Skip to content
/ secret-deobfuscator Public

A utility for reversing the obfuscation of sensitive information performed using the New Relic CLI

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

newrelic-experimental/secret-deobfuscator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
nrDeobfuscate.go
nrDeobfuscate.go
 
 

Repository files navigation

New Relic Open Source experimental project banner.

secret-deobfuscator

A utility for reversing the obfuscation of sensitive information performed using the New Relic CLI

Installation

Pre-built binaries are available for Linux, MacOS, and Windows through the releases page. Alternatively you can build the project from source, which requires a local installation of Go :

$ wget https://raw.githubusercontent.com/newrelic-experimental/secret-deobfuscator/refs/heads/main/nrDeobfuscate.go
$ go build ./nrDeobfuscate.go

Usage

  1. Download the release that matches your environment, or build the binary from source. Linux and MacOS can utilize wget for this process
$ wget https://github.com/newrelic-experimental/secret-deobfuscator/releases/download/v1.0.0/nrDeobfuscate-[Linux|Darwin]
  1. Open a shell (Bash, Terminal, PowerShell, etc.) and cd into the directory where your binary is kept
  2. Use chmod +x ./nrDeobfuscate-[release] to make it executable (unless you're using Windows)
  3. Pass the obfuscated string (your 'secret') and the key you originally used to obfuscate your payload to the binary via arguments:
# Linux
$ ./nrDeobfuscate-Linux -key '<value>' -secret '<value>'

# MacOS
$ ./nrDeobfuscate-Darwin -key '<value>' -secret '<value>'

# Windows
$ ./nrDeobfuscate-Windows.exe -key '<value>' -secret '<value>'

Example

Using the New Relic CLI we can obfuscate our payload:

$ newrelic agent config obfuscate --value '{"Username":"username@example.com","Password":"Sup3r$ecr3tP@ssw0rd!"}' --key 'SecretKey'

{
  "obfuscatedValue": "KEc2AQAGJQQUNkdZUBAHLhcXMggGMgAMKggJPwBNEQoZaUlbAwQQARIbOQFbaUcwBxVHOUEcMBdQBjU0OBYOYxcHU0cJ"
}

Now we can use the deobfuscator to return the obfuscated value back to readable JSON:

$ ./nrDeobfuscate-Darwin -secret 'KEc2AQAGJQQUNkdZUBAHLhcXMggGMgAMKggJPwBNEQoZaUlbAwQQARIbOQFbaUcwBxVHOUEcMBdQBjU0OBYOYxcHU0cJ' -key 'SecretKey'

'{"Username":"username@example.com","Password":"Sup3r$ecr3tP@ssw0rd!"}'

Planned changes:

N/A

Support

Requests for support can be filed as an Issue.

Contributing

We encourage your contributions to improve secret-deobfuscator! Keep in mind when you submit your pull request, you'll need to sign the CLA via the click-through using CLA-Assistant. You only have to sign the CLA one time per project. If you have any questions, or to execute our corporate CLA, required if your contribution is on behalf of a company, please drop us an email at opensource@newrelic.com.

A note about vulnerabilities

As noted in our security policy, New Relic is committed to the privacy and security of our customers and their data. We believe that providing coordinated disclosure by security researchers and engaging with the security community are important means to achieve our security goals.

If you believe you have found a security vulnerability in this project or any of New Relic's products or websites, we welcome and greatly appreciate you reporting it to New Relic through HackerOne.

License

secret-deobfuscator is licensed under the Apache 2.0 License.

About

A utility for reversing the obfuscation of sensitive information performed using the New Relic CLI

Resources

Readme

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

7 watching

Forks

0 forks
Report repository

Releases 1

v1.0.0 Latest
Nov 15, 2024

Languages