenium/remote/RemoteWebDriver.html#findElement-org.openqa.selenium.By-
What I needed:
- Download selenium-java-3.4.0.jar and realise the internal jar file was now renamed to client-combined-3.4.0-nodeps.jar
- Download the ChromeDriver as well
- To run from a command line, I needed to create the following batch file:
@echo off
setLocal EnableDelayedExpansion
set CLASSPATH="
for /R c:\u\selenium-java-3.4.0\lib %%a in (*.jar) do (
set CLASSPATH=!CLASSPATH!;%%a
)
set CLASSPATH=!CLASSPATH!"
c:\tibco\tibcojre64\1.8.0\bin\java -Xmx256M -Xms32M -noverify -cp lib\kotlin-preloader.jar org.jetbrains.kotlin.preloading.Preloader -cp lib\kotlin-compiler.jar org.jetbrains.kotlin.cli.jvm.K2JVMCompiler -cp c:\u\joda-time-2.9.jar;c:\u\selenium-java-3.4.0\client-combined-3.4.0-nodeps.jar;!CLASSPATH!
- I reached as far as the following:
import org.openqa.selenium.WebDriver
import org.openqa.selenium.chrome.ChromeDriver
import org.openqa.selenium.By
import org.openqa.selenium.Keys
System.setProperty("webdriver.chrome.driver", "c:/u/chromedriver.exe")
val chdr = ChromeDriver()
val HOST = "https://<<REDACTED>>/"
chdr.get(HOST)
chdr.findElement(By.id("login_username")).sendKeys("<<REDACTED>>")
chdr.findElement(By.id("login_password")).sendKeys("<<REDACTED>>", Keys.ENTER)
chdr.findElement(By.partialLinkText("Your account")).click()
chdr.get(HOST + "your-super/super/investments/your-investments/")
chdr.get(HOST + "your-super/super/insurance/your-insurance/")
chdr.get(HOST + "your-super/super/account-history/transactions/")
chdr.get(HOST + "your-super/super/account-history/request-history/")
// Here's how I eventually navigated the dropdown menu
chdr.findElement(By.linkText("Money Map")).click()
chdr.findElement(By.id("main")).findElement(By.tagName("input")).click()
chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Super']")).sendKeys(Keys.ENTER)
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Account history']")).sendKeys(Keys.ENTER)
chdr.findElement(By.linkText("Statements")).click()
chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Super']")).sendKeys(Keys.ENTER)
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Insurance']")).sendKeys(Keys.ENTER)
chdr.findElement(By.linkText("Your Insurance")).click()
chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Add to super']")).sendKeys(Keys.ENTER)
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Advice']")).sendKeys(Keys.ENTER)
chdr.findElement(By.linkText("Money Map")).click()
chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.linkText("Notifications")).click()
chdr.findElement(By.linkText("Money Map")).click()
chdr.findElement(By.partialLinkText("Logout")).click()
- https://stackoverflow.com/questions/16952514/selenium-webdriver-findelementby-xpath-not-working-for-me
- http://www.guru99.com/xpath-selenium.html
- http://asynchrony.blogspot.com.au/2008/11/enter-key-press-in-selenium.html
- https://stackoverflow.com/questions/1629053/typing-enter-return-key-in-selenium
- https://seleniumhq.github.io/selenium/docs/api/java/org/openqa/selenium/WebElement.html#sendKeys-java.lang.CharSequence...-
- https://seleniumhq.github.io/selenium/docs/api/java/org/openqa/selenium/remote/RemoteWebDriver.html#findElement-org.openqa.selenium.By-
What I needed:
- Download selenium-java-3.4.0.jar and realise the internal jar file was now renamed to client-combined-3.4.0-nodeps.jar
- Download the ChromeDriver as well
- To run from a command line, I needed to create the following batch file:
@echo off
setLocal EnableDelayedExpansion
set CLASSPATH="
for /R c:\u\selenium-java-3.4.0\lib %%a in (*.jar) do (
set CLASSPATH=!CLASSPATH!;%%a
)
set CLASSPATH=!CLASSPATH!"
c:\tibco\tibcojre64\1.8.0\bin\java -Xmx256M -Xms32M -noverify -cp lib\kotlin-preloader.jar org.jetbrains.kotlin.preloading.Preloader -cp lib\kotlin-compiler.jar org.jetbrains.kotlin.cli.jvm.K2JVMCompiler -cp c:\u\joda-time-2.9.jar;c:\u\selenium-java-3.4.0\client-combined-3.4.0-nodeps.jar;!CLASSPATH!
- I reached as far as the following:
import org.openqa.selenium.WebDriver
import org.openqa.selenium.chrome.ChromeDriver
import org.openqa.selenium.By
import org.openqa.selenium.Keys
System.setProperty("webdriver.chrome.driver", "c:/u/chromedriver.exe")
val chdr = ChromeDriver()
val HOST = "https://<<REDACTED>>/"
chdr.get(HOST)
chdr.findElement(By.id("login_username")).sendKeys("<<REDACTED>>")
chdr.findElement(By.id("login_password")).sendKeys("<<REDACTED>>", Keys.ENTER)
chdr.findElement(By.partialLinkText("Your account")).click()
chdr.get(HOST + "your-super/super/investments/your-investments/")
chdr.get(HOST + "your-super/super/insurance/your-insurance/")
chdr.get(HOST + "your-super/super/account-history/transactions/")
chdr.get(HOST + "your-super/super/account-history/request-history/")
// Here's how I eventually navigated the dropdown menu
chdr.findElement(By.linkText("Money Map")).click()
chdr.findElement(By.id("main")).findElement(By.tagName("input")).click()
chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Super']")).sendKeys(Keys.ENTER)
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Account history']")).sendKeys(Keys.ENTER)
chdr.findElement(By.linkText("Statements")).click()
chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Insurance']")).sendKeys(Keys.ENTER)
chdr.findElement(By.linkText("Your Insurance")).click()chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Super']")).sendKeys(Keys.ENTER)
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Insurance']")).sendKeys(Keys.ENTER)
chdr.findElement(By.linkText("Your Insurance")).click()
chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Add to super']")).sendKeys(Keys.ENTER)
chdr.findElement(By.xpath("//*[@data-ec-expand='Expand Advice']")).sendKeys(Keys.ENTER)
chdr.findElement(By.linkText("Money Map")).click()
chdr.findElement(By.linkText("Your account")).click()
chdr.findElement(By.linkText("Notifications")).click()
chdr.findElement(By.linkText("Money Map")).click()
chdr.findElement(By.partialLinkText("Logout")).click()
Subscribe to:
Comments (Atom)