Skip to content

Secd0g/go-DecryptTeamViewer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 

Repository files navigation

go-DecryptTeamViewer

usage

key:0602000000a400005253413100040000 iv:0100010067244F436E6762F25EA8D704

hexStrCipher is the variable to decrypt.

Registry file for DecryptTeamViewer:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TeamViewer\Version7]
"Always_Online"=dword:00000000
"ClientIC"=dword:0705f05b
"ClientID"=dword:29d9846d
"CUse"=dword:00000001
"InstallationDate"="2020-12-16"
"InstallationDirectory"="C:\\Program Files (x86)\\TeamViewer\\Version7"
"LastMACUsed"=hex(7):00,00,00,00,00,00
"LastUpdateCheck"=dword:5fda2de5
"MIDInitiativeGUID"="{2936d53d-fd4b-4cbc-ad55-dc105e3c4220}"
"MIDVersion"=dword:00000001
"PK"=hex:ad,26,ac,2c,bf,bd,68,3c,ce,cb,30,48,b8,ac,94,29,dd,60,df,41,c8,0e,43,\
  a7,6a,08,4e,c1,27,23,65,f4,eb,56,d9,48,ef,e4,e3,fc,6c,b5,33,7e,c6,fa,aa,dd,\
  9a,32,58,c4,b4,97,c4,e6,40,75,5c,bd,77,39,d7,be,16,12,98,e5,94,58,2a,d4,d3,\
  80,68,48,a4,e9,67,1e,83,03,78,fa,6c,9c,48,63,b3,25,04,73,47,fd,2c,ce,82,11,\
  6f,ae,f7,b7,b1,21,96,a6,5a,77,5f,61,6e,34,e8,fe,62,db,b4,94,72,d9,09,19,63,\
  14,a3,46,c7,c1,20,4d,36,aa,ff,f5,e6,58,62,40,7e,51,63,db,a3,91,f9,1e,9c,ff,\
  19,72,58,0f,11,da,da,c5,ef,00,19,53,ae,28,5c,4c,7f,c8,47,dc,e1,d4,f5,a8,3c,\
  91,14,05,f2,57,50,57,78,1f,ea,68,de,d6,ed,5a,e0,ab,88,2c,73,0f,71,12,41,60,\
  90,9d,12,0e,d5,9c,47,c7,d7,d6,f3,44,a2,2e,8a,7f,f7,70,56,43,91,e7,3a,95,1f,\
  24,15,76,ab,3b,26,98,77,10,d6,a5,cd,9d,e2,2e,55,21,4e,81,1a,e7,62,73,5b,8e,\
  14,55,37,dd,58,95,fa,ba,2d,a5,e5,25,3e,78,8e,04,54,9d,b1,2d,89,56,05,81,9f,\
  6d,4b,3c,b3,01,cb,c6,db,8f,4d,7f,56,4b,76,5f,74,20,f4,b5,c6,3f,e7,18,8e,dd,\
  8c,85,eb,bb,d3,3e,1e,aa,98,f8,37,db,d9,85,6f,8b,5c,fa,f2,39,db,a8,86,89,4c,\
  06,af,55,4b,c8,11,f2,f0,fa,fd,b2,fc,02,b2,10,16,70,78,03,12,b4,dd,2a,a2,fc,\
  4e,7b,3e,b3,71,d4,de,21,d9,c4,e9,73,f2,58,7b,38,cf,c4,68,e6,a2,16,ca,6d,f3,\
  f6,5b,84,3a,a3,69,2b,b0,13,ec,2a,5e,23,f6,69,6e,bf,6a,a2,db,1e,08,fc,76,c6,\
  4c,63,98,cf,73,fb,e2,94,1c,94,79,16,76,1e,5c,f8,82,3c,32,fd,5e,52,77,77,0e,\
  53,89,d0,d2,98,58,96,83,4d,64,5c,69,fc,68,43,35,f3,32,57,c7,1f,3d,27,e0,57,\
  af,35,7c,4b,fa,70,39,52,8c,76,aa,3c,6d,02,46,88,d2,ee,e4,1c,3f,20,a0,da,1b,\
  7c,75,1d,d6,ed,1a,b4,5a,65,af,49,c0,52,74,36,ef,0c,10,2a,c6,fa,66,9a,7e,da,\
  08,9c,87,dc,30,5c,46,5d,17,5b,a5,39,ce,d4,d3,95,e1,21,57,86,9c,57,47,e3,45,\
  30,91,1b,d0,8b,85,71,75,cf,9b,24,c9,9c,eb,25,2a,e9,a4,78,4d,9e,f6,a4,34,84,\
  fb,ba,8b,87,50,6f,bf,37,77,3d,a3,17,13,12,5f,48,1f,a4,21,aa,f0,10,7e,6c,2a,\
  42,f4,57,e4,00,88,ad,38,0c,83,bb,3c,71,ec,04,e5,ba,27,2d,b4,f7,46,d2,67,1e,\
  79,e4,e7,e5,b2,63,ff,0f,df,ab,04,26,4f,18,6e,4c,a1,31,80,5b,9d,63,21,76,b0,\
  50,13,6c,81,9f,ce,06,80,80,e3,0b,6f,6b,ef,13,5d,ae
"Security_ActivateDirectIn"=dword:00000000
"SecurityPasswordAES"=hex:88,9d,f1,f5,80,27,74,a5,d2,45,be,78,b1,7e,56,a0,1f,\
  16,12,86,64,88,3e,73,b9,02,5e,7b,78,2e,0f,7e,b0,61,f1,69,7b,a9,aa,46,41,f1,\
