Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use an external tool to decrypt passwords #23

Open
Pysis868 opened this issue Dec 19, 2023 · 3 comments
Open

Use an external tool to decrypt passwords #23

Pysis868 opened this issue Dec 19, 2023 · 3 comments

Comments

@Pysis868
Copy link

Pysis868 commented Dec 19, 2023
edited
Loading

Is there a way to verify the data stored in the configuration file?
Made some trials to test this, but still not successful.
Not familiar with encryption technology, but think I got something close.

⋊> echo -n "$pwh" | openssl aes-128-cbc -d -in - -pass 'env:k' -iv "$iv"
bad magic number

⋊> echo -n "$k"
<abcdefg>⏎

⋊> echo -n "$k" | xxd
00000000: #### #### #### ##                        <abcdefg>
<no return codes/chars>

⋊> echo -n "$pwh" | xxd
00000000: #### #### #### #### #### #### #### ####  <1234567890abcdef>
00000010: #### #### #### #### #### #### #### ####  <1234567890abcdef>
<no return codes/chars>

<addr  >: <asc ii c odes                        >  <chars          >
<addr  >: <asc ii c odes                        >  <chars          >

⋊> echo -n "$iv"
DEADBEEFFEEDFACE0102030408070605

⋊> echo -n "$iv" | xxd
00000000: 4445 4144 4245 4546 4645 4544 4641 4345  DEADBEEFFEEDFACE
00000010: 3031 3032 3033 3034 3038 3037 3036 3035  0102030408070605
<no return codes/chars>

.../wowreeb/config.xml:

<?xml version="1.0" encoding="utf-8"?>
<wowreeb>
  <Realm Name="Classic - ...">
    <Exe Path="F:\Games\Blizzard\WoW\Classic - 1.12.1.587\Source\WoW.exe" SHA256="b4756d38ef207c02ed651f4952bd89a70b4857b73a33413339e1b285b28d2dc7" />
    <AuthServer Host="......." />
	<Credentials Username="..." Password="<1234567890abcdef1234567890abcdef>" />
  </Realm>
</wowreeb>

⋊> begin
  echo -n "$pwh" |             openssl aes-128-cbc -d -in - -pass 'env:k'          ;
  echo -n "$pwh" | base64 -d | openssl aes-128-cbc -d -in - -pass 'env:k'          ;
  echo -n "$pwh" | xxd -p -r | openssl aes-128-cbc -d -in - -pass 'env:k'          ;
  echo -n "$pwh" |             openssl aes-128-cbc -d -in - -pass 'env:k' -iv "$iv";
  echo -n "$pwh" | base64 -d | openssl aes-128-cbc -d -in - -pass 'env:k' -iv "$iv";
  echo -n "$pwh" | xxd -p -r | openssl aes-128-cbc -d -in - -pass 'env:k' -iv "$iv";

  echo -n "$pwh" |             openssl aes-192-cbc -d -in - -pass 'env:k'          ;
  echo -n "$pwh" | base64 -d | openssl aes-192-cbc -d -in - -pass 'env:k'          ;
  echo -n "$pwh" | xxd -p -r | openssl aes-192-cbc -d -in - -pass 'env:k'          ;
  echo -n "$pwh" |             openssl aes-192-cbc -d -in - -pass 'env:k' -iv "$iv";
  echo -n "$pwh" | base64 -d | openssl aes-192-cbc -d -in - -pass 'env:k' -iv "$iv";
  echo -n "$pwh" | xxd -p -r | openssl aes-192-cbc -d -in - -pass 'env:k' -iv "$iv";

  echo -n "$pwh" |             openssl aes-256-cbc -d -in - -pass 'env:k'          ;
  echo -n "$pwh" | base64 -d | openssl aes-256-cbc -d -in - -pass 'env:k'          ;
  echo -n "$pwh" | xxd -p -r | openssl aes-256-cbc -d -in - -pass 'env:k'          ;
  echo -n "$pwh" |             openssl aes-256-cbc -d -in - -pass 'env:k' -iv "$iv";
  echo -n "$pwh" | base64 -d | openssl aes-256-cbc -d -in - -pass 'env:k' -iv "$iv";
  echo -n "$pwh" | xxd -p -r | openssl aes-256-cbc -d -in - -pass 'env:k' -iv "$iv";
end
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number
bad magic number

