Posts: 9
Threads: 4
Joined: Apr 2012
I know in general AES BF is not feasible.
But I found a place that uses really weak passwords (6 chars alpha only).
I'm going to see if I can reduce the key space even more.
I'm planing to send them a bug report but I want to try and crack one of their cypher text to see how feasible it is.
is there a tool that does GPU or even just efficient CPU BF for AES.?
I'm currently trying to BF using some node.js code I wrote on my laptop and it should take a month
to go over the entire key space. so though feasible with node.js I assume I can find something that will speed things up
Posts: 5,185
Threads: 230
Joined: Apr 2010
That makes no sense, AES uses a fixed length key 128, 192 or 256. They can't have only use 6 chars. You sure there's no KDF in between?
Posts: 9
Threads: 4
Joined: Apr 2012
Oh sorry I'm sure there is some key derivation from the password to the actual encryption key.
I haven't had a chance to figure out what the actual KDF is but the code uses crypto-js
AES 256 implementation with default settings (I'll try to dig into the KDF next).
I'll looked a bit more into the password generation and the implementation is as follows
Math.random().toString(36).substr(2, 6);
I originally thought the password can only have letters(upper and lower caps) but that actually a bit weaker (only lower caps and numbers with no upper case). also the I'm not sure about the security of Math.random()
I know chrome recently changed there builtin random generation to be a bit more secure,
but I assume it's still not cryptographically secure and there might be a way to limit the key space even more but I don't have enough knowledge on how to do it (and the password might have been derived using a differentfrent browser)
Any way I guess I'll have to get the KDF first but using crypto-js with node.js I can check ~3 keys in ms (using 4 cores)
I thought any better AES implementation might help me increase the rate at least ten times
Posts: 9
Threads: 4
Joined: Apr 2012
Ok.
So I looked into CryptoJS source and it is basicly an openssl
clone in JS.
So it seems like one round of md5 with some salt.
I tried looping over openssl to brute the password but performance aren't any better.
I found a tool for bruteforcing open ssl -
https://github.com/glv2/bruteforce-salted-openssl
I'll try to see if I can get any better results using it
Posts: 5,185
Threads: 230
Joined: Apr 2010
Well, if the KDF and then doing some AES, the correct way to crack it is doing exactly the same. You will crack it in not time with such a password policy. There's even no need to do it on GPU