search

glv2 / bruteforce-salted-openssl

Try to find the password of a file that was encrypted with the 'openssl' command.
Other
211 stars 54 forks source link

Issue with decrypting AES-256-CBC with known password. #27

Closed Sitedude2020 closed 7 months ago

Sitedude2020 commented 7 months ago

Hi I am not sure if anyone checks this github anymore, the app seems to run amazingly fast and is well written.

I am trying to use it for a CTF

U2FsdGVkX18GKGYS1D7X7VjxWz6uUyPFszr8dVvtOIrJqioWHgT69JJnzJGDVOvF QYWh5BEZxFPXmMq1cbyy3dVVDgLhF050xlDy2J5grtKw9jUOO4oFNRgoD+1dlukX pd8ccg++kkXgE9mGBP6lQbukDiSjY4mnR2Mv6ydIncrRqacQNVEmEgM4fGTi1ANz nHsGn7mP+P3UyrJCRbuFmpZJc4CNdPj6YuxwR4HkHkqcfxh0L5CaEu4VbY70+fmk qgZQyMJqiUlaV9KC4UPuRVj0r7MYbVRazkhsjeIcogmdJGEeBwD47lEB7X9PNKWm ojTvRZg6R+sZzRZE26VLaF+s9cpTo4Y8PZUxKvQ86HXC8QIavUgDfw7HxIxkTatv CW2yq3ZOXl5naR6oSNxdX9alyhTzB+/2623oGdlWev5Oo8xHJqUi7QjVP+mNC8BA +Cg0DJwcOFGO5K7g8Rm06+sLogwntdIgTo70X3FegAtipHboeUNKefiAguvkDoIf 8iMPc+83PygvlZPDNQCOKugwDEUimhHwQrMsmalRNoFEQEb+ZIC+na15cPoRAlOD NJfXIJ96ihAy9wWis39mQW6JFqZmUags4xoP3lJ35bCrXsNOPFZ4WH+f4YC/Ov8C QW5bjtxno8GG4b/wBWevhcRVMK6KmRJj8NBCssnrlz0sQ70rMNkiN2wiSPcwX3Ad JgLs8vQAUM59x9fkKFFzD4+Sc1sJztUTB7CMGGfpZOA8W33VZnEdmGcoaHlDsR8G vAkZ+jg+QJs9ZNHqWE1+1zgm/6NsWWgWH8OI2PPCfXHxDbfDk8uD/Zibr/yjSKvu Sb8OecflOT2hw37WL49uADgeWgnp2bzkfGIq7EYS7OImjZZwY5h4sfcPfhvQ9kOV

This is the encrypted aes-256-cbc

the password to decrypt it is causality however the password is converted to sha256 first so the decrypt password is eb3efb5151e6255994711fe8f2264427ceeebf88109e1d7fad5b0a8b6d07e5bf

I have tried -d SHA256 and using -f pass.txt with the word causality in the pass.txt

I have also tried to base64 -d encrypted.txt > enc.out (vice versa without base64 decoding the encrypted txt)

it decodes fine with openssl using

openssl enc -aes-256-cbc -d -a -in enc.out -pass pass:eb3efb5151e6255994711fe8f2264427ceeebf88109e1d7fad5b0a8b6d07e5bf

Is there something I am doing wrong?

glv2 commented 7 months ago

If the real password is the sha256 hash of a word, the dictionary file that you use must contain the sha256 hashes, not the words.

So if you make a dict.txt file containing eb3efb5151e6255994711fe8f2264427ceeebf88109e1d7fad5b0a8b6d07e5bf, the command bruteforce-salted-openssl -d sha256 -f dict.txt encrypted.file should work.

Sitedude2020 commented 7 months ago

I am so glad you are around, could I possibly talk to you on telegram or discord? I am @sitedude on both. Thanks gv!

glv2 commented 7 months ago

I usually use email glv@posteo.net. My GPG key id is 245302B1BAB1F867FDCA96BC8F3F861F82EB7A9A in case you want to encrypt.

Sitedude2020 commented 7 months ago

Thanks! I sent you an email. Appreciate you still being on this repo!