We had a need to decrypt plesk passwords upon request to interface with another system so after a bit of playing about the following code is what we landed at:-
<?php $key = file_get_contents("/etc/psa/private/secret_key"); $hash = explode(' Just pass the AES string in its entirety from the psa database. Hope this helps people :) James , '$AES-128-CBC$some-example-string==$some-example-salt=='); $iv = base64_decode($hash[2]); $ct = base64_decode($hash[3]); $dec = str_replace("\0", "", mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ct , MCRYPT_MODE_CBC, $iv)); echo($dec); ?>
Just pass the AES string in its entirety from the psa database.
Hope this helps people 🙂
James
Hi, First of all let me thank for your great work with this and other scripts.I’m hiavng a problem in the decrypt process.I keep getting this Warning:Warning: mcrypt_decrypt() [function.mcrypt-decrypt]: The IV parameter must be as long as the blocksizeCan you give me some help with this?Best Regards
Hi,
Are you using the code exactly as above?
James
This works perfect!
Thanks for sharing 🙂
Thank you! 🙂
Unfortunately it does not seem to work for PLESK 12.
You can only decrypt the FTP password in Plesk 12 and above. The following db query will give you the accounts where the client login name matches an FTP login name. The chances are that the customer used the same password. It’s not much but better than nothing.
SELECT c.login, a.password
FROM clients c
LEFT JOIN sys_users s ON s.login = c.login
LEFT JOIN accounts a on s.account_id = a.id;
Hi, do you know how to decrypt {PEMBF} and {PBABF} passwords? It seems they are encrypted with AES. For example:
{PEMBF}zlQXVFcVn/Ekcscjnfy1bA==