Need to find X in SHA1[(AES-128(X)]
#1
Hi

This is the problem I am trying to solve:

Please take you birthday (day and month) in hexadecimal form. Find message X that SHA1[(AES-128(X)]=0x[18 arbitrary bytes][day][month]. AES key is 0x00000000000000000000000000000000.
For example, if you birthday is January 10th, please find X, that SHA1[AES-128(X))]=0x[18 arbitrary bytes]1001.

I am quite noob to working with problems like this so I was hoping someone could explain how exactly am I supposed to work this out.

Sorry for the vague question but I don't really know what to exactly ask either.
Thanks!
#2
I wrote a little code for you that should solve the problem:

Code:
#!/usr/bin/env perl

use strict;
use warnings;
use Digest::SHA qw (sha1_hex);
use Crypt::CBC;
use Crypt::Rijndael;

my $hc     = "\x68\x61\x73\x68\x63\x61\x74\x00";
my $key    = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
my $iv     = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
my $suffix = $ARGV[0];

my $i = 1;

while ($i++)
{
  my $cipher = Crypt::CBC->new({
    key         => $key,
    cipher      => "Crypt::Rijndael",
    iv          => $iv,
    literal_key => 1,
    header      => "none",
    keysize     => 16,
    padding     => "none",
  });

  my $pt = $hc . pack ("Q", $i);

  my $ct = $cipher->encrypt ($pt);

  my $hash = sha1_hex ($ct);

  next unless $hash =~ /$suffix$/;

  printf "pt: %s\n", unpack ("H*", $pt);
  printf "ct: %s\n", unpack ("H*", $ct);

  printf "hash: %s\n", $hash;

  last;
}

Quote:root@et:~/oclHashcat-1.32# perl sha1aes128date.pl 0402
pt: 68617368636174006d1c010000000000
ct: 381b9a3dd48c5bff7d1791c86375e56e
hash: a0676d214b22e0bc80f4e14e2892dbd42c8f0402
root@et:~/oclHashcat-1.32# perl -e 'print pack ("H*", "68617368636174006d1c010000000000")' | openssl enc -aes-128-cbc -K 00000000000000000000000000000000 -iv 00000000000000000000000000000000 -nopad | sha1sum
a0676d214b22e0bc80f4e14e2892dbd42c8f0402 -
#3
(12-30-2014, 04:55 PM)atom Wrote: I wrote a little code for you that should solve the problem:

Code:
#!/usr/bin/env perl

use strict;
use warnings;
use Digest::SHA qw (sha1_hex);
use Crypt::CBC;
use Crypt::Rijndael;

my $hc     = "\x68\x61\x73\x68\x63\x61\x74\x00";
my $key    = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
my $iv     = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
my $suffix = $ARGV[0];

my $i = 1;

while ($i++)
{
  my $cipher = Crypt::CBC->new({
    key         => $key,
    cipher      => "Crypt::Rijndael",
    iv          => $iv,
    literal_key => 1,
    header      => "none",
    keysize     => 16,
    padding     => "none",
  });

  my $pt = $hc . pack ("Q", $i);

  my $ct = $cipher->encrypt ($pt);

  my $hash = sha1_hex ($ct);

  next unless $hash =~ /$suffix$/;

  printf "pt: %s\n", unpack ("H*", $pt);
  printf "ct: %s\n", unpack ("H*", $ct);

  printf "hash: %s\n", $hash;

  last;
}

Quote:root@et:~/oclHashcat-1.32# perl sha1aes128date.pl 0402
pt: 68617368636174006d1c010000000000
ct: 381b9a3dd48c5bff7d1791c86375e56e
hash: a0676d214b22e0bc80f4e14e2892dbd42c8f0402
root@et:~/oclHashcat-1.32# perl -e 'print pack ("H*", "68617368636174006d1c010000000000")' | openssl enc -aes-128-cbc -K 00000000000000000000000000000000 -iv 00000000000000000000000000000000 -nopad | sha1sum
a0676d214b22e0bc80f4e14e2892dbd42c8f0402 -

If I understand correctly I have to run the code myself right? Because if I do my terminal says "Can't locate Crypt/CBC.pm in @inc". I download Crypt.CBC.2.22.tar.gz, but is it the right one, where do I have to install it?

Or am I completely misunderstanding?
#4
Yes you have to run it yourself. Look at the installation instructions for Crypt/CBC.pm.
#5
(12-30-2014, 04:55 PM)atom Wrote: I wrote a little code for you that should solve the problem:

Code:
#!/usr/bin/env perl

use strict;
use warnings;
use Digest::SHA qw (sha1_hex);
use Crypt::CBC;
use Crypt::Rijndael;

my $hc     = "\x68\x61\x73\x68\x63\x61\x74\x00";
my $key    = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
my $iv     = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
my $suffix = $ARGV[0];

my $i = 1;

while ($i++)
{
  my $cipher = Crypt::CBC->new({
    key         => $key,
    cipher      => "Crypt::Rijndael",
    iv          => $iv,
    literal_key => 1,
    header      => "none",
    keysize     => 16,
    padding     => "none",
  });

  my $pt = $hc . pack ("Q", $i);

  my $ct = $cipher->encrypt ($pt);

  my $hash = sha1_hex ($ct);

  next unless $hash =~ /$suffix$/;

  printf "pt: %s\n", unpack ("H*", $pt);
  printf "ct: %s\n", unpack ("H*", $ct);

  printf "hash: %s\n", $hash;

  last;
}

Quote:root@et:~/oclHashcat-1.32# perl sha1aes128date.pl 0402
pt: 68617368636174006d1c010000000000
ct: 381b9a3dd48c5bff7d1791c86375e56e
hash: a0676d214b22e0bc80f4e14e2892dbd42c8f0402
root@et:~/oclHashcat-1.32# perl -e 'print pack ("H*", "68617368636174006d1c010000000000")' | openssl enc -aes-128-cbc -K 00000000000000000000000000000000 -iv 00000000000000000000000000000000 -nopad | sha1sum
a0676d214b22e0bc80f4e14e2892dbd42c8f0402 -

I finally got the right Perl Modules installed, but when I ran the code it gave me this error:
Quote:Use of uninitialized value $suffix in regexp compilation at kood.pl line 34.
pt: 68617368636174000200000000000000
ct: 992019d5b6410de029cd913c9e4e2522
hash: 1f61c7a71d18510579504ac418f001ecbf88d563
What's the problem? And how exactly can I use this code to get the hash which has included my birthday in its encryption, or am I misunderstanding things?
Thanks!
#6
looks like you forgot to tell the program your birthday.
#7
(12-30-2014, 11:42 PM)epixoip Wrote: looks like you forgot to tell the program your birthday.

Ofc,
# perl sha1aes128date.pl 0402
so I just replace the bold with my own date?

Also in the problem I had to take my birthday date in hexadecimal, can i just use the hexadecimal, or will the program have problems? (don't have access to my terminal atm)

Thanks
#8
yes, replace the bold with your birthday in hexadecimal form
#9
So I just tried to run the program with my birthday as hexadecimal, dosent seem to work.
I think the task wants me to take month and day seperately, january tenth would be 0xA0x1, right?
Is there something I can do to the code that it would process hexadecimals?
#10
it would be
"\xa0\x01"