01-06-2015, 09:49 AM
Azren, I think epixoip missed this line:
This is a very weird construction it's encrypting the password with the password. You can think of this like the LM hash. It would be interesting to know what the decrypt function does to the key. I assume SHA256 (or some other hash) or padding. Also if you can find the "encrypt" function just to make sure the IV isn't stupid, but this might be apparent from the decrypt function (ie null or fixed IV). Nice thing is it leaks the password length. So cracking can go much faster by dropping incorrect length passwords.
Anyway this is probably not a common hash so it would be unlikely for Atom to add it.
Code:
$key = trim($username).trim($cleartext_password);
This is a very weird construction it's encrypting the password with the password. You can think of this like the LM hash. It would be interesting to know what the decrypt function does to the key. I assume SHA256 (or some other hash) or padding. Also if you can find the "encrypt" function just to make sure the IV isn't stupid, but this might be apparent from the decrypt function (ie null or fixed IV). Nice thing is it leaks the password length. So cracking can go much faster by dropping incorrect length passwords.
Anyway this is probably not a common hash so it would be unlikely for Atom to add it.