  cc,27,51,97,73,e7,4e,58,e5,f2,08,ab,b6,4a,8e,e1,b0,f6,e4,77,02,78
"SK"=hex:bf,ad,2a,ed,b6,c8,9a,e0,a0,fd,05,01,a0,c5,b9,a5,c0,d9,57,a4,cc,57,c1,\
  88,4c,84,b6,87,3e,a0,3c,06,ba,da,75,01,cc,a7,c6,d3,0f,07,19,55,48,0f,e3,14,\
  2b,4c,76,21,8b,33,0e,23,0f,b3,16,2d,a8,4c,25,35,a7,44,ac,cb,f1,45,1b,0b,ea,\
  58,ff,45,2e,84,d6,5c,ba,7f,8e,a2,6f,a1,dc,b2,e2,c8,7b,0b,53,44,fd,39,99,7d,\
  61,12,ce,37,9c,da,55,ea,d8,5e,ed,77,83,89,aa,83,3b,54,52,6f,6e,ca,3d,51,18,\
  d8,6c,75,8d,72,6b,8c,d7,1c,d1,ec,84,b6,ce,9f,eb,cd,13,9e,37,e9,0a,c3,11,7d,\
  b2,60,42,76,6e,6b,d3,15,da,73,2a,be,36,55,60,db,b8,e9,cf,31,03,de,d4,32,bc,\
  84,fa,0c,32,ea,05,aa,65,cc,c7,d1,08,52,64,99,4c,0f,ae,57,b4,6d,8b,11,b7,f0,\
  15,33,88,c4,6a,ae,07,11,8c,11,74,35,d7,40,a0,55,c8,d4,5f,24,d1,a8,d5,8a,75,\
  91,e3,c3,ef,4a,f2,2b,ed,be,e9,d4,d9,0a,6a,7f,39,e0,63,4c,4f,fd,58,41,02,7a,\
  6c,52,4d,d5,0a,41,05,55,81,bd,90,44,e9,38,e3,04,6b,ee,c1,9c,a0,80,79,29,2b,\
  b0,b7,f1,75,2c,8a,1d,ba,0c,55,fa,94,77,33,59,db,3d,67,8a,39,5a,48,b3,3a,25,\
  fd,5f,c5,49,2e,c6,3f,91,bd,4e,84,78,db,cc,42,b9,f6,43,de,bb,2b,0c,70,f0,77,\
  d6,ac,a1,02,54,41,06,42,db,d7,9c,72,bb,44,62,5c,c7,93,5a,9f,0b,63,8e,17,1c,\
  cb,28,d2,5e,2f,85,d9,36,35,91,cc,c5,99,79,5c,13,40,79,26,ae,13,bf,5d,37,ba,\
  d7,fc,a7,43,62,7d,0b,f4,66,8c,e3,44,88,1f,c4,37,54,59,b6,a0,4d,fa,e8,cf,9f,\
  e3,51,bc,df,f7,ce,fa,e8,69,cf,2c,e5,2a,4f,c9,3b,b3,08,7c,5e,3f,7e,6e,05,50,\
  87,81,c4,15,af,ee,07,6d,76,ec,4b,8b,c6,df,0d,8f,fc,5d,7f,9b,95,2d,ff,5b,8a,\
  0f,dd,69,19,7a,00,3c,56,bd,37,72,cd,91,66,fc,d6,0a,b1,f0,7a,9a,3f,6a,16,1e,\
  b6,1f,79,f3,d4,f0,6c,6f,fd,1f,b8,c9,85,4b,10,5d,cc,e5,a2,7e,f9,f7,98,43,ea,\
  a1,ce,3c,99,14,7b,8e,0d,0e,7d,0e,23,94,25,23,59,ec,83,82,21,44,4f,4a,f1,21,\
  8d,9e,5b,84,ce,b3,13,51,65,a6,f8,8b,5a,19,e4,55,1c,15,dc,c1,1e,2d,0d,fe,27,\
  85,c6,cc,0b,5e,5a,9a,65,67,76,48,91,5f,5e,79,e3,44,8c,88,85,c5,c2,d4,6a,be,\
  f2,dc,df,72,33,cb,f3,67,45,21,b0,c4,47,16,86,8e,f7,2c,c1,8c,58,eb,00,cc,2b,\
  11,3e,68,58,64,a9,7e,cd,91,d2,ea,87,46,30,03,54,69,4f,e0,ce,e4,82,b0,a0,03,\
  fb,e4,78,27,8c,10,24,f7,cf,8c,22,e9,77,98,ad,7f,e1
"StartMenuGroup"="TeamViewer 7"
"UsageEnvironmentBackup"=dword:00000002
"Version"="7.0.43148"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TeamViewer\Version7\AccessControl]
"AC_Server_AccessControlType"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TeamViewer\Version7\DefaultSettings]
"Autostart_GUI"=dword:00000000

SecurityPasswordAES is hexadecimal ciphertext:

88,9d,f1,f5,80,27,74,a5,d2,45,be,78,b1,7e,56,a0,1f,\
  16,12,86,64,88,3e,73,b9,02,5e,7b,78,2e,0f,7e,b0,61,f1,69,7b,a9,aa,46,41,f1,\
  cc,27,51,97,73,e7,4e,58,e5,f2,08,ab,b6,4a,8e,e1,b0,f6,e4,77,02,78

remove punctuation:

889df1f5802774a5d245be78b17e56a01f16128664883e73b9025e7b782e0f7eb061f1697ba9aa4641f1cc27519773e74e58e5f208abb64a8ee1b0f6e4770278

Replace hexStrCipher in the code:

runing result:

reference

https://whynotsecurity.com/blog/teamviewer/

About

Go language version of DecryptTeamViewer

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages