hashcat Forum
encrypto .crypto notes - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Developer (https://hashcat.net/forum/forum-39.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-40.html)
+--- Thread: encrypto .crypto notes (/thread-9564.html)



encrypto .crypto notes - john - 10-14-2020

How to crack https://macpaw.com/encrypto notes? i have 2 notes, and i forgot last 3 symbols, need crack it


RE: encrypto .crypto notes - DanielG - 10-14-2020

Oh boy, well this application isn't known to be supported by hashcat. Someone would need to analyse that program and see how the encryption occurs. Then check whether any of the modes can be used to attack it, and if not possibly create a new mode to support it.


RE: encrypto .crypto notes - john - 10-14-2020

(10-14-2020, 12:01 PM)DanielG Wrote: Oh boy, well this application isn't known to be supported by hashcat. Someone would need to analyse that program and see how the encryption occurs. Then check whether any of the modes can be used to attack it, and if not possibly create a new mode to support it.
Maybe other applications can support this file


RE: encrypto .crypto notes - philsmd - 10-14-2020

It seems the code is open source if I'm not totally mistaken: https://github.com/MacPaw/ENCryptor/

it's object-c code.

the interesting functions are "deriveMasterKey ()" and "openArchive ()" from the ENCryptor/ENEncryptedArchive.m file :

https://github.com/MacPaw/ENCryptor/blob/0819eaa04bd7277333477b7b9af14ac8ba2c5f02/ENCryptor/ENEncryptedArchive.m#L1259

hard-coded 4096 rounds of PBKDF2-HMAC-SHA256 https://github.com/MacPaw/ENCryptor/blob/0819eaa04bd7277333477b7b9af14ac8ba2c5f02/ENCryptor/ENEncryptedArchive.m#L159

If you only miss some chars, maybe something like an AutoHotkey script is much more effective to get your password back for now (unless a cracking tool exists already of course).

this is also interesting: https://github.com/MacPaw/ENCryptor/blob/0819eaa04bd7277333477b7b9af14ac8ba2c5f02/ENCryptor/ENEncryptedArchive.m#L140 ("Used to check password")

update: there is even a cli tool "encrypto-cli" so you wouldn't even need to use AutoHotKey... it should be pretty easy to recover a few chars if you do it cleverly with this command line tool "encrypto-cli"


RE: encrypto .crypto notes - john - 10-16-2020

(10-14-2020, 12:29 PM)philsmd Wrote: It seems the code is open source if I'm not totally mistaken: https://github.com/MacPaw/ENCryptor/

it's object-c code.

the interesting functions are "deriveMasterKey ()" and "openArchive ()" from the ENCryptor/ENEncryptedArchive.m file :

https://github.com/MacPaw/ENCryptor/blob/0819eaa04bd7277333477b7b9af14ac8ba2c5f02/ENCryptor/ENEncryptedArchive.m#L1259

hard-coded 4096 rounds of PBKDF2-HMAC-SHA256 https://github.com/MacPaw/ENCryptor/blob/0819eaa04bd7277333477b7b9af14ac8ba2c5f02/ENCryptor/ENEncryptedArchive.m#L159

If you only miss some chars, maybe something like an AutoHotkey script is much more effective to get your password back for now (unless a cracking tool exists already of course).

this is also interesting: https://github.com/MacPaw/ENCryptor/blob/0819eaa04bd7277333477b7b9af14ac8ba2c5f02/ENCryptor/ENEncryptedArchive.m#L140 ("Used to check password")

update: there is even a cli tool "encrypto-cli" so you wouldn't even need to use AutoHotKey... it should be pretty easy to recover a few chars if you do it cleverly with this command line tool "encrypto-cli"
Thanks for your answer.
You mean https://github.com/MacPaw/ENCryptor/tree/master/encrypto-cli ?
How can i run it ?


RE: encrypto .crypto notes - philsmd - 10-16-2020

It's written on that same github page:

Installation: https://github.com/MacPaw/ENCryptor#installation
brew method: https://github.com/MacPaw/ENCryptor#demo


RE: encrypto .crypto notes - john - 10-18-2020

(10-16-2020, 12:31 PM)philsmd Wrote: It's written on that same github page:

Installation: https://github.com/MacPaw/ENCryptor#installation
brew method: https://github.com/MacPaw/ENCryptor#demo

Is it possible to run this Encryptor using wordlist ?