PowerShell Encoding Citrix Passwords

12/23 应用服务 阅读 443 views 次 人气 0
摘要:

Citrix ICA文件可以包含用于验证连接的密码。


Here are two PowerShell functions that can perform the required encryption and decryption.

I’ve made these functions so that I can programmatically create a whole bunch of ICA files which I can then use to connect to all my servers without having to type the password when I connect (or manually change all the files when my password changes).


function Citrix-Encode {
 
    param ($s = "", $k = $null)
 
    if ($k -eq $null) {
        $k = Get-Random 256
    }
 
    $p = $k -bxor ($k -bor [int][char]'C')
 
    $e = ($s.Length + 1).ToString("x4") + $k.ToString("x2")
 
    $s.ToCharArray() |% {
        $c = $_ -bxor $p -bxor $k
        $e += $c.ToString("x2")
        $p = $c
    }
 
    return $e
}
 
function Citrix-Decode {
 
    param ($s = $null)
 
    $l = [regex]::split($s, '(?<=\G.{2})')
 
    $n = [convert]::toint16($l[0]+$l[1],16) + 1
    $k = [convert]::toint16($l[2],16)
 
    $p = $k -bxor ($k -bor [int][char]'C')
    $d = ""
 
    $l[3..$n] |% {
        $c = [convert]::toint16($_,16)
        $d += [char]($c -bxor $p -bxor $k)
        $p = $c
    }
 
    return $d
}


Example of use:


PS> Citrix-Encode "abcd1234"

0009aa8a428b45de46df41

 

PS> Citrix-Decode "0009aa8a428b45de46df41"

abcd1234

The obfuscation that Citrix uses is shown to be relatively simple – just using an initial key and then some simple XOR stuff. The decode function does not do any validation of it’s input, it just assumes that it will be fed a valid hex string.


评论

该文章不支持评论!

分享到: