try to figure out encryption
have this hash i copied out of the registry, decrypted it's the word "admin" but i cant figure out what cipher the program uses to encrypt here's the hash i copied from my registry. anyone have any ideas
5FEFC2C02EC51A674DAD9B13D51E233B5FEFC2C02EC51A674D AD9B13D51E233B5FEFC2C02EC51A674DAD9B13D51E233B4DAD 9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B 13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13 D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D5 1E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E 233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E23 3B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4D AD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD 9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B 13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13 D51E233B4DAD9B13D51E233B4DAD9B13D51E233BB074934945 EB2DC94DAD9B13D51E233BB074934945EB2DC94DAD9B13D51E 233B4DAD9B13D51E233B4DAD9B13D51E233BB074934945EB2D C9
Well basic cryptology tells me too look for a pattern and I see that 1E233 is def a pattern. So from there you can use different cryptonalysis techniques such as Index of Coincedince and I started off with the Kaiski test so that should give you a start.
note: I'm no cipher expert, just a beginner.
This is a hackers forum :P
root ~# aircrack-ng pwnd-01.cap
Lenovo Thinkpad R500, OS: Ubuntu 8.10, BackTrack3, Windows XP (VirtualBox), Windows Vista, Windows 7 beta
thanks for the start, will try to work it out from here
What part of the registry did you pull this from? Knowing the application might help to see if someone has already reverse-engineered the encryption.
Thorn
Stop the TSA now! Boycott the airlines.
Okay, here's what jumps out at me.Originally Posted by blackbeard99
There are 3 very distinct parts to this block:
1)This section repeats 5FEFC2C02EC51A67 followed by what seems to be either a filler code or some form of parsing - 4DAD9B13D51E233BCode:5FEFC2C02EC51A674DAD9B13D51E233B5FEFC2C02EC51A674DAD9B13D51E233B 5FEFC2C02EC51A67
2)A LOT of filler/parsing code here. Other than that sequence nothing stands out.Code:4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233B
3)This section is the same as the first but it repeats B074934945EB2DC9 instead followed by the same filler/parsing code.Code:B074934945EB2DC94DAD9B13D51E233BB074934945EB2DC9 4DAD9B13D51E233B4DAD9B13D51E233B4DAD9B13D51E233BB074934945EB2DC9
Hope that helps you see it a bit clearer. I do know what encryption this uses but blurting it out would ruin all the fun
EDIT: On a side note I just noticed that, with regards to the "filler/parsing" code, the beginning (4DAD9B) and end (1E233B) coincide with hex color codes. Interesting eh?
See THIS and THIS
"The goal of every man should be to continue living even after he can no longer draw breath."
~ShadowKill
Posting Permissions
