Re: Cracking simple password encryption

---

• From: Chris Largret <largret@xxxxxxxxx>
• Date: Fri, 23 Dec 2005 16:14:37 -0800

---

On Wed, 2005-12-21 at 17:23 -0800, David Hogue wrote:
> Hi All,
>
> I am trying to figure out the password encryption scheme used by some
> software and haven't had much luck yet. I was wondering if anyone on
> here might be able to give me some pointers.
>
> A little while ago I remember some discussion on this list (I think it
> was this list anyway) about decrypting passwords that were XOR
> encrypted. I can't seem to find that discussion though.
>
> I have a few example passwords and I can see a pattern emerging:
>
> password crypted
> a aQ==
> b cg==
> c ew==
> aa aWo=
> ab aXE=
> cc e3g=
> aaa aWpq
> aab aWpx
> abb aXFx
> bbb cnFx

Here's what I see at first glance:

1) The '=' sign is used for padding (MIME encoding uses padding, I
believe)
2) It could be based on the character value. Look at the first letters.
'c' is two letters from 'a', and has been rotated two more letters over
in the crypt (making it 'e'). 'a' is not rotated at all. 'b' is rotated
one more letter ('c'). I'd bet with a larger set of crypts that this is
repeatable.

HTH,

--
Chris Largret <http://daga.dyndns.org>


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------

---

• References:
  • Cracking simple password encryption
    • From: David Hogue

• Prev by Date: Re: IM Logic withholds details of Santa Claus IM worm, unless you?re a customer
• Next by Date: Re: Cracking simple password encryption
• Previous by thread: Re: Cracking simple password encryption
• Next by thread: Re: Cracking simple password encryption
• Index(es):
  • Date
  • Thread

---

Relevant Pages Cracking simple password encryption ... I am trying to figure out the password encryption scheme used by some ... I have a few example passwords and I can see a pattern emerging: ... education and the case study affords you unmatched consulting experience. ... Computer Emergency Response Teams, and Digital Investigations. ... (Security-Basics) Re: Uncrackable Passwords ... What does the domain registration info have to do with anything? ... Long passwords can easily surpass 68 characters and some do. ... There are more than 1,000 other letters that no ... doesn't look like you spent much time on that white paper: ... (microsoft.public.windowsxp.general) Re: Free Random Password Generator ... (equal to the log base 2 of the probability of each of the fourth letters ... It is at present set up to produce passwords of max length 8 characters. ... * letter with the probability p/count. ... (comp.security.unix) Re: thai cyber cafes use key-logging to steal bank acct #s ... passwords to log on. ... You have to select letters from your chosen ... The choice of random letters from a security word is very good, and defeats a method I'll not describe here that *could* capture the 'virtual keyboard' supplementary password as used by my HSBC online accounts. ... to another bank online I suppose the money can't go far. ... (soc.culture.thai) Re: Absurd password (rant) ... For run-of-the-mill passwords I use the last six digits of the number the ... Four letters and four ... names (such as working alphabetically down a list of my colleagues' ... (alt.usage.english)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)