Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?

Re: Decrypt a file with known algo and password

by spazm (Monk)
on Mar 13, 2010 at 18:16 UTC ( #828457=note: print w/replies, xml ) Need Help??

in reply to Decrypt a file with known algo and password

you are in a strong position, since you access to the encryption program, the password and the encryption design. That doesn't mean it will be easy.

What is the software?

Interesting avenues of investigation:

1) known plaintext attack:

a) what does the program save if you give it a blank dataset?

b) give the program one known entry, save it. Repeat from a clean slate. Do the two outfiles match? Try decoding both of the two outfiles with a third party AES128 decryption program, do the two decoded plaintexts match?

c) if the decoded plaintexts above matched then we have a deterministic internal format that depends only on the input data. So now manipulate the input data and look for patterns in the output data. Use this to reverse engineer the internal format.

d) can you see anything in the internal date format, any structure? Maybe it's gziped xml or a sqllite db? Anything interesting output if you run it through strings or use file for filetype hueristics?

2) Direct attack on the binary. Can you run it in a debugger? Does it still work to encode and decode? Enter your string to be encoded and watch it walk through the program, you're looking for the internal format not the encryption format at this point (assuming you were correct about the encryption format in your OP).

Just some thoughts from a lazy Saturday afternoon.

  • Comment on Re: Decrypt a file with known algo and password

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://828457]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (8)
As of 2017-07-27 19:33 GMT
Find Nodes?
    Voting Booth?
    I came, I saw, I ...

    Results (421 votes). Check out past polls.