[Last Call] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 248
  • Last Modified:

Encryption Algorthim used?

Dear all,

I am currently working on automation of a particular application so that it can be deployed via our software distribution tool. However, the configuration screen of the application has no auotmation interface available for it i.e. no command line, etc. To start, i was using send keys method is vb script, however this will not work when no user is logged on, and so software fails to deliver correctly.

So to work around the need to use the GUI interface, i captured where the program writes the values to in the registry. However, one field is a password field, and when entered into the GUI, the program encrypts the value and writes that to the registry. The registry entry changes every time OK is pressed, even if the value does not, so I would assume that a floating algorithm is used??

My question - if i have the value before, and the encrypted value, is it possible to find out which algorthim is used? If so, could i then use this in my script and then write the excrypted value to registry myself?

I've included background details, as i'd be open to any other suggestions people may have.

cheers in advance.
  • 2
1 Solution
Rich RumbleSecurity SamuraiCommented:
That is basically a dictionary attack, encrypting word's using a certain algorythm and looking for a match. Typically the algorythm is known, but the word is not. This is just a little different. We'll this works for unsalted, and symmetric cryptosystems. It is also possible to figure out what encryption algorythm was used with this method.
However, in your case, if the same password is entered everytime, and the value in the registry changes, then the algorythm uses "salts" or is Asymmetric- then it's a little bit harder, but not much more. There are a variaty of tools that will allow you to pass a word into a program and then output the encrypted hash.
Have you tested if a password created on your PC can then inserted into the registry of a destination PC and works?
It may not give you the formula but allows the possibility of a common default password being distributed.

Also check that there is not another random number registry entry (or maybe file) that is also part of the password formula.
spliffcityAuthor Commented:

Can you reccommned a program that would allow me to discover the algorythm? I'm looking at LC 5, but unsure whether this is what I need.

Rich RumbleSecurity SamuraiCommented:
LC5 is only for LanMan and NTLM Hashes. You may want to try JohnTheRipper, it is able to recognize a few more hashes than LC5. John is found at openwall.com.
Still john may nor recognize the algorythm, and I am not allowed to post usage for this program, you'l' have to read up on it. GigaPlus also has a very valid point before you go an try doing all of this... test your theory, then see if you can reverse engineer the hash.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now