01-20-2019, 10:45 PM
(This post was last modified: 01-21-2019, 12:22 AM by Randomdude.)
(01-20-2019, 09:52 PM)philsmd Wrote: see https://github.com/hashcat/hashcat/issues/85 for innosetup you need to use --hex-salt (according to that old trac ticket conversation).
So the algo is -m 120 instead of -m 140?
Also the pass is 12 characters long and uses numbers + upper/lower case letters, is it even feasible to crack this?
One more thing I do not get is how Inno Setup protects the actual encryption key, the way I understand it is that Inno setup hashes the entered key and compares it to the hash it has, then if it gets matched it just decrypts files using a completely different key (which is a sha1 of salt+pass). Am I wrong?
Edit: Actually now that I think about it, decryption key might be getting made (sha1($salt.utf16le($pass))) after the pass has been verified, pretty clever though I am still not sure.