I got a file that seems to not have anything readable into it (for a human)
How can I be sure that it hasn't anything readable for a human? Because it's way too large to read it entirely (maybe a program that searches for words or entropy or I don't know.)
How can I know if this file is compressed or encrypted, or both? And is it possible that it has a proprietary compression so I can't distinguish it from encryption?
Because if I can make sure that it's encrypted, I can stop my work directly, but if it's just encoded/compressed, maybe I can find a way to read it
(I tried to compress it with the basic Windows archiver and it loses 18% of its size. Does it mean that it's not encrypted? Does an encryption permit that much compression?)
Yes, it is certainly possible to create a compression format for which all possible sequences of bits is valid. In that case, you would not be able to distinguish the compressed data from random or encrypted data.
I am not aware of a commonly implemented compressed format that has that property. You could try all of the decompressors you can find on the data to see if any continue to decompress through all of the data without erroring out. You can also try starting at different locations in your data, since there may be some sort of header before the compressed data.
Online Decryption
If you would like to decrypt the file. You could simply copy and paste everything inside of https://online-toolz.com/tools/text-encryption-decryption.php
that feature can decrypt messages fast.
Encoder & Decoder
https://www.base64decode.org/
I found this website a while ago, this website is trusted and fast with great reviews.
This method can also help with your request.
I have a .aes file whose decryption password I thought I knew but which does not yield the decrypted version of the file.
I am 99.9% certain that the password I have (and which, in fact, I had written down and safely stored) is correct. The problem is that the .aes file was generated by a well-known open-source Bitcoin wallet software known as MultiBit which simply stopped working sometime in 2017, with many other users reporting similar problems.
I am told that Multibit may have incorrectly rendered some non alphanumeric characters of my password to whatever internal function it was using to generate the encrypted file. That means in practice that I could potentially crack my .aes file if I cycle through the permutations represented by the question marks in a password string that looks something like this:
i-AM-a-PASS?RD-with-3-UNKN?WN-charact?rs
So I guess my question is: is anyone aware of a regex-based brute-force approach that could be used for cracking .aes encryption passwords? The regex itself may need to employ both ? and * characters.
The amount of Bitcoin in the wallet was absolutely trivial, but with Musk's recent tweets sending Bitcoin to new highs I'm thinking I could buy a spanking new laptop if I can crack this.
Any suggestions most welcome.
Thanks,
I'm using libsodium to encrypt files with xchacha20poly1305 construct. I got everything working correctly by following documentation (https://download.libsodium.org/doc/secret-key_cryptography/secretstream.html) but now I'm wondering about the role of header data.
crypto_secretstream_xchacha20poly1305_init_pull requires the header from crypto_secretstream_xchacha20poly1305_state that was used when the data was encrypted so how should I treat the header data? Is it same as AES' iv/nonce that it needs and can be to be distributed with the encrypted data as-is or is it secret like the key?
I realize this is most likely a newbie question but since I'm obviously not a crypto expect, I want to make sure I use libsodium and the construct right.
Thanks!
That's a pretty old question, but since it was still waiting for an answer, here it is.
The header is indeed a nonce. It doesn't have to be secret. But it is required so that if the same stream is encrypted twice, both ciphertexts will look completely different.
How to decrypt Coldfusion with standard algorithm and special characters ?
For example:
<cfoutput>#encrypt("123",key, "CFMX_COMPAT", "UU")#</cfoutput>
result: #-_G4
And if I try to decrypt this
<cfoutput>#decrypt("#-_G4",key,"CFMX_COMPAT", "UU")#</cfoutput>
I will get an error.
I know that in this example i should switch # to ##. But what should i do with other special characters in my database ? How to auto escape all special characters for the decrypt function ?
I will get an error. I know that in this example i should switch # to
##. But what should i do with other special characters in my database ?
Nothing. You can store whatever characters you want. You will not get that error when you invoke decrypt() with your query values.
"Invalid CFML construct found.." is a compilation error. It occurs before any CF code is even executed. The only reason it occurs in your example is because the # is embedded within the CF code itself. So when the CF server parses and compiles that code, it see the un-escaped # sign as the start of some sort of variable and looks for a closing # sign. When it does not find one where it expects, it causes an error and the compilation fails. So unescaped # signs are only an issue when they are contained within that actual CF code (or a string evaluated as CF code).
When you retrieve the encrypted text from the db table, CF does not evaluate the query values as code. It just pulls the strings from the db and hands them off to the decrypt function. So that error cannot occur.
Having said all that, you really should not use CFMX_COMPAT - for anything. It is not really encryption at all, but rather a legacy obfuscation algorithm maintained for backward compatibility only. Instead use a real encryption algorithm like AES, Blowfish, etcetera. You might also want to use "base64" or "hex" instead of "UU", as they former are more portable. See the encrypt() docs for a list of the supported algorithms.
What are these CFMX_COMPAT IDs being used for? I'd avoid using them since this algorithm only works with ColdFusion and is guessable. If you want a safe, short, unguessable hashes for integers that can be used in URLs, Hashids is the best solution.
http://hashids.org/coldfusion/
This library is freely available for JavaScript, Ruby, Python, Java, Scala, PHP, Perl, CoffeeScript, Objective-C, C, C++11, Go, Lua, Elixir, ColdFusion, Groovy and for Node.js & .NET. The ColdFusion CFC version wasn't compatible with ColdFusion 8, so I used the Java version on that server.
It seems that single # is creating the issue. Just store the output of your encrypted string in a variable and the place it for decryption. It will work.
<cfset key = "15TLe44po">
<cfoutput>#encrypt("123",key, "CFMX_COMPAT", "UU")#</cfoutput>
<cfset encryptedText = encrypt("123",key, "CFMX_COMPAT", "UU") />
<cfoutput>#decrypt("#encryptedText#",key,"CFMX_COMPAT", "UU")#</cfoutput>
<cfabort>
Hello I am working in a software company as a junior and old developers have encoded the database with a unknown encoding.
Here is a example :
IOSk3G7SbrKdXDXZtt9UfLI8phfEkowBFTuC5P1/ICLFqawgEFNq1ENWTg0nL1RpCbQEHPMkOOKSCr2MxHW5XIqWoiQUX59E2rbSMH4dxLDCqkx8a/jItk/O316ZdxYIXYxRfiefJ4oMD8fq4thBQ2pPdKT/+6xYwyC2oGpX9NcDnowYFc60ExV6WaoudJ9XDWonCeEaFb7A4ekQN4SijMbSVq5LBXAmAUzhe+L2aHVu0YfFbcZ7GM9y1czGiDeq4o1jksnDmxu9AeEmtCeTB6K6vCwSEjxa2x0/c2Yn16ZYyB40HAaVf3C8LepCfS6futLzkUDK7BwJNrVJ4gzgdQ==
what encoding this could be? I should encode next generated accounts with same encoding..
I have a similar result from using the rijndael algorithm to encrypt plain text, probably thats what they used.
For example: WywsU3TxDO1YYh0d8qnJ6w==