How to unlock PGP Self Decrypting Archive .exe files (PGP SDAs) in python with a known passphrase?

Asked 16/5, 2023 at 23:3 Answered 21/10 at 21:5

I have a set of PGP Self Decrypting Archive .exe files (https://knowledge.broadcom.com/external/article/153684/creating-a-self-decrypting-archive-with.html) (on a Windows system) and have the password that unlocks them all. How can I just iterate through all of these PGP SDAs and use the passphrase to unlock them in python? (I'm sure this is a simple matter of knowing the right libs and args to use, but I've never worked with these kinds of files before).

(Example image of what I see when clicking the .exes, for reference)

Trying something with the gnupg lib (https://gnupg.readthedocs.io/en/latest/#decryption) like...

import gnupg

PASSWD = mypassword
extracted_files = [PATHS_OF_SDA_FILES]
for extracted_file_path in extracted_files:
    decr_file = gpg.decrypt_file(extracted_file_path, passphrase=PASSWD)
    print(decr_file.ok)
    print(decr_file.status)

...or like...

import gnupg

PASSWD = mypassword
extracted_files = [PATHS_OF_SDA_FILES]
for extracted_file_path in extracted_files:
    with open(extracted_file_path, 'rb') as file_obj:
        decr_file = gpg.decrypt_file(file_obj, passphrase=PASSWD)
        print(decr_file.ok)
        print(decr_file.status)

...shows status error

False

no data was provided

I've installed gpg4win-4.1.0.exe (https://gnupg.org/download/) to try to bulk unlock them this way, but not really sure how to use it (and when running the kleopatra.exe UI that came with it, it cannot detect the .exe files in the target folder when trying to Import. When using the Decrypt option, it says "Failed to find encrypted or signed data in one or more files"). Totally in the dark here, so any guidance would be appreciated.

Nyeman answered 16/5, 2023 at 23:3 Comment(2)

Does this answer your question? How can I decrypt a PGP Self Decrypting Archive programatically? – Virginia 16/5, 2023 at 23:18

@Virginia (I did see that and maybe I'm not following the discussion on that post, but) I don't believe so, no. In any case, that post seems to be dealing in PHP whereas I'm trying to do this in python here. – Nyeman 16/5, 2023 at 23:37

It will not work in this way as GnuPG cannot parse .exe files. You should first use some Python library (like this one: https://pypi.org/project/pereader/ ) to parse .exe file andfind out where OpenPGP message is stored.

Then extract that message to the separate file, and run GnuPG decryption on it.

Integrated answered 18/5, 2023 at 9:38 Comment(0)

Ultimately, I ended up using an autohotkey script after getting the impression from users here, in other posts, and in other communities that doing this via python would be more onerous than I had thought (I accepted the other answer on this post since it was more linked to python, which was my original question, but the .ahk script below is what I ultimately used). I was able to extract the files within the PGP SDAs using autohotkey, placing the script in the various folders that contained the SDAs, and executing it from there. The code I used was...

SetWorkingDir, %A_ScriptDir% ; Set the working directory to the script location

Loop, Files, %A_ScriptDir%\*.exe ; Replace "C:\Path\To\SDA\Files" with the actual path to your SDA files
{
    currentFile := A_LoopFileFullPath
   
    ; Open the PGP Self-Decrypting Archive executable
    Run, %currentFile%
    Sleep, 5000 ; Adjust the delay (in milliseconds) as needed
   
    ; Wait for "PGP Self Decrypting Archive - Enter Passphrase" window to appear
    WinWaitActive, PGP Self Decrypting Archive - Enter Passphrase
   
    ; Send the passphrase to the window
    Send, {Text}YourPassphraseHere ; Replace "YourPassphraseHere" with the actual passphrase
    Send, {Enter}
   
    ; Wait for the decryption process to complete
    WinWaitActive, Decoding Self Decrypting Archive...
    WinWaitClose, Decoding Self Decrypting Archive...
   
    ; Close the PGP Self-Decrypting Archive window (if it remains open)
    ;WinClose, %currentFile%
}

ExitApp ; Exit the AutoHotkey script

Nyeman answered 18/5, 2023 at 21:55 Comment(0)

I'm using lampShadesDrifter's idea but with PowerShell. The SDA's I'm dealing with have --strip-dirs option. The help window says, "Output files only into the current directory." Without that option I was being prompted for folder location, too.

Add-Type -AssemblyName System.Windows.Forms
$Passphrase = 'SuperSecret'
$SDAs = Get-ChildItem "C:\foo" -File -Recurse | Where-Object Extension -eq '.EXE'
foreach($Sda in $SDAs){
    Push-Location $Sda.Directory.FullName
    & $Sda.FullName --strip-dirs
    Start-Sleep -Seconds 5
    [System.Windows.Forms.SendKeys]::SendWait($Pp)
    Start-Sleep -Milliseconds 200
    [System.Windows.Forms.SendKeys]::SendWait('{Tab}')
    Start-Sleep -Milliseconds 200
    [System.Windows.Forms.SendKeys]::SendWait('{Enter}')
    while (@(get-process $Sda.BaseName -ea silentlycontinue).count){Start-Sleep -seconds 1}
    Pop-Location
}

PSA to people using SDAs: please don't use SDAs.

Ratchet answered 21/10 at 21:5 Comment(0)

Recommended topics

Hot tags