Last active
December 28, 2025 20:01
-
-
Save palesz/275396a3bdbae0d79da1b48f712fe20f to your computer and use it in GitHub Desktop.
Navidrome password recovery
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| // Usage: | |
| // copy this code to https://replit.com/languages/go | |
| // and change the encrypted_password variable below (see comments below for steps to acquite the encrypted password) | |
| import ( | |
| "crypto/aes" | |
| "crypto/cipher" | |
| "encoding/base64" | |
| "crypto/sha256" | |
| "fmt" | |
| ) | |
| const ( | |
| DefaultEncryptionKey = "just for obfuscation" | |
| ) | |
| func Decrypt(encKey []byte, encData string) (string, error) { | |
| enc, _ := base64.StdEncoding.DecodeString(encData) | |
| block, err := aes.NewCipher(encKey) | |
| if err != nil { | |
| return "", err | |
| } | |
| aesGCM, err := cipher.NewGCM(block) | |
| if err != nil { | |
| return "", err | |
| } | |
| nonceSize := aesGCM.NonceSize() | |
| nonce, ciphertext := enc[:nonceSize], enc[nonceSize:] | |
| plaintext, err := aesGCM.Open(nil, nonce, ciphertext, nil) | |
| if err != nil { | |
| return "", err | |
| } | |
| return string(plaintext), nil | |
| } | |
| func main() { | |
| // to acquire the password hash, in the navidrome config directory | |
| // $ sudo apt install sqlite3 | |
| // $ sqlite3 | |
| // > .open navidrome.db | |
| // > .headers on | |
| // > .mode column | |
| // > select user_name, password from user; | |
| // and copy the user password to the following variable: | |
| // encrypted_password := "encrypted password here" | |
| // the below example should decrypt as admin123 | |
| encrypted_password := "2pP/9CuhQ1z0eIB83QBdYpB+2gKR8BaMZV6BgHjylTMTP3AR" | |
| data := sha256.Sum256([]byte(DefaultEncryptionKey)) | |
| encKey := data[0:] | |
| decrypted_password, err := Decrypt(encKey, encrypted_password) | |
| if err != nil { | |
| fmt.Println("error: ", err) | |
| } else { | |
| fmt.Println("Decrypted password: ", decrypted_password) | |
| } | |
| } | |
| // source of the pieces: | |
| // https://github.com/navidrome/navidrome/blob/94e36d7f60cccc1ef2715b648f9b1eddce6d5ba4/db/migration/20210616150710_encrypt_all_passwords.go | |
| // https://github.com/navidrome/navidrome/blob/94e36d7f60cccc1ef2715b648f9b1eddce6d5ba4/consts/consts.go#L25 | |
| // https://github.com/navidrome/navidrome/blob/94e36d7f60cccc1ef2715b648f9b1eddce6d5ba4/utils/encrypt.go#L39 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
the https://replit.com/languages/go interface is now an llm, I copied the code over but it's "proccessing it". I couldn't figure out how to make it just a code editor type of thing.
I finally figured out how to import (use zip download from github) and the damn replit thing won't show me the code. It's really hard selling an llm only approach. which I hate.
Using the LLM I could after some minutes figure out the backwards way to access the code.
I don't think replit is the userfriendly thing that it was when this was made?
Anyway. I'm not really asking for anything in particular. I am venting, and I am hoping that some of this feedback may be somehow useful.
that aside, thank you for volunteering, I'm grateful for your work, even though I could not quite figure this out. I'll just vibecode this damn thing I guess :D