Imagine you have saved the password for your jabber account in Psi and now you can’t memorize. Fourtunately the encryption of Psi’ config file can be reversed.
The password is saved in file config.xml in an encrypted way. You can
recover it with the following code which I copied from psi’s source
code:
#include <qstring.h> #include <iostream> int hexChar2int(char c) { if(c >= 'A' && c <= 'F') return c - 'A' + 10; else if(c >= 'a' && c <= 'f') return c - 'a' + 10; else if(c >= '0' && c <= '9') return c - '0'; return 0; } QString decodePassword(const QString &pass, const QString &key) { QString result; unsigned int n1, n2; if(key.length() == 0) return pass; for(n1 = 0, n2 = 0; n1 < pass.length(); n1 += 4) { ushort x = 0; if(n1 + 4 > pass.length()) break; x += hexChar2int(pass.at(n1))*4096; x += hexChar2int(pass.at(n1+1))*256; x += hexChar2int(pass.at(n1+2))*16; x += hexChar2int(pass.at(n1+3)); QChar c(x ^ key.at(n2++).unicode()); result += c; if(n2 >= key.length()) n2 = 0; } return result; } int main() { QString password = "aaa000000000000000000000000000000000000000000"; QString key = "id@jabber.org"; QString out = decodePassword(password,key); std::cout << out << std::endl; }
Compile it with
$ g++ -I$QTDIR/include -L$QTDIR/lib decode.cc -lqt-mt
My friend Dominik made some small modifications to the code above and added a Makefile. You can download the resulting archive PsiDescramble.tar.gz.
Please consider crafting this into a plug-in for Psi+
Some JID created very late at night or after much sleep deprivation when it ‘seems like a good idea’ oft result in losing password to frailty in human recall. π
Extra goodness if it were to play nicely on both Ubuntu and windows… but if only one then Ubuntu. π
XMPP:zomebiestew@hot-chilli.net/crypt
Yes, I know those situations. π
Personally I haven’t used Psi for years, it seemed a bit abandoned. Is Psi+ the successor?
psi-plus is a huge improvement over psi, complete with a plugin system and lots of useful plugins (eg. otr, finally!, and jingle support).
For those that canΒ΄t compile a C/C++ code, neither are using a Linux desktop:
http://blogmal.42.org/rev-eng/psi-password.story
thank you. here’s a python code that expects accounts.xml and extracts jid + password combinations: https://github.com/jose1711/psi-im-decrypt/blob/master/psi-im-decrypt.py