search

kimci86 / bkcrack

Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
zlib License
1.69k stars 163 forks source link

Testing recovery using advice.jpg #83

Open palmerc opened 2 years ago

palmerc commented 2 years ago

As an exercise in understanding how to work with known plaintext that is compressed I unzipped the zip file and did the following:

python3 ../tools/deflate.py < advice.jpg > advice.deflate
../bkcrack -C secrets.zip -c advice.jpg -p ./advice.deflate -t 12

Could not find the keys.

This suggests that the compression settings are wrong. I've tried changing the compression settings, but nothing seems to work. I think this would be a useful example for the tutorial

kimci86 commented 2 years ago

You are right, using the deflate python script (using zlib deflate compressor under the hood) does not generate correct compressed data for that example. I created the example secrets.zip archive using 7zip with compression level 9. You can get the same compression with this command: 7z a -mx=9 plain.zip advice.jpg

That information could be a nice addition to the tutorial, thank you for the suggestion. Let's keep this issue open to remind me to eventually add it.

palmerc commented 2 years ago

Tested and works!

palmerc@foxtrot example % 7z a -mx=9 plain.zip advice.jpg
palmerc@foxtrot example % ../bkcrack -C secrets.zip -c advice.jpg -P plain.zip -p advice.jpg 
bkcrack 1.5.0 - 2022-11-29
[19:56:51] Z reduction using 54681 bytes of known plaintext
16.0 % (8732 / 54681)
[19:56:51] Attack on 141 Z values at index 46518
Keys: c4490e28 b414a23d 91404b31
36.9 % (52 / 141)
[19:56:51] Keys
c4490e28 b414a23d 91404b31
palmerc commented 2 years ago

Even with only 12 bytes of 'plain text' it results in victory.

palmerc@foxtrot example % ../bkcrack -C secrets.zip -c advice.jpg -P plain.zip -p advice.jpg -t 12 
bkcrack 1.5.0 - 2022-11-29
[20:05:02] Z reduction using 5 bytes of known plaintext
100.0 % (5 / 5)
[20:05:02] Attack on 1046104 Z values at index 6
Keys: c4490e28 b414a23d 91404b31
63.5 % (664022 / 1046104)
[20:13:02] Keys
c4490e28 b414a23d 91404b31
palmerc commented 1 year ago

You can also leverage the fact that 7z can give you the CRC on a binary file. I saw a post that used this fact to find the released version of putty - this allowed them to find the original plaintext by downloading each one until they hit the one with a matching CRC. Then it becomes a matter of compression settings.

palmerc@foxtrot example % 7z h advice.jpg 

7-Zip [64] 17.04 : Copyright (c) 1999-2021 Igor Pavlov : 2017-08-28
p7zip Version 17.04 (locale=utf8,Utf16=on,HugeFiles=on,64 bits,10 CPUs LE)

Scanning
1 file, 54799 bytes (54 KiB)

CRC32             Size  Name
-------- -------------  ------------
7CA9F10A         54799  advice.jpg
-------- -------------  ------------
7CA9F10A         54799  

Size: 54799

CRC32  for data:              7CA9F10A

Everything is Ok
palmerc@foxtrot example % ../bkcrack -L secrets.zip 
bkcrack 1.5.0 - 2022-11-29
Archive: secrets.zip
Index Encryption Compression CRC32    Uncompressed  Packed size Name
----- ---------- ----------- -------- ------------ ------------ ----------------
    0 ZipCrypto  Deflate     7ca9f10a        54799        54700 advice.jpg
    1 ZipCrypto  Store       a99f1d0d         1265         1277 spiral.svg