hey as you all know an encrypted file is stored in the cookies that contain hashes for your WLM password
am looking for an algorithm to decrypt the hashes
i just need the algorithm
any help please
i understand if this topic was closed due to malicious stuff but it's not, educational purposes only
algorithm needed
algorithm needed
There is an UNEQUAL amount of good and bad in most things, the trick is to work out the ratio and act accordingly. "The Jester"
How can you ask "I need an algorithm to DECRYPT", which suggests an ENCRYPTION algorithm, then you finish with " to decrypt the HASHES" which suggests a HASHING algorithm?
A hashing algorithm takes something and transforms it so that it is not mathematically reversible. There is no way to unhash it. You can brute-force it.
A hashing algorithm takes something and transforms it so that it is not mathematically reversible. There is no way to unhash it. You can brute-force it.
ooooops that's embarrassing
i think i deserve toget into the hall oflame for this
my mistake
ok in a simple way am searching for an algorithm to decrypt the encrypted passwords of msn in the cookies
i think i deserve toget into the hall oflame for this
my mistake
ok in a simple way am searching for an algorithm to decrypt the encrypted passwords of msn in the cookies
There is an UNEQUAL amount of good and bad in most things, the trick is to work out the ratio and act accordingly. "The Jester"
Don't worry, it isn't really embarassing.l0ngb1t wrote:ooooops that's embarrassing
i think i deserve toget into the hall oflame for this
my mistake
ok in a simple way am searching for an algorithm to decrypt the encrypted passwords of msn in the cookies
My point is simply this: If it is a symmetric key encryption algorithm, you need the key. It is unlikely they just used some random key to do it.
If they hashed it, there is nothing you can do but brute-force the hash.
All encryption algorithms have a "mathematical algorithm behind them" - so do hash algorithms.visser wrote:ok so how does this compare to when you are trying to decrypt WEP keys? they have a mathematical algorithm behind them dont they?
The difference is that hashing algorithms use mathematical functions or operations that - and I'm sure there is a word for these, but I don't remember it - are not directly reversible.
Example:
f(x) = 2x
In the case of encryption, x would be your unencrypted data, and the result of the function would be the encrypted data. This means that
f^-1(x) = x/2
or the opposite of the other function is the function to decrypt encrypted data.
f(3) = 6
f^-1(6) = 3
Consider this function, however:
f(x) = x mod 3
Mod is the modulus function/operator. It returns the remainder of a division with the other operand. Example:
f(4) = 4 mod 3 = 1
because
1 * 3 + 1 = 4
What happens if we put...
f(7) = 7 mod 3 = 1
So, we have already shown that at least two inputs to our function return the same ciphertext(encrypted data). How do you determine which to use?
Given 1 as the ciphertext, how do you know if the plaintext is 7 or 4?
Real hashing algorithms are incredibly complex. So complex that it wouldn't be a shame if a cryptographer that specialized in this field were to only create a single one in his entire life.
Modulus is used a lot in such hashing algorithms, but so are other operations, such as a lot of bitwise boolean operations and so on. That is all way beyond my scope.
(P.S: When two numbers have the same remainder for n, they are said to be congruent for modulo n. In our case, 7 and 4 are congruent for modulo 3, because 7-4 = 3, which is evenly divisible by 3. See http://en.wikipedia.org/wiki/Congruence_relation for more info. )
WEP relies on a key that is shared between a computer and an access point. The key is used to encrypt packets before they are transmitted, and an integrity check is used to ensure that packets are not modified in transit. Often a single key that is used with all computers and access points of a WEP network.
WEP uses the RC4 encryption algorithm, which is a stream cipher. A stream cipher works by expanding the key into a stream using a pseudo-random number. The sender uses the key stream with the plaintext to produce ciphertext. The receiver has a copy of the same key, and uses it to generate the same key stream, and reverses the process to translate the packet.
To ensure that a packet has not been modified in transit, an Initialization Vector (IV) is sent with the packet. Initialization Vectors are used to augment the shared key and produce a different RC4 key for each packet.
The IV in WEP encryption is a 24-bit field, which is sent in the plaintext part of a message. Such a small space of initialization vectors guarantees that mmultiple packets will be encrypted using the same key stream over time. There is an equation to figure out how fast IV numbers will be exausted, but it's complicated... A busy access point, which constantly sends 1500 byte packets at 11Mbps, will exhaust the space of IVs after 1500*8/(11*10^6)*2^24 = ~18000 seconds, or 5 hours. But most packets are smaller then 1500 bytes so in reality it would take less time.
Anyhow, this vulnerability allows you to collect encrypted packets over time that are encrypted with the same key stream, and then run a plaintext attack on those paackets statiticly 'guessing' what the key was that encrypted them. The more packets you collect, the better the 'guess'
WEP uses the RC4 encryption algorithm, which is a stream cipher. A stream cipher works by expanding the key into a stream using a pseudo-random number. The sender uses the key stream with the plaintext to produce ciphertext. The receiver has a copy of the same key, and uses it to generate the same key stream, and reverses the process to translate the packet.
To ensure that a packet has not been modified in transit, an Initialization Vector (IV) is sent with the packet. Initialization Vectors are used to augment the shared key and produce a different RC4 key for each packet.
The IV in WEP encryption is a 24-bit field, which is sent in the plaintext part of a message. Such a small space of initialization vectors guarantees that mmultiple packets will be encrypted using the same key stream over time. There is an equation to figure out how fast IV numbers will be exausted, but it's complicated... A busy access point, which constantly sends 1500 byte packets at 11Mbps, will exhaust the space of IVs after 1500*8/(11*10^6)*2^24 = ~18000 seconds, or 5 hours. But most packets are smaller then 1500 bytes so in reality it would take less time.
Anyhow, this vulnerability allows you to collect encrypted packets over time that are encrypted with the same key stream, and then run a plaintext attack on those paackets statiticly 'guessing' what the key was that encrypted them. The more packets you collect, the better the 'guess'
knuffeltjes voor mijn knuffel
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]