Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-05-2005, 05:37
aldente aldente is offline
VIP
 
Join Date: Jul 2003
Posts: 265
Rept. Given: 27
Rept. Rcvd 7 Times in 5 Posts
Thanks Given: 34
Thanks Rcvd at 10 Times in 9 Posts
aldente Reputation: 7
Find out Encryption

Hello!

Is there any little tool, to testout different Encryptions?

I have an encoded string, and I (guess I) know the key.

The only problem is: I don't know the encryption.

I'm just sure its not DES, but it could be 3DES, AES, or whatever,
so a little Tool, where you can enter crypted data,
key, and see output, would be nice.

Does anything like that exist?

Otherwise I would have to implement every encryption into a test-program and compile it
Reply With Quote
  #2  
Old 01-05-2005, 06:58
TmC TmC is offline
VIP
 
Join Date: Aug 2004
Posts: 315
Rept. Given: 1
Rept. Rcvd 15 Times in 9 Posts
Thanks Given: 2
Thanks Rcvd at 20 Times in 15 Posts
TmC Reputation: 15
and if it is a custom algorythm?
Reply With Quote
  #3  
Old 01-05-2005, 08:15
aldente aldente is offline
VIP
 
Join Date: Jul 2003
Posts: 265
Rept. Given: 27
Rept. Rcvd 7 Times in 5 Posts
Thanks Given: 34
Thanks Rcvd at 10 Times in 9 Posts
aldente Reputation: 7
I don't think so.

Let me explain:

There are several programs by one company, which communicate over the web, and use encryption to protect their data.

One (an Applet) uses simple DES-encryption (encrypted by an PHP-Script), and I already found the key. It does not consist of arbitrary hex-values, converted to ASCII-characters, it's a nice word

It's likely, that the other programs (Win32) use the same key, but obviously different encryption. I may be completely wrong, but I think it's worth a try, before I spend hours with disassembling and analyzing the algorithm.
Reply With Quote
  #4  
Old 01-05-2005, 08:19
TmC TmC is offline
VIP
 
Join Date: Aug 2004
Posts: 315
Rept. Given: 1
Rept. Rcvd 15 Times in 9 Posts
Thanks Given: 2
Thanks Rcvd at 20 Times in 15 Posts
TmC Reputation: 15
Try the peID plugin.
Reply With Quote
  #5  
Old 01-06-2005, 02:13
gigaman gigaman is offline
Friend
 
Join Date: Jun 2002
Posts: 86
Rept. Given: 0
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 0
Thanks Rcvd at 14 Times in 11 Posts
gigaman Reputation: 4
Yes, try KANAL plugin for PEiD.
However, it works differently than you expected. It scans the file for known constants, strings etc. - thus identifying the algorithm. No encryption/decryption takes place.
Reply With Quote
  #6  
Old 01-06-2005, 03:32
bukkake's Avatar
bukkake bukkake is offline
VIP
 
Join Date: Aug 2004
Location: /usr/home
Posts: 127
Rept. Given: 2
Rept. Rcvd 14 Times in 3 Posts
Thanks Given: 0
Thanks Rcvd at 2 Times in 1 Post
bukkake Reputation: 14
There is also "Crypto Searcher" by x3chun, you can find it here hxxp://x3chun.wo.to/
Reply With Quote
  #7  
Old 01-06-2005, 09:50
willii
 
Posts: n/a
I think there has no such mothed to find out the encryption.
First. there has so many encryptions include user define encryption that you even cann't know.
Second. encryptions just convert a binary stream to another. It has no feathers in it.

Maybe you can get some clue by the binary stream. But it is very difficult and not exactly.
Reply With Quote
  #8  
Old 01-07-2005, 03:59
gigaman gigaman is offline
Friend
 
Join Date: Jun 2002
Posts: 86
Rept. Given: 0
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 0
Thanks Rcvd at 14 Times in 11 Posts
gigaman Reputation: 4
True, there's an infinite number of encryptions - but the real applications often use "standard" ones, possibly even using common libraries.
Reply With Quote
  #9  
Old 01-07-2005, 04:17
egalerst
 
Posts: n/a
If u really want to try out some of the common cryptos,
try it with Cristals Crypto Tool or Cryptool (hxxp://www.cryptool.de/)
Reply With Quote
  #10  
Old 01-07-2005, 05:10
CrackZ CrackZ is offline
VIP
 
Join Date: Sep 2004
Posts: 49
Rept. Given: 2
Rept. Rcvd 67 Times in 8 Posts
Thanks Given: 0
Thanks Rcvd at 12 Times in 7 Posts
CrackZ Reputation: 67
Hiya,

I recommend to everyone Cryptobench v1.0 as a great tool for testing out encryption methods, especially if you are fishing for which algorithm it might be ;-).

Generally I've found its better to either look up any constants (usually found in an initialisation function) or look up the first 4 chars of any lookup tables used in your mystery algorithm to discover if its a known crypto.

Of course you could also just compile a few examples using Crypto++ or Miracl and have a look at what various methods look like in ASM, bignum code is quite easy to identify once you've seen it a few times.

Regards

CrackZ.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 20:34.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2022 )