Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Encryption question

  1. #1
    Senior Member
    Join Date
    Jan 2004
    Posts
    172

    Encryption question

    I'm looking for a good program to break some encyption. Anyone know of any good ones. I don't know what type of encyption it is... but maybe something that runs through it all and tells me any type of patterns or something.

    Preferably something free. We have a employee that left and decided to encrypt some files we need. I open them and I get gibberish stuff like this

    1a7R7W1D3K9G6E6W4

    It doesn't prompt for a username/password before I open it so I'm lost. Any ideas?

  2. #2
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Doh.

    Shitcreek - paddle == You.

    Sorry...you're not likely to find a program that will simply run through any and all known encryption algorithms and protocols and crack files. That's kind of the point of encryption...to make it so people can't just crack it and read the file.

    I do have some suggestions that might help though. Have you tried the utterly obvious? ROT13 and all it's common variations? Are they MS Office documents? If so, do you know what VERSION created them? What kind of doc's ARE they.

    Providing details along these lines may help narrow down a point to where it stands a chance of being answered. But as far as I know, there is no omnipotent free all-encompassing encryption breaking program...at least not outside the walls of the NSA.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  3. #3
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    This may help you go here

    But then if he used something other than EFS..............You are as zen has posted.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  4. #4
    Member
    Join Date
    Aug 2004
    Posts
    95
    you are trying a known cypertext attact.

    its really hard and unethical.

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Please forgive me if this sounds a little foolish, or if you have already tried.

    as you say that you are not prompted for a password, this implies that some application must be used to open the documents first?

    You need to check his computer and shared drives for anything unusual............it should be an executable of some sort. Also look around his work area for CDs and floppy disks, it might be on one of those.

    If the documents are in one single file/folder then it could be a scramdisk, that is, a virtual drive that needs to be mounted first.

    Good luck

    EDIT:

    You might also look at temporary files etc, depending on what created the documents there might be an unencrypted version left. Also try restoring the files from your oldest backups............the employee may not have used encryption from day one?

    More information on the type of documents would be helpful.

  6. #6
    ********** |ceWriterguy
    Join Date
    Aug 2004
    Posts
    1,608
    [offtopic..well sorta]anban, you are a raging idiot... did you not read the word 'employee' in his post? does this not mean that the documents are most likely company property, with him being the boss? That makes it perfectly legal now doesn't it? [/offtopic..well sorta]

    Did a bit of googling on 'decryption brute force tools' and found this site... it's got solid definitions plus links to (we hope, I'm too lazy to follow 'em myself) the tools to solve your problem:

    http://www.infoanarchy.org/wiki/index.php/Brute_Force

    Now after a bit of thinking on the matter - there should be evidence somewhere on this employee's box which will indicate which program was used to encrypt. Since different encryption progs use different encryption algorithms, there's a good chance if you know the program he used, we can find a tool to defeat it. You might do a bit of fishing around and see - my gut says PgP since it's so easily acquired, but gut instinct only goes so far.
    Even a broken watch is correct twice a day.

    Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!

  7. #7
    Member
    Join Date
    Aug 2004
    Posts
    95
    Mr.|3lack|ce

    I am sorry, but to remind you I am not an Idiot CISSP.

  8. #8
    ********** |ceWriterguy
    Join Date
    Aug 2004
    Posts
    1,608
    Ah, then let me rephrase Anban -
    You are completely lacking in any common sense whatsoever; a stereotypical nerd, and by association a complete IDIOT. You are the prime example of why I don't use or advertise my phd publicly nor try to garner false respect from it; the exact reason why the various degrees attainable are completely devoid of both form and content, and why no original contributions to mankind or field have been made in YEARS. Quite frankly I'm embarrassed of mine and the complete lack of effort it took to acquire it. Take your 'aspiring cissp' (quoting your profile), fold it until it's all sharp corners, and shove it squarely up your supposed phd (also from your profile) ass.

    The rest of us will try to help the guy with his problem.
    Even a broken watch is correct twice a day.

    Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!

  9. #9
    Senior Member
    Join Date
    Dec 2004
    Posts
    320
    Hey BlackIce, I'm not trying to take sides or anything, You know, just trying to be objective, so please don't consider this a flame ('cause you could Neg me to hell and back) But just because someone says that their 'employee' did this, doesn't mean it's not social engineering. I am not (yet) a very wise security guru, but I am paranoid enough to take this kind of thing with a grain of salt...
    The fool doth think he is wise, but the wiseman knows himself to be a fool - Good Ole Bill Shakespeare

  10. #10
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hey,

    dmorgan I can see what you are saying, but might I respectfully point out that Mr Clarkman has been a member for over a year and has over 100 posts to his name. Now that does not fit my profile of a skiddie or a guy up to no good...............far too patient? and certainly not a "post whore"

    Also I must admit that I have been asked to do the same sort of thing myself, so I have some empathy.

    If you look at his posts they bear all the markings of a regular guy trying to do a good job, but who gets called upon to do things "above and beyond the call of duty"............which is why I suppose he comes to us for help?

    Don't lose your cynicism though....................I get lonely very easily

    Was it Benjamin Franklin who said "we must hang together, gentlemen, or we will most assuredly hand separately"? I guess IT is like that.

    Just my £0.02

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •