Bugtraq mailing list archives
Re: Which crypto algorithm? was: Communicator 4.5 stores
From: thievco () SPRITE NETNATION COM (Thievco)
Date: Fri, 6 Nov 1998 16:07:45 -0800
Does anybody know the algorithm used to encrypt the passwords in Communicator??
Apparantly, it takes the plaintext, xors it with a fixed string, and base64 encodes the result: use MIME::Base64; print ((decode_base64('NLyIPunfKw==')) ^ ("\x56" . "\xc9" . "\xef" . "\x4a" . "\x9b" . "\xbe" . "\x5a")); You need the MIME perl module. This one is good up to 7 characters, because that's how long a couple of POP passwords I have are :) Should be pretty straightforward to extend beyond 7 characters.. just take the encoded string from the prefs file, base64 decode it, and xor it with your password in plaintext. What you'll get is the fixed string to xor with.. just extend the bytes I have above. The sequence of bytes is non-obvious as to the meaning (at least to me.) It doesn't spell anything in ASCII. Let me know if it doesn't work on your passwords.. I'm curious. I only had a couple to try. BB
Current thread:
- Re: Which crypto algorithm? was: Communicator 4.5 stores Thievco (Nov 06)