Results 1 to 7 of 7

Thread: Hacking QuickCrypt Version 1 on windows 98

Threaded View

  1. July 19th, 2012, 08:43 AM #4
    nihil
    nihil is offline
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmmm,

    Windows 98 has CRAP encryption. I don't remember EXACTLY what it used, but it was really REALLY low.
    Actually, Windows 3.x/95/98/98SE/Millennium/NT4.0 did not have ANY file encryption inbuilt, which is why people had to use third party applications.

    EFS [Encrypting File System] started with Windows 2000 Professional and requires the NTFS file system version 3.0 or higher.

    In fact, the home user (9.x/ME) versions of Windows had no security whatsoever. If you could operate the I/O switch, you were administrator. The only purpose of the user ID and password was to allow multiple user profiles and desktops. That way each user would only see their stuff, rather than every application that was installed on the machine. Anyone could access everything on the machine, and the default user and password was blanks, and had FULL ADMIN rights.

    With such computers, anybody who could access it at any time could use it for whatever they wanted, including planting incriminating evidence

    Security is a double edged sword; sometimes it protects you, and other times it paints you into a corner

    The problem with the sort of Encryption available to most people, is that it was made back when multi core GHz Processors weren't on Desktops of the average user.
    That isn't the real issue, it's HOW the product works that matters. QuickCrypt simply puts password protection on a file and encrypts its contents so they cannot be examined using other utilities/applications, other than in their encrypted form. I think that it is safe to assume that QuickCrypt is installed on the machine in question, so when you try to open an encrypted file it will ask you for the password.............that is all you have to crack. Decryption is totally impractical as it uses the Blowfish algorithm.

    EDIT:

    I would guess that it uses Blowfish to hash the password (just like OpenBSD?), in which case they will need to brute force it, which shouldn't take very long with Rainbow Tables. I think that it is wise to assume that they will have RTs large enough to handle a 15 character pass?
    Last edited by nihil; July 19th, 2012 at 10:59 AM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. How to REALLY hack hotmail
    By gore in forum Microsoft Security Discussions
    Replies: 59
    Last Post: September 19th, 2006, 11:57 AM
  2. The history of the Mac line of Operating systems
    By gore in forum Operating Systems
    Replies: 3
    Last Post: March 7th, 2004, 08:02 AM
  3. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  4. Secure Windows (All Versions)
    By spools.exe in forum Microsoft Security Discussions
    Replies: 3
    Last Post: October 4th, 2003, 11:54 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules