#!/usr/bin/perl
# dreampass.pl v0.5
# Decode Macromedia Dreamweaver passwords
#
# Run the script to see options. You can specify
# a hash on the command line or let the script
# do the dirty parsing work. 
#
# You can aggregate a bunch of STE files into one 
# and feed it to the script, which should separate
# it out by host. 
#
# Thanks to everyone who posts code on the web, it's
# a great way to learn. 
#
# NOTE: This is old code

use strict;
use Getopt::Std;

our ($stefile, $hash, $pwhash, $opt_p, $opt_i, $opt_h);
getopts('i:p:h');

&usage if ($opt_h || (!$opt_i && !$opt_p));

print $opt_p . " is " . &decode($opt_p) . "\n" if $opt_p;

if ($opt_i) {
	my (@values, $hostname, $username, $accesstype);
	open(MYFILE, $opt_i) or die("ERROR: File $opt_i can't be opened.");
	while(<MYFILE>) {
        	push @values, split(/ /);
	}
        
	foreach(@values) {
		
		$hostname = substr($_,6,-1) if($_ =~ m/host/);
		$username = substr($_,6,-1) if($_ =~ m/user/);
		$accesstype = substr($_,12,-1) if ($_ =~ m/accesstype/);

		if($_ =~ m/pw/) {
			chomp;
			$pwhash = substr($_, 4, -1);
             	        print "\n Server: " . $hostname . "\n Username: " . $username . "\n Password: " . &decode($pwhash) . "\n AccessType: " . $accesstype . "\n Hash: " . $pwhash . "\n\n" unless(!$pwhash); 
		
		}
	}

}


sub usage() {
	print "\n";
	print "	dreampass.pl v0.5 by \@send9\n\n";
	print "	  -i -- Specify an STE file to parse.\n";
	print "	  -p -- Specify the hash on the command line.\n";
	print "	  -h -- What you're currently looking at.\n\n";
	print "	Ex: $0 -p 4143656668\n";
	print "	Ex: $0 -i keystothekingdom.ste\n";
	print "\n";
}


sub decode($) {
	
# Subtract hex number based on position (where first character is
# position "0"), then convert to ASCII. Not even XOR'd! ;)

	my $dreampass = '';
	for(my $i=0, my $p=0; $i<=(length($_[0])-2); $i+=2, $p+=1) {
		$hash = hex(substr($_[0],$i,2)) - hex($p);
		$dreampass .= chr($hash);
	}

	return $dreampass;
}