Page 1 of 1

Cracking mcrypt

PostPosted: Fri Feb 01, 2013 5:29 pm
by 0phidian
Lets say someone encrypted a file with mcrypt.

Code: Select all
mrcypt -a blowfish file.txt

So I have
To decrypt it you have to enter a passphrase which is then compared to an SHA1 hash. Cracking an SHA1 should be no problem, but I have no clue how the hash is stored or how to get to it. Anyone have any ideas about how one could find the hash?

Re: Cracking mcrypt

PostPosted: Sun Feb 03, 2013 4:51 pm
by WallShadow
Hmm, maybe you might want to look at the way the blowfish encryption algorithm works. I'm guessing that the decryption works by a process of blowfish-decrypt(SHA1(%YOUR_PASS_HERE%), %THE_FILE%) . The SHA1 hash isn't stored anywhere, it isn't being compared anywhere, it is being used directly in decryption process regardless of whether it is right or wrong. If you hash the wrong password, it will simply decrypt it wrong and you will simply get a garbage file. Try some file encryption cracker which breaks the blowfish algorithm.