Figuring out that weird hash format

[ayu]

So I recently came upon an old database dump that I wanted to extract user details from. The passwords were either hashed or encrypted, at the time I couldn't tell.

One password would look like this.

Code: Select all

0x72536e68474a306d656a753641694f3632354a2b52413d3d

There was one important clue in the database however. There was a column in the users table called "encryption_type" which was set to "mcrypt" on every row. At this point I could simply assume that the format indeed was mcrypt. And since hashid didn't give me anything useful I continued with that assumption. The application where the dump came from was written in PHP and the mcrypt function there is dead and gone since a while back, so solving this riddle required me to install an older version of Linux, Ubuntu 14.04 to be more precise. The format of the string didn't quite add up however and if you look at the last two hex values you can see that they are both 3d.

0x72536e68474a306d656a753641694f3632354a2b52413d3d

They are equal signs, which means the format is most likely Base64. So converting the string to ASCII gave me a Base64 encoded string.

Code: Select all

rSnhGJ0meju6AiO625J+RA==

Now to decrypt this I also noticed in the target application that it was not "just" MCRYPT, it was a hacky "I can implement this shit myself" version of an encryption function that uses MCRYPT, so I had to take snippets of code from the original application to build a tool that could decrypt the info. Luckily the decryption key was already hardcoded in the same file where I found the the code.

This story is rather short, but I actually spent hours on figuring out the format since I didn't notice the Base64 format at first.
In the end I did solve it and decrypted the ~50k passwords .

Code: Select all

root@ubuntu:/home/user# php test.php 
tittimaus

So I lost a few hours of my life but gained quite a large haul of passwords for my wordlists

[ayu]

Realized some code would be more interesting.
This is mostly not mine, it's the ugly stuff I pulled from the code base I analyzed.

Code: Select all

$crypto = new Crypto();
$mysqli = new mysqli("localhost","root","","bobby");

if ($mysqli -> connect_errno) {
  exit();
}

if ($result = $mysqli -> query("SELECT * FROM users;")) {

  foreach($result as $res)
  {
      echo trim($res['email']) . ":" . $crypto->decode($res['password'], $res['encryptionType']) . "\n";
  }

  $result -> free_result();
}

$mysqli -> close();

class Crypto
{
        function crypto()
        {
                $this->method = "MCRYPT";
                $this->cipher = MCRYPT_3DES;
                $this->key    = "BananePhoneSecret";
        }

        function decode($crypted_text, $override="", $a="")
        {
                if ($this->method == 'MCRYPT' && function_exists('mcrypt_module_open'))
                {
                                $crypted_text= trim(chop(base64_decode($crypted_text)));
                                $td = mcrypt_module_open ('tripledes', '', 'ecb', '');
                                $key = substr(md5($this->key),0,24);
                                $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
                                mcrypt_generic_init ($td, $this->key, $iv);
                                $decrypted_data = mdecrypt_generic ($td, $crypted_text);
                                mcrypt_generic_deinit ($td);
                                mcrypt_module_close ($td);
                                return trim(chop($decrypted_data));
                }
                elseif ($this->method == 'MD5')
                {
                        return false;
                }
                elseif ($this->method == 'NONE')
                {
                        return $crypted_text;
                }
        }
}
?>

[Gogeta70]

Very nice work, Ayu ^_^

Those custom "encryption" solutions are almost always insecure, but they sure can be a real pain to unravel!
And I wouldn't kick myself too hard on not spotting the base64 at first - we're all only human

I have some of the big name data leaks from over the last few years, let me know if you're interested or looking for something

[ayu]

Very nice work, Ayu ^_^

Those custom "encryption" solutions are almost always insecure, but they sure can be a real pain to unravel!
And I wouldn't kick myself too hard on not spotting the base64 at first - we're all only human

I have some of the big name data leaks from over the last few years, let me know if you're interested or looking for something

We should have a dump-section somewhere in the backroom

[Gogeta70]

What the... Why didn't I think of that?
Keep an eye out...