Any tool to BF AES
#1
I know in general AES BF is not feasible.
But  I found a place that uses  really weak passwords (6 chars alpha only).
I'm going to see if I can reduce the key space even more.
I'm planing to send them a bug report but I want to try and crack one of their cypher  text to see how feasible it is.

is there a tool that does GPU or even just efficient CPU BF  for AES.?
I'm currently trying to BF using some node.js code I wrote on my laptop and it should take a month
to go over the entire key space. so though feasible with node.js I assume I can find something that will speed things up
Reply
#2
That makes no sense, AES uses a fixed length key 128, 192 or 256. They can't have only use 6 chars. You sure there's no KDF in between?
Reply
#3
Oh sorry I'm sure there is some key derivation from the password to the actual encryption key.
I haven't had a chance to figure out what the actual KDF is but the code uses crypto-js
AES 256 implementation with default settings (I'll try to dig into the KDF next).

I'll looked a bit more into the password generation and the implementation is as follows
Math.random().toString(36).substr(2, 6);

I originally thought the password can only have letters(upper and lower caps) but that actually a bit weaker (only lower caps and numbers with no upper case). also the I'm not sure about the security of Math.random() 

I know chrome recently changed there builtin random generation to be a bit more secure,
but I assume it's still not cryptographically secure and there might be a way to limit the key space even more but I don't have enough knowledge on how to do it (and the password might have been derived using a differentfrent browser)
Any way I guess I'll have to get the KDF first but using crypto-js with node.js I can check ~3 keys in ms (using 4 cores)
I thought any better AES implementation might help me increase the rate at least ten times
Reply
#4
Ok.
So I looked into CryptoJS source and it is basicly an openssl
clone in JS.
So it seems like one round of md5 with some salt.
I tried looping over openssl to brute the password but performance aren't any better.

I found a tool for bruteforcing open ssl - https://github.com/glv2/bruteforce-salted-openssl
I'll try to see if I can get any better results using it
Reply
#5
Well, if the KDF and then doing some AES, the correct way to crack it is doing exactly the same. You will crack it in not time with such a password policy. There's even no need to do it on GPU
Reply