Re: [vile] Some questions about the -k/-K options and encryption

[Chris Green]

Well, just in case it's of any interest to anyone else here, I've done
some trials with unixcrypt-breaker, the results have made me feel
fairly happy about using crypt().

Nearly all my encrypted files hold things like passwords to web sites,
Microsoft Keys (for software), mobile numbers, etc.  Thus they don't
have much plain text and they do have quite a lot of essentially
random sequences of numbers and letters.

First I tried it on this file (details removed here of course):-

    Yleadership.org web site - WordPress
    ====================================

    Full installation path: /home/yleadj/public_html
    Public URL: http://yleadership.com/
    Admin URL: http://yleadership.com/wp-admin/
    Username: XXXXXXXXXXXX
    Password: sXXXXXXXXXXX
    Username: xxxxxxxxxxxx
    Password: xxxxxxxxxxxx
    MySQL database: xxxxxxxxxxxx
    MySQL user: xxxxxxxxxxxx

    cPanel and ssh access
    =====================
    You access cpanel from: https://infedaa1.miniserver.com:2083/
    The username is: xxxxxxxxxxxx
    The password is: xxxxxxxxxxxx

    ssh login to infedaa1.miniserver.com, user xxxxxx, password as above


    PayPal Business account
    =======================

    For preconfigured shopping carts: Copy and paste the API username,
    password and>

    For building custom shopping carts: Store the following credential
    information >
    Credential      API Signature
    API Username    XXXXXXXXXXXXXXj
    API Password    XXXXXXXXXXXXXXj
    Signature       XXXXXXXXXXXXXXj
    Request Date    7 May 2014 15:09:45 BST

I just gave it the text from a couple of similar files for the stats
text, total failure, the 'guess' it returned was just random.


Next I tried some older files comprising the following:-
    bsnet - URLs and passwords etc.
    bt - some BT URLs and passwords
    dte - similar for a site where I did some work
    gradwell - hostnames, passwords, etc. for an old ISP
    logins - various usernames and logins
    databases - database names and passwords on my desktop machine

I created stats text files from the plain text of *all* the above
files and then tried using that to crack one of my current files
containing URLs, passwords, etc.

Here's the result:-

     s    t   k crad

    =  ==  ======

    Ma n siser     p  3      s   t.  .  /   t     unt   egicgr ost  onc
    cls dtppor 
      ht l albil ing tssh s .cooup/
        co ack P   Ma b ae  ass d
      b zmitso 

    isbd.net accou in   etilstesntccountt
      my5thps:      ssl.gr dl o sgo  k/womeem  ss )   is do t
         B 
    tacl   en
     raesh
    n    he  .grndtost oo et
        user ames s  thit/w betteri   adoringin   alila. ot romor  nase
      p Some address@hidden hamesse2 d o nned  o u itsl  w  b a      ewrr baes
    s   rarosit.avi l   Adml tb u trn tr th   st    t  icount  bote  e
        f nd tict. t n e wo-dec m t o i ccount2.no   l n   aid   0 ml u em
    sbd f ove.u  C R   T    op .mome-  -d  b sw2 d tprnel
      i a ww neeswo-dec   . om nelccai     pp/t r db l rim elscn st ww.
    sa n
      e s    b    C 3 
      Be  s  ,  o 
      ssh     w wo  ne to-d.c ne  iy
        w w. inetto-dec ce.com     s   enc.ner ee /w. - erz n     .uk
      l   t   to e


It has guessed right at a couple of things which, presumably appear
quite frequently in the files used for creating the stats, like 'ssh'
and 'isbd.net' but there's nothing remotely resembling any of the
important information stored in the files.

So, as I said, I'm not too worried about using crypt.  The cracking
algorithms rely on there being sequences of characters which are easy
to guess, i.e. words, and my files just don't have many of them!

Enough noise for now, I doubt anyone is desperately interested n all
this!  :-)

-- 
Chris Green