⋊> echo -n "$pwh" | openssl aes-128-cbc -d -in - -pass 'env:k' -iv "$iv" -v -bufsize=16 -debug -nosalt;
bufsize=16
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
BIO[0x1a5e790]: ctrl(6) - cipher
BIO[0x1a5e710]: ctrl(6) - FILE pointer
BIO[0x1a5e710]: ctrl return 0
BIO[0x1a5e790]: ctrl return 0
BIO[0x1a5ebd0]: read(0,16) - FILE pointer
BIO[0x1a5ebd0]: read return 16
BIO[0x1a5e790]: write(0,16) - cipher
BIO[0x1a5e790]: write return 16
BIO[0x1a5ebd0]: read(0,16) - FILE pointer
BIO[0x1a5ebd0]: read return 16
BIO[0x1a5e790]: write(0,16) - cipher
BIO[0x1a5e710]: write(0,16) - FILE pointer
BIO[0x1a5e710]: write return 16
BIO[0x1a5e790]: write return 16
BIO[0x1a5ebd0]: read(0,16) - FILE pointer
BIO[0x1a5ebd0]: read return 0
BIO[0x1a5e790]: ctrl(11) - cipher
BIO[0x1a5e790]: ctrl return 0
bad decrypt
140543310804800:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:570:
BIO[0x1a5ebd0]: Free - FILE pointer
BIO[0x1a5e710]: Free - FILE pointer
BIO[0x1a5e790]: Free - cipher
...???.?.?.????⏎

⋊> echo -n "$pwh" | /usr/bin/openssl aes-128-cbc -d -in - -pass 'env:k' -iv "$iv" --nosalt;
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
hex string is too long, ignoring excess
bad decrypt
006E130D187F0000:error:1C800064:Provider routines:ossl_cipher_unpadblock:bad decrypt:providers/implementations/ciphers/ciphercommon_block.c:124:
...???.?.?.????⏎

echo -n "$pwh" | /usr/bin/openssl aes-128-cbc -d -in - -pass 'env:k' -iv "$iv" --nosalt | xxd
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
bad decrypt
000E7B47237F0000:error:1C800064:Provider routines:ossl_cipher_unpadblock:bad decrypt:providers/implementations/ciphers/ciphercommon_block.c:124:
00000000: #### #### #### #### #### #### #### ####  ...???.?.?.????⏎

wowreeb/wowreeb/Config.cpp:

#include "tiny-AES-c/aes.hpp"

bool Config::VerifyKey
  • buffer 16 multiple (32),
  • to hex data,
  • decrypt aes (128) cbc,
  • remove PKCS7 padding,
  • remove magic 'number' prefix.

https://github.com/kokke/tiny-AES-c/

default key-size of 128 bit
No padding is provided so for CBC and ECB all buffers should be multiples of 16 bytes. For padding PKCS7 is recommendable.

⋊> openssl version
OpenSSL 1.1.1b  26 Feb 2019

⋊> /usr/bin/openssl version
OpenSSL 3.1.1 30 May 2023 (Library: OpenSSL 3.1.1 30 May 2023)
@namreeb
Copy link
Owner

namreeb commented Dec 21, 2023

I don't understand what you're trying to do. What are you wanting to verify? That the password in its encrypted form has not been corrupted?

@namreeb
Copy link
Owner

namreeb commented Dec 21, 2023

If so, you might want to look here. I added this to ensure that what we were dealing with was indeed an encrypted password and not plaintext password which happened to be a hex string. It also has the benefit of salting it to prevent the encrypted form of dictionary words from being searchable.

@Pysis868
Copy link
Author

Pysis868 commented Jan 8, 2024

I saw that portion of the function, but understand it to be added to the plaintext, so I should still be able to recognize my password after decryption, even with the prefix added.

My problem is trying to find a command string that allows me to successfully decrypt to a plaintext, using the data that I have entered and saved by this program.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Pysis868 @namreeb