Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re: Decrypt a file with known algo and password

by spazm (Monk)
on Mar 13, 2010 at 18:16 UTC ( [id://828457]=note: print w/replies, xml ) Need Help??


in reply to Decrypt a file with known algo and password

you are in a strong position, since you access to the encryption program, the password and the encryption design. That doesn't mean it will be easy.

What is the software?

Interesting avenues of investigation:

1) known plaintext attack:

a) what does the program save if you give it a blank dataset?

b) give the program one known entry, save it. Repeat from a clean slate. Do the two outfiles match? Try decoding both of the two outfiles with a third party AES128 decryption program, do the two decoded plaintexts match?

c) if the decoded plaintexts above matched then we have a deterministic internal format that depends only on the input data. So now manipulate the input data and look for patterns in the output data. Use this to reverse engineer the internal format.

d) can you see anything in the internal date format, any structure? Maybe it's gziped xml or a sqllite db? Anything interesting output if you run it through strings or use file for filetype hueristics?

2) Direct attack on the binary. Can you run it in a debugger? Does it still work to encode and decode? Enter your string to be encoded and watch it walk through the program, you're looking for the internal format not the encryption format at this point (assuming you were correct about the encryption format in your OP).

Just some thoughts from a lazy Saturday afternoon.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://828457]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others perusing the Monastery: (2)
As of 2024-03-19 06:34 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found