Re: pent-test a container file

---

• From: Julien <prospi@xxxxxxxxx>
• Date: Fri, 19 Jan 2007 11:28:50 +0100

---

Hi,

So for you, the only possible attack is to "brute force" the password
interface ?
I actually know that the used algo is AES... no more.
The minimum password length to use is 6 characters (including numbers
and special characters..)

Thanks



2007/1/18, Jan Heisterkamp <janheisterkamp@xxxxxx>:

hi julien!

> I've have to test the security of an encryption application. This
> application create a container file to store all private data. The
> tool use a private encryption type.
> The only hint they gave me is that user have to submit is password to
> open this container.
> The aim of this test is to open the files inside this container file.

I can't see the question behind this all...submit the password!

You should check wich encryption they use then choice you tool or write
your own and crack it.

regards
Jan


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

---

• Follow-Ups:
  • Re: pent-test a container file
    • From: Tim
  • Re: pent-test a container file
    • From: Jamie Riden

• References:
  • RE: pent-test a container file
    • From: Jan Heisterkamp

• Prev by Date: Re: Mile2 Training (Certifications)
• Next by Date: Re: Automated Nmap Scans / Front End
• Previous by thread: RE: pent-test a container file
• Next by thread: Re: pent-test a container file
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: l0phtcrack ... testers laptop is different to a home users pc. ... Cenzic Hailstorm finds vulnerabilities fast. ... Click the link to buy it, try it or download Hailstorm for FREE. ... (Pen-Test) Re: Small hardware network sniffer - does it exist? ... The Zaurus is not a $1k solution, here is one for $94US with 30mins ... and I know about hardware network taps. ... Original>>> Cenzic Hailstorm finds vulnerabilities fast. ... Original> Click the link to buy it, try it or download Hailstorm for FREE. ... (Pen-Test) RE: Informing Companies about security vulnerabilities... ... Need to secure your web apps? ... Cenzic Hailstorm finds vulnerabilities fast. ... Click the link to buy it, try it or download Hailstorm for FREE. ... (Pen-Test) RE: bittorrent == botnet ... Subject: bittorrent == botnet ... While I'm no bittorrent expert, I would think that this would likely not ... Cenzic Hailstorm finds vulnerabilities fast. ... Click the link to buy it, try it or download Hailstorm for FREE. ... (Pen-Test) RE: Old @Stake Tools ... Cenzic Hailstorm finds vulnerabilities fast. ... Click the link to buy it, try it or download Hailstorm for FREE. ... ting ding ting ding ting ding ... (Pen-Test)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > pen-test  > 2007-01