Extract WinSCP Credentials from any Windows System or winscp config file
Project description
WinSCP Password Extractor
WinSCP stores ssh session passwords in an encoded format in either the registry or a config file called WinSCP.ini.
This python script searches in the WinSCP default locations to extract stored credentials for the current user, when executed locally on the target. If a WinSCP.ini config file is already present the script can decode stored credentials as seen below. To gather WinSCP credentials from a remote target or a range of targets there is a module present for the pentesting Tool CrackMapExec called "winscp_dump".
These default locations are:
- registry
- %APPDATA%\WinSCP.ini
- %USER%\Documents\WinSCP.ini
Installation
WinSCPPasswdExtractor is available on pypi.org. Therefore it is recommended to install this tool with pipx:
pipx install WinSCPPasswdExtractor
Alternatively you could install it with pip or simply download the file and run it.
Usage
You can either specify a file path if you know the exact path to an existing WinSCP.ini file or you let the tool itself look if any credentials are stored in the default locations.
With pipx:
WinSCPPasswdExtractor
WinSCPPasswdExtractor <path-to-winscp-file>
Manually downloaded:
python WinSCPPasswdExtractor.py
python WinSCPPasswdExtractor.py <path-to-winscp-file>
About
This Tool is based on the work of winscppasswd, the ruby winscp parser from Metasploit-Framework and the awesome work from winscppassword.
They did the hard stuff
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file winscppasswdextractor-1.1.0.tar.gz
.
File metadata
- Download URL: winscppasswdextractor-1.1.0.tar.gz
- Upload date:
- Size: 3.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.4.2 CPython/3.9.2 Linux/5.15.103-1.qubes.fc32.x86_64
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | d1544d21ad4ad741accac135c4db27a02d3a79008ffb801deca97019411c8e55 |
|
MD5 | 8d0e3dbb82c56b239f076ca871508d70 |
|
BLAKE2b-256 | e61312b8a2c1082bd23962260364a575168bd7fcf16d873588c5264050be36a4 |
File details
Details for the file winscppasswdextractor-1.1.0-py3-none-any.whl
.
File metadata
- Download URL: winscppasswdextractor-1.1.0-py3-none-any.whl
- Upload date:
- Size: 4.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.4.2 CPython/3.9.2 Linux/5.15.103-1.qubes.fc32.x86_64
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6076a83122e0ef97904078021080a99100b759bb72b5ffaa2674db585c63fef4 |
|
MD5 | 8d83a988172b02ee12400f23c95843b9 |
|
BLAKE2b-256 | ff7e25bffc882b99b5a42caaa839dc9755e4c2d5e009d1869343a42e866d9d9a |