Re: Cracking simple password encryption



On 12/22/05, S.A.B.R.O. Net Security <sabronet@xxxxxxxxxxx> wrote:
> It almost appears to be or very close to a simple Base64 scheme with
> maybe a shift or substitution somewhere.
>
> For example, your patterns :
>
> a aQ==
> b cg==
> c ew==
>
> Now heres the results of a true Base64 encrypt :
>
> a YQ==
> b Yg==
> c Yw==
>
>
> As you see the results are very close. Hope this helps some.

Yes it does look like it is base64 now. I have a few more passwords
that I put into html at http://vorpal.cc/~david/samples.html. Also on
that page is the base64 decoded values and hex values of the
passwords.

I feel like I am very close to getting this. It looks like each
character is 3bits left and XORed with itself. Characters after the
first are XORed with the previous shifted right 5 bits. However every
fourth character is treated differently if the password is longer than
3 characters. I haven't figured that part out yet.

Here is some C# code that correctly encodes up to 3 characters:

private static byte[] Encode(byte[] a)
{
byte[] c = new byte[a.Length];
for (int i = 0; i < a.Length; i++)
{
c[i] = (byte)(a[i] ^ (a[i] << 3));
if (i > 0)
c[i] = (byte)(c[i] ^ (a[i - 1] >> 5));
}
return c;
}

Since we found a utility that will reverse the encoding, this I don't
really need to get this anymore. At this point it is purely for
entertainment :)

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------



Relevant Pages

  • Re: base64
    ... All line breaks or other characters not ... of base64 encoding itself must be used to determine if truncation has ... I do advocate that the MIME RFC maintainers be contacted ... that is non-conforming and that security folks will have to deal with. ...
    (Bugtraq)
  • Re: what this encryption used?
    ... have a built in base64 decoder, the author had to write his ... the "base64 digits"-the characters which are mapped ... and the final XOR used at the end). ...
    (comp.lang.javascript)
  • Re: Base 90... better than base 64?
    ... Compression was a separate process. ... There seem to be 94 ASCII characters that could be used ... for encoding. ... bytes to encode in 8 base64 digits just by taking the right bits: ...
    (comp.lang.javascript)
  • Re: Trasferire file
    ... The Base64 Content-Transfer-Encoding is designed to ... The encoding and decoding algorithms ... as output strings of 4 encoded characters. ... that this may be done directly by the encoder rather than in ...
    (it.comp.macintosh)
  • Re: what this encryption used?
    ... why not use just base64. ... If you have four regular base64 encoded characters which are ... In any case it is "a" base64 decoding but the regular base64 encoding uses a ... one cannot simply use a base64 decoder (even after a simple substitution ...
    (comp.lang.javascript)