Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

Cryption

To discuss DES MD5 El-Gamal RSA PGP and others....
Locked
w_a_r_1
Member
Posts: 57
Joined: Sun Jun 14, 2009 11:15 pm
Contact:

Cryption

Post by w_a_r_1 »

Is there any MD5 Online crack or any tool ?

I am trying to decrypt this string since 1 week but no luck. Is there anyone who can guide my about any tool or any online site to decrypt this string.

Thanks in advance if anyone would help me. :(

414f7777778f7dae4ec03c354b8f546742b545776d4f4d65546e7c9a508d7388
naides
Posts: 1655
Joined: Sat Jan 12, 2002 12:00 pm
Location: Planet Earth

Post by naides »

[414f7777778f7dae4ec03c354b8f546742b545776d4f4d65546e7c9a508d7388] => "Whoever tries to decrypt me with so little extra information, is dumb"

MD5 is NOT an encryption scheme per-se, it is a hashing algo (Digital signature to atest the integrity of a string of bytes) Wikipedia

Search the Malattia cryptography site. . .
User avatar
Darkelf
Posts: 222
Joined: Wed Jan 24, 2007 7:20 pm

Post by Darkelf »

Furthermore the posted string is surely NOT MD5.
It's either two concatenated MD5's or something like SHA256 or anything completely different. As naides said, trying to decrypt it with so little info is just crazy.
w_a_r_1
Member
Posts: 57
Joined: Sun Jun 14, 2009 11:15 pm
Contact:

Post by w_a_r_1 »

So here is little more information about this thing.

This is the outgoing string from the software which seems to be MD5:

40f0d3bf1e233d140d40a9405bcf32a7

This is the response which is also encrypted.

414f7777778f7dae4ec03c354b8f546742b545776d4f4d65546e7c9a508d7388*5657274502D30256C62696379665E22356D6162764*5657274502D30256C62696379665E23356D6162764*5657274502D30256C62696379665E26356D6162764*5657274502D30256C62696379665E21356D6162764*77F68635E2E69616D4D62764*56469684E286475714D62764*86475714F67402C6C61634


Same for another outgoing string.

a81f8dc576f4a98fc102b5c84ae2af29


This is response:

6e5742ad4bc07e7d5491703679645b99758241796e4b7c6d536d7e667ec1448a*5657274502D30256C62696379665E22356D6162764*5657274502D30256C62696379665E23356D6162764*5657274502D30256C62696379665E26356D6162764*5657274502D30256C62696379665E21356D6162764*77F68635E2E69616D4D62764*56469684E286475714D62764*86475714F67402C6C61634


Now it is quite obvious for every serial this reponse will be different. I want to decrypt this incoming reponse.

I tried to find out the answer and I noticed this. Only first response string is different and rest is same.

For example.

outgoing: 40f0d3bf1e233d140d40a9405bcf32a7

Incoming First string:

414f7777778f7dae4ec03c354b8f546742b545776d4f4d65546e7c9a508d7388

same another

Outgoing: a81f8dc576f4a98fc102b5c84ae2af29

Incoming First String :

6e5742ad4bc07e7d5491703679645b99758241796e4b7c6d536d7e667ec1448a

Is there anyone who can help me with this? Just wants to know what is the relation between this outgoing and incoming first string.
User avatar
evaluator
Posts: 1539
Joined: Tue Sep 18, 2001 2:00 pm

Post by evaluator »

huh!?
you must look in THAT program, how it decrypts-deals with such strings..
User avatar
disavowed
Posts: 1290
Joined: Mon Apr 01, 2002 3:00 pm

Post by disavowed »

I'd suggest using a rainbow table: http://www.freerainbowtables.com/en/tables/md5/
w_a_r_1
Member
Posts: 57
Joined: Sun Jun 14, 2009 11:15 pm
Contact:

Post by w_a_r_1 »

Thank you Disavowed, but still no sucess
Sab
Senior Member
Posts: 175
Joined: Tue Aug 13, 2002 12:26 am

Post by Sab »

try the not so difficult approach. run peid with kanal crypto plugin and see what algorithms are used in the program. once you see them, get the address and set a breakpoint on this location. then run the application and when it does that in/out exchange you will break on the algorithm. at this time you can confirm the algo type from kanal, if it is done client side (not server) you should be able to spot it easily. if kanal shows no algos found, or no algos you can break on, you can proceed to finding the routine which sends the data out and break there. dongs
Locked