#!/usr/bin/perl -w
# $Id: ios7decrypt.pl,v 1.1 1998/01/11 21:31:12 mesrik Exp $
#
# Credits for orginal code and description hobbit@avian.org,
# SPHiXe, .mudge et al. and for John Bashinski <jbash@CISCO.COM>
# for Cisco IOS password encryption facts.
#
# Use for any malice or illegal purposes strictly prohibited!
#

@xlat = ( 0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41, 0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72,
	  0x6b, 0x6c, 0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53, 0x55, 0x42, 0x73, 0x67, 0x76, 0x63, 0x61, 0x36,
	  0x39, 0x38, 0x33, 0x34, 0x6e, 0x63, 0x78, 0x76 );
while (<>) {
        if (/(password|md5|key)\s+7\s+([\da-f]+)/io) {
            if (!(length($2) & 1)) {
                $ep = $2; $dp = "";
                ($s, $e) = ($2 =~ /^(..)(.+)/o);
                for ($i = 0; $i < length($e); $i+=2) {
		  if ($s > 39) {
                    printf "%s %d 0x%x\n",substr($e,$i,2),$s++,hex(substr($e,$i,2))^0x61;
		  }
		  else {
                    #printf "%s %d %x %c\n",substr($e,$i,2),$s,$xlat[$s],hex(substr($e,$i,2))^$xlat[$s];
                    $dp .= sprintf "%c",hex(substr($e,$i,2))^$xlat[$s++];
		  }
                }
                s/7\s+$ep/$dp/;
            }
        }
        print;
}