navicat导出文件密码解密

---

一、概念

Navicat中导出的带密码的文件后缀是.ncx结尾的，里面是xml格式的文件，存储了数据库的连接，方便在Navicat中进行导入和导出，共享数据库连接信息。

二、导出文件

1、创建的数据库连接信息

其中密码为：shiyrecYkXAJ65W5

2、导出带密码的连接信息

3、查看导出后的文件

打开导出以后的配置文件信息49.232.214.247.ncx

<?xml version="1.0" encoding="UTF-8"?>
<Connections Ver="1.5">
	<Connection ConnectionName="49.232.214.247_1" 
              ProjectUUID="" 
              ConnType="MYSQL" 
              ServiceProvider="Default" 
              Host="49.232.214.247" 
              Port="3306" 
              UserName="test_navicat" 
              Password="35DFCD64284E35882562A71D5CAED5AAEFB0C5C7133922605A0DF5A3F1EE6419" 
              SavePassword="true" 
              SettingsSavePath="/Users/lydms/Library/Containers/com.navicat.NavicatPremium/Data/Library/Application Support/PremiumSoft CyberTech/Navicat CC/Common/Settings/0/0/MySQL/49.232.214.247" 
              SessionLimit="0" 
              ClientDriverVersion="Default" 
              ClientCharacterSet="" 
              ClientEncoding="65001" 
              Keepalive="false" 
              KeepaliveInterval="240" 
              UseConnectionTimeout="true" 
              ConnectionTimeoutSeconds="30" 
              UseReadTimeout="false" 
              ReadTimeoutSeconds="30" 
              UseWriteTimeout="true" 
              WriteTimeoutSeconds="30" 
              Encoding="65001" 
              MySQLCharacterSet="true" 
              Compression="false" 
              AutoConnect="false" 
              NamedPipe="false" 
              NamedPipeSocket="" 
              UseAdvanced="false" 
              SSL="false" 
              SSH="false" 
              HTTP="false" 
              Compatibility="false"/>
</Connections>

三、Python代码解析

import binascii
import xml.etree.ElementTree as ET

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import padding
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes

aes_key = b'libcckeylibcckey'
aes_iv = b'libcciv libcciv '


# 解密
def decrypt(upper_string):
    backend = default_backend()
    cipher = Cipher(algorithms.AES(aes_key), modes.CBC(aes_iv), backend=backend)
    decryptor = cipher.decryptor()

    encrypted_data = binascii.unhexlify(upper_string.lower())
    decrypted_padded_data = decryptor.update(encrypted_data) + decryptor.finalize()

    unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
    try:
        data = unpadder.update(decrypted_padded_data) + unpadder.finalize()
    except ValueError as e:
        print("Decryption error: Invalid padding bytes.")
        raise e
    return data.decode()


if __name__ == '__main__':
    # 本地文件地址
    xml_path_x = r'/Users/lydms/Downloads/49.232.214.247.ncx'
    # 格式化xml数据
    tree = ET.parse(xml_path_x)
    # 获取数据
    root_element = tree.getroot()
    for child in root_element:
        print('---------------------------------')
        print('ConnectionName:', child.attrib['ConnectionName'])
        print('Host:', child.attrib['Host'])
        print('Port:', child.attrib['Port'])
        print('UserName:', child.attrib['UserName'])
        print('source_Password:', child.attrib['Password'])
        print('Password:', decrypt(child.attrib['Password']))

可以看到将文件中加密后的密码，已经解析为明文秘钥了

加密后：35DFCD64284E35882562A71D5CAED5AAEFB0C5C7133922605A0DF5A3F1EE6419
明文：shiyrecYkXAJ65W5

执行结果：

四、参考地址

是参考了多个文章糅合而成的，如果有不能使用的可以参考一下

• https://www.cnblogs.com/drewgg/p/18617750
• https://blog.youkuaiyun.com/qyq88888/article/details/121947160