Descramble Passwords from gftp Bookmarks using Python

If you check the file where gftp keeps its bookmarks, you will notice that passwords are not stored in clear text. Instead, gftp has used an algorithm to scramble them. I cannot recall if it was one or two years ago when I had decided to write a script to convert the bookmarks from the gftp format to the FileZilla format, but I do recall that I had to descramble the passwords from the gftp bookmarks and the C code of that password descrambling algorithm had given me a hard time, because I had to port it to Python, since Python was the programming language I intended to use for my bookmark converter. At that time, I happened to hang out at #python, so I had asked for some help there and a kind fellow pythonista had saved the day.

The original password descrambling algorithm in C as found in the gftp sources at that time (gftp-2.0.18/lib/misc.c):

char *
gftp_descramble_password (const char *password)
  const char *passwordpos;
  char *newstr, *newpos;
  int error;
  if (*password != '$')
    return (g_strdup (password));
  passwordpos = password + 1;
  newstr = g_malloc (strlen (passwordpos) / 2 + 1);
  newpos = newstr;
  error = 0;
  while (*passwordpos != '\0' && (*passwordpos + 1) != '\0')
      if ((*passwordpos & 0xc3) != 0x41 ||
          (*(passwordpos + 1) & 0xc3) != 0x41)
          error = 1;
      *newpos++ = ((*passwordpos & 0x3c) << 2) |
                  ((*(passwordpos + 1) & 0x3c) >> 2);
      passwordpos += 2;
  if (error)
      g_free (newstr);
      return (g_strdup (password));
  *newpos = '\0';
  return (newstr);

The following is the Python port of the above code. The person who did the porting wished to remain nameless. The exact answer I got when I had asked about how I should give him credit for the code was:

please don’t attach my name to it. it’s horrible, awful code. Consider it public domain, do with it as you wish.

Python port:

def gftp_descrable_password(password):
    """gftp password descrambler
    This code has been released in the Public Domain by the original author.
    if not password.startswith('$'):
        return password
    newpassword = []
    pwdparts = map(ord, password)
    for i in range(1, len(pwdparts), 2):
        if ((pwdparts[i] & 0xc3) != 0x41 or
            (pwdparts[i+1] & 0xc3) != 0x41):
            return password
        newpassword.append(chr(((pwdparts[i] & 0x3c) << 2) +
                               ((pwdparts[i+1] & 0x3c) >> 2)))
    return "".join(newpassword)

The only thing I have added to the above code is the docstring so that the function can be reused without licensing issues.

The above snippet has not been thoroughly tested, but it seems to work fine.

As for the bookmark converter, I am not interested in doing it any more.

Descramble Passwords from gftp Bookmarks using Python by George Notaras is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Copyright © 2009 - Some Rights Reserved

George Notaras avatar

About George Notaras

George Notaras is the editor of the G-Loaded Journal, a technical blog about Free and Open-Source Software. George, among other things, is an enthusiast self-taught GNU/Linux system administrator. He has created this web site to share the IT knowledge and experience he has gained over the years with other people. George primarily uses CentOS and Fedora. He has also developed some open-source software projects in his spare time.

4 responses on “Descramble Passwords from gftp Bookmarks using Python

  1. Ken Permalink →

    Thanks for sharing this as it helped us get back into our account without having to resort to calling our host.

  2. Marc Permalink →

    Hey !

    Thank you very much for your invested work. I am just building a gEdit Plugin to automatically use gFTP Bookmarks for Uploading edited documents like from a svn workcopy to a production server. Your code will come in handy ! Let me know if you would like my code !

    have a great summer !

  3. laud Permalink →

    Thank you for sharing this :)
    I really don’t care how awful the code is since it works just fine. Bye

  4. Peter Permalink →

    I just found it really useful – having forgotten to write down an ftp password.
    Decoded several known passwords correctly, and as soon as I saw the “forgotten” password I recognized it.
    A great help!