pfSense XML config file, can we decrypt it manually?

bingo600

@seamonkey

from : man enc (linux)

       -k password
           The password to derive the key from. This is for compatibility with
           previous versions of OpenSSL. Superseded by the -pass argument.

       -kfile filename
           Read the password to derive the key from the first line of
           filename.  This is for compatibility with previous versions of
           OpenSSL. Superseded by the -pass argument.

 -pass arg
           The password source. For more information about the format of arg
           see the PASS PHRASE ARGUMENTS section in openssl(1).

You could try to paste the "ugly passwd" into a file (pass.txt) , on the first line.

Then instead of -k 'pass' , use -kfile pass.txt

Seems like -kfile <filename> is superseded by -pass file:<filename>
But both should still work.

Edit:
Remember your pass is now saved in a file , cleanup appropriately

/Bingo

SeaMonkey

@bingo600 Tried that and I still get the same result.

*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
bad decrypt
140140608259392:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:610:

Thanks for the suggestion, though.

bingo600

@seamonkey

Did you try both variants ?

What version is the encryption made with
Re: @jimp post here
https://forum.netgate.com/post/884969

/Bingo

SeaMonkey

@bingo600

I should have checked the docs before the forum. File I was trying first was from 2.5.0 which uses different encryption.

https://docs.netgate.com/pfsense/en/latest/backup/restore.html#encrypted-configuration-files

bingo600

@seamonkey

For helping future users :
Please post the working solution (command line).

/Bingo

SeaMonkey

Encrypted Configuration files
The GUI can automatically determine the correct decryption method when restoring an encrypted configuration backup file, whether it’s from a current version or an older version. When restoring an encrypted configuration file, check Configuration file is encrypted then enter the password in the Password field, and restore as usual from there.

Encrypted configuration files can be manually decrypted using the correct password for offline inspection.

The method used to encrypt configuration files changed in version 2.5.0, so use the method appropriate for the version which generated the encrypted configuration file. In either case, replace <PASSWORD> with the appropriate password string, and change the filenames as needed.

2.5.0 and later:

grep -v "config.xml" config-encrypted.xml | base64 -d | \
  openssl enc -d -aes-256-cbc -out dencryptedfile.xml \
  -pass pass:<PASSWORD> -salt -md sha256 -pbkdf2

Older versions:

grep -v "config.xml" config-encrypted.xml | base64 -d | \
  openssl enc -d -aes-256-cbc -out dencryptedfile.xml \
  -pass pass:<PASSWORD> -salt -md md5

---

In my case, I changed pass pass:<PASSWORD> to pass file:<PASSFILE>.

KevinRice

So...what is the password??? Same as admin?

SeaMonkey

@kevinrice No, the password is whatever you put in the password box that appears after ticking the 'Encryption' checkbox.

KevinRice

@seamonkey Oh, no. Not good. I'm using a Calix brand router running pfSense that is locked-down. So there's no way to decrypt its config file then.

SeaMonkey

@kevinrice If you have the admin password and you're just trying to get an unencrypted copy of the current configuration, you can just login, go to Diagnostics | Backup & Restore, and download the configuration file.

KevinRice

@seamonkey I don't think that is possible. The Calix router is crippled. While there is a configuration backup page, the encryption is baked-in. I can't see any way of getting an unencrypted config file here.

stephenw10

Well that's..... um... interesting.

Reboot into single user mode, check the code?

Are you sure that's a pfSense rebrand and not just a cached favicon in your browser?

Edit: Yeah, almost certainly that ^

Steve

KevinRice

@stephenw10 Yeah, I suppose that's likely. Login screen sure looks familiar. And the config file begins:

<!--CalixVersion="0.0.0.0" crc32="03933f14" type="backup" product="17717" ConfigVersion="21.2.0.0.39" model="GS4220E" -->

pfSense v.21.2 is very contemporary!

In any case, if I don't have access to the password, it would seem I'm chasing ghosts.

SeaMonkey

@kevinrice Why do you need a password? It appears that your config is unencrypted.

KevinRice

@seamonkey You haven't seen the rest of the file...

<!--CalixVersion="0.0.0.0" crc32="03933f14" type="backup" product="17717" ConfigVersion="21.2.0.0.39" model="GS4220E" -->
jïÍ)ïQµY]™ô茛–YtõúgêôTˆKù\¸´Ë7öJC"€ËJ<¯Çñ¹•úã
˜
.8/4Aê¦qm•	VSœ^6kjïÚ|ã-	|ÁÓ8Ât·§vB–î Uò)uçµa‘ù@Û4ÕßÚ"ˆŠŒ2y,¯Yâòƒ`HÞ¤š(i°',}䫏ö‚HRÚÞÛÈ#q þD0v‡*uhx±[
àµ
l®é2…èGöÀ‚GrØ=®ˆ
Ôˆ
‹R
9º`ß„ºdÍi¹nÕe0Â
³¨
™G vu¼ÔøSí;ŸN‡±*r¹ÍrôkËôK¨âZð`¹Cçj›œÂú

SeaMonkey

@kevinrice Heh... oh.

KevinRice

@seamonkey Appears to be a waste of time, regardless if this is pfSense or not.

stephenw10

@kevinrice said in pfSense XML config file, can we decrypt it manually?:

Login screen sure looks familiar.

Bootstrap is omnipresent at this point!

Yeah I would be amazed if that's pfSense. It's almost certainly an ARM device to start with.

That config is not close to anything we have.

Steve

KevinRice

@stephenw10 said in pfSense XML config file, can we decrypt it manually?:

That config is not close to anything we have.

Steve

I agree. I think it was a cached favicon that led me astray.

Draco

@seamonkey I found your note when I was looking for a way to decrypt newer pfSense backups that had been encrypted. Your OpenSSL command is almost correct, at least based on my testing on Windows with OpenSSL 1.1.1. What you are missing is the -iter parameter.

As @vlurk noted earlier, the key is in the crypt.inc source code. You need -iter 50000. After I added that parameter, all my post 2.5.0 CE backup files are decrypting on Windows with OpenSLL. If you add "-a" to the command line as well, then you can skip the grep and base64 calls. The command line I use in a CMD file is:

openssl enc -d -aes-256-cbc -salt -md sha256 -pbkdf2 -salt -iter 500000 -a -in %1 -out %2

Where %1 is the input file and %2 is the output file; fewer calls so should be quicker too. I hope this saves someone else the pain I went through to figure this out. While it's possible that Unix/Linux and Windows OpenSSL behave differently w.r.t. the passphrase, I would be surprised if they are that much different. I am curious though, how what you posted could decrypt the file without the -iter argument... maybe an OpenSSL CNF file difference?

I've submitted a ticket to Netgate asking if they should update their documentation on manual backup decryption as well.