[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bit 'o script & "cracking" (decrypting) a file of unknown password (of small limited set of possible passwords)



So ... this past BerkeleyLUG meeting,
someone presented bit of situation ...
they'd accidentally encrypted a file from keypad ... so probably a quite
simple password, but don't know what it is ... and also not sure the
algorithm.

So, I proceed to do exercise to simulate - and "crack":

First I create a simple plaintext file:
$ banner FOO > plaintext

Then, after having randomly selected an encryption algorithm that
openssl knows about, I encrypt the file:
$ openssl enc -rc2-cfb -in plaintext -pass pass:aaa -out encrypted

After checking with file(1) that the file is show as same type, etc.,
write wee bit 'o code to crack it.  For demo purposes, we presume the
password is 1 to 3 characters in length of all the same letter, and all
lowercase or all uppercase.  We pretend we don't know what the password
is, but that we know it's one of these.  We also pretend we don't know
what algorithm was used to encrypt it.

I take those potential passwords, and randomize their order,
then, iteratively developing it on CLI, fairly quickly put together
"throw-away" script to try all the potential ciphers and our chosen set
of possible passwords, to "crack" the encrypted file:

$ (for cipher in $(openssl enc -ciphers | sed -e 1d); do echo "cipher: $cipher ..."; for password in bb Y c q Z V WWW n AA RRR zz KKK XXX y EE lll BBB LL JJJ eee MM u W SS vv nnn sss C XX PP K FF ii ll B H b YYY ee F rrr ddd t MMM iii CC J U qq fff I ttt uu A UUU NNN gg xx ooo pp D jjj oo ZZZ l O TTT d CCC ppp aa ss E p zzz VVV mmm x aaa yyy r www s RR M xxx kk III QQ mm a GG g YY ccc PPP ZZ FFF nn bbb N qqq P dd OOO JJ HHH QQQ jj vvv hh HH GGG w h cc TT o z UU T X VV DDD i DD tt EEE uuu L G e S ff R AAA Q ggg k f v hhh II rr OO KK yy WW j NN LLL m ww BB SSS kkk; do openssl enc "$cipher" -d -in encrypted -pass pass:"$password" -out decrypted 2>>/dev/null; file decrypted | fgrep 'decrypted: ASCII text' && { echo cipher: "$cipher" password: "$password"; break 2; }; done; done)

In our case we used file(1) to check that our decryption attempt was
successful - we could possibly have used other means.  Once we've
successfully decrypted, we report on the cipher and password, and break
out of our loops.  This last version was done to be slightly more verbose,
so we could also see some of its progress.  Took only a couple minutes
or less or so to "crack" our encrypted file.

--
You received this message because you are subscribed to the Google Groups "BerkeleyLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to berkeleylug+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/berkeleylug/20190923231816.68684mpfho8lkmqs%40webmail.rawbw.com.