hashcat Forum

hashcat Forum > Misc > General Talk > Any tool to BF AES
Full Version: Any tool to BF AES
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

n0-0ne

09-11-2016, 03:36 PM
I know in general AES BF is not feasible.
But  I found a place that uses  really weak passwords (6 chars alpha only).
I'm going to see if I can reduce the key space even more.
I'm planing to send them a bug report but I want to try and crack one of their cypher  text to see how feasible it is.

is there a tool that does GPU or even just efficient CPU BF  for AES.?
I'm currently trying to BF using some node.js code I wrote on my laptop and it should take a month
to go over the entire key space. so though feasible with node.js I assume I can find something that will speed things up

atom

09-12-2016, 12:19 AM
That makes no sense, AES uses a fixed length key 128, 192 or 256. They can't have only use 6 chars. You sure there's no KDF in between?

n0-0ne

09-13-2016, 01:22 PM
Oh sorry I'm sure there is some key derivation from the password to the actual encryption key.
I haven't had a chance to figure out what the actual KDF is but the code uses crypto-js
AES 256 implementation with default settings (I'll try to dig into the KDF next).

I'll looked a bit more into the password generation and the implementation is as follows
Math.random().toString(36).substr(2, 6);

I originally thought the password can only have letters(upper and lower caps) but that actually a bit weaker (only lower caps and numbers with no upper case). also the I'm not sure about the security of Math.random() 

I know chrome recently changed there builtin random generation to be a bit more secure,
but I assume it's still not cryptographically secure and there might be a way to limit the key space even more but I don't have enough knowledge on how to do it (and the password might have been derived using a differentfrent browser)
Any way I guess I'll have to get the KDF first but using crypto-js with node.js I can check ~3 keys in ms (using 4 cores)
I thought any better AES implementation might help me increase the rate at least ten times

n0-0ne

09-13-2016, 08:10 PM
Ok.
So I looked into CryptoJS source and it is basicly an openssl
clone in JS.
So it seems like one round of md5 with some salt.
I tried looping over openssl to brute the password but performance aren't any better.

I found a tool for bruteforcing open ssl - https://github.com/glv2/bruteforce-salted-openssl
I'll try to see if I can get any better results using it

atom

09-14-2016, 02:38 PM
Well, if the KDF and then doing some AES, the correct way to crack it is doing exactly the same. You will crack it in not time with such a password policy. There's even no need to do it on GPU
hashcat Forum > Misc > General Talk > Any tool to BF AES