What is the software?
Interesting avenues of investigation:
1) known plaintext attack:
a) what does the program save if you give it a blank dataset?
b) give the program one known entry, save it. Repeat from a clean slate. Do the two outfiles match? Try decoding both of the two outfiles with a third party AES128 decryption program, do the two decoded plaintexts match?
c) if the decoded plaintexts above matched then we have a deterministic internal format that depends only on the input data. So now manipulate the input data and look for patterns in the output data. Use this to reverse engineer the internal format.
d) can you see anything in the internal date format, any structure? Maybe it's gziped xml or a sqllite db? Anything interesting output if you run it through strings or use file for filetype hueristics?
2) Direct attack on the binary. Can you run it in a debugger? Does it still work to encode and decode? Enter your string to be encoded and watch it walk through the program, you're looking for the internal format not the encryption format at this point (assuming you were correct about the encryption format in your OP).
Just some thoughts from a lazy Saturday afternoon.
In reply to Re: Decrypt a file with known algo and password
by spazm
in thread Decrypt a file with known algo and password
by pileofrogs
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |