PINE / Alpine Decrypting Password Files – October 26, 2020

I have an instance of Alpine 2.0 that still has the old-style .pine-passfile that is fairly insecure, but I couldn't find a utility to decrypt it for me, so I grabbed the source code from imap.c from version 2.01 of the alpine source, and modified it to just read in a password file and output the passwords in it.  (See below for how to decrypt the newer versions as well)

alpine-passwords.c

You can compile it with gcc or g++ and then just give it the password file as the first parameter and it will output all of the passwords in the file.

I thought about writing this to run on the web, but you probably shouldn't send your passwords to a website, right??  So, find a way to compile this file and run it yourself.

If you have the newer PKCS7 format, you first need to run:

openssl smime -decrypt -in .pine-passfile -inform PEM -inkey .alpine-smime/.pwd/MasterPassword.key -out decrypted.txt

and then run the alpine-passwords.c to do the final decryption.