XOR Cryptography - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: XOR Cryptography

  1. #11
    Senior Member
    Join Date
    Jun 2003
    Posts
    772
    If the key is large enough it'll take way too much time to try and crack the cyphered text by hand. But with a short key this is very possible.
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  2. #12
    Senior Member
    Join Date
    Jul 2003
    Posts
    634
    Gore: I think thats whats called a caesar cipher, suprisingly invented by the romans quite a while ago! maybe I read your description wrong but thats what it sounds like, on this sort of cipher you can do frequency based attacks.

    if you sample a sentence you will see that very letter appears a certain number of times (the frequency) if you then went allong and counted the number of times each letter appeared in your cipher text you could then match the frequencys up.

    Its a pretty quick, if sometimes inefficent way of doing it. each language has different letter frequency.

    user.dat windows 9x
    yep the user.dat file does contain the logon password, its mixed in with loads other stuff, and it takes a while to find

    i2c

  3. #13
    Senior Member
    Join Date
    Jun 2003
    Posts
    772
    What logon password? The passwords for every user are stored in .pwl files, what password is stored in user.dat then?
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  4. #14
    Senior Member
    Join Date
    Jan 2003
    Posts
    1,499
    If you have very litle VB knowedge you should be able to crack any XOR encryption using some source from planet source code.

    Look for Crack XOR. I used it a while ago. Dead easy to manipulate code and the guy has done the best bit of the work for you.

  5. #15
    Senior Member
    Join Date
    Jul 2003
    Posts
    634
    el-half: Me being stupid once again, its all this revision its mashing my brain up. Its the screensave password thats stored in the user.dat file!

    sorry for my stupidity

    i2c

  6. #16
    Senior Member
    Join Date
    Jun 2003
    Posts
    772
    aah, ok, and how on earth would you be able to find what part of the user.dat file is the password.
    So it is xor'd ? Using a random key?
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  7. #17
    Senior Member
    Join Date
    Jul 2003
    Posts
    634
    Yea, in that file theres a hex string. Itll be an even number of charecters. its justa matter of looking for it. If i remember correctly its between the middle and the end of the file (sorry for vagueness)

    so if you have a 5 charecter password the hex string will be 10 characters long.

    its something like this if you have a the first charecters of your string as 0C its like this take the first hex number (0) 00000000 XOR ???????? = 8BIT VALUE, this is in binary and it translates to the first charecter of an ASCII charecter.

    the ???????? is another value this is a decryption scheme its different depending on the 1st or 2nd charecter.... I think when I did it I worked out this scheme by entering random-logical (makes sense in my world...) passwords and figuring out the scheme from this.....It was a few years back

    hope that helps or gives you some leads.

    i2c

  8. #18
    Senior Member
    Join Date
    Jul 2003
    Posts
    634
    just remembered! the max password size is 14 charecters long, and the scheme change with that.... so scheme for a 1 letter password will be different to a 2 letter password. all the way up to 14..

    i think M$ had a work experience kid in that day and this was the task they gave him

    i2c

  9. #19
    Senior Member
    Join Date
    Sep 2003
    Posts
    161
    Originally posted here by mark_boyle2002
    If you have very litle VB knowedge you should be able to crack any XOR encryption using some source from planet source code.

    Look for Crack XOR. I used it a while ago. Dead easy to manipulate code and the guy has done the best bit of the work for you.
    User.dat is part of the registry, and they might contain some information such as serial numbers and such. The user name and password are stored in the SAM file in windows NT based, and in the .pwl file in the 9x series.

    btw. great article simple and right to the point.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides