hashcat Forum

Full Version: MySQL AES Encrypt
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi there. Anybody know a way using oclHashcat for cracking the KEY of encrypting mysql AES_ENCRYPT function?

Im looking for salt/key if i know the plaintext and hash Smile
not possible.
How about the whole string? There MUST be a way to bruteforce AES_ENCRYPT hash.
It's not a hash, it's encrypted. You're asking how to brute force an AES key, which is either 2^128 or 2^256. This is not possible. You might have some luck if the developer screwed up and only used keys in the ASCII range, but then you're still looking at 95^16 or 95^32.
epixoip i c your point but not fully.
I *might* know how i can do it in php/mysql.

cheking 0-100000
if(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $i, pack('H*', $hash), 'ecb') === $plain)
echo 'Encrypt key: '.$i; die();

however its slow since using cpu.
That's sort of the idea, except "0-100000" are not valid keys. The key is either going to be 16 or 32 characters long, depending on whether it's a 128-bit key or 256-bit key. And each character should be in the full 0x00 - 0xff range, unless the developer screwed up and used a printable key, in which case it will be in the 0x20-0x7e range.

It doesn't matter though because even the best-case scenario you're looking at 95^16, which can't be brute forced with even the largest clusters working on the fastest algorithms.