AesCrypt hash: How to obtain iv, enc_iv, enc_key, HMAC and encrypttion
#1
Hi,

With the use of perl aescrypt_hello_world.pl rockyou.txt after searching in the forum, I can’t find anything discussing in depth or how to obtain these important criteria (iv, enc_iv, enc_key, HMAC) even after examining the info on aescrypt.com/aes_file_format.html , it’s no help or even after googling there’s no info on these terms/criteria.  There is some discussion here: https://github.com/hashcat/hashcat/pull/2285 but it is still unclear on how to obtain these criteria to paste them in aescrypt2hashcat.pl and then of course run with perl.

[Apologies if this is considered a new topic]
After attempting to run aescrypt2hashcat.pl in perl, I get an ERROR message: "The file doesn't seem to be a correct aescrypt file".  How does the script know this if the file is encrypted?  And if the file ends with the extension .aes why does the script "think" it's not an AES Crypt file?  Here's another important question... if one was to originally save (2016) an AES Crypt file in the form of file.aes on a USB thumb drive and then later copied the file to a laptop hard drive, does AES Crypt "mess up", change, or scramble the file with the transfer?  If so, then you can only run all the cracking attempts pointed at the USB drive, right?  When you open a aes file using notepad, does the encryption look like hieroglyphics mixed in with the gist of the file looking something like this: ʇÎzcÖ Ïcäq(1²Å¼½âÙöiS7óöñ¦¤yŸø@C†æ as an example?(not sure what an aes encrypted file is supposed to look like)  I'm trying to figure out if this is a properly encrypted aes file or corrupted or something else?  If this helps, when the file is opened with AES Crypt, here's what is shown: 
.png   pass.png (Size: 4.39 KB / Downloads: 7)  and the error message when entering the incorrect password is: 
.png   error.png (Size: 24.58 KB / Downloads: 8) .  


Chuck
Reply
#2
you might need to have a look at the Aes Crypt file format page:
https://www.aescrypt.com/aes_file_format.html

They explain how the file format is and how it changed over time

there is "AES" at the start of the file (first 3 bytes, "A", "E" and "S") and after that comes a version number.

I think aescrypt2hashcat.pl only supports the latest version, because it was the only one we had some example
hash:pass
pairs. This doesn't mean that the code couldn't work for sure, but somebody would need to investigate what the differences are to extract the data from the *.aes file and also if the code to verify if the password candidates are correct changed over time or didn't change at all over time.

I would say you will need to start with the file format version number (the byte after the "AES" at the start.

You would probably need some hex editor to open (a copy/backup of) the file and view the single bytes and compare them to that "AES - File Format" page linked above (https://www.aescrypt.com/aes_file_format.html), like HxD for windows etc
Reply
#3
btw: just to be very clear, you need to run the perl script like this:
Code:
cd tools
perl aescrypt2hashcat.pl file.aes

i.e. in your cmd window, you need to enter the tools folder (I assume here that you have a full copy of the source code of hashcat, see https://hashcat.net/hashcat/ and search for the "hashcat sources" link or alternatively a full git clone from https://github.com/hashcat/hashcat, not the release version, but again the source code)
Within the tools folder, you should have copied a backup of your *.aes file and then run the conversion script (from the .aes file to a "hash" that hashcat supports) with the command above.

This step doesn't involve any dictionary file (no rockyou.txt is needed), only the aescrypt2hashcat.pl perl script and the *.aes file is needed.
The *.aes file need to be generated by the software "AES Crypt" that you can download here: https://www.aescrypt.com
It doesn't work with a file that wasn't generated by that specific software "AES Crypt".
Reply
#4
I was able to follow your good instructions above up until the part where I tried to understand "run the conversion script (from the .aes file to a "hash" that hashcat supports) with the command above." Would you explain what is meant by "to a 'hash' that hashcat supports". I did run the command perl aescrypt2hashcat.pl file.aes as instructed inside the tools folder with my aes file copied inside the tools folder. Is there any editing involved with the aescrypt2hashcat.pl script before running it with the command given above (perl aescrypt2hashcat.pl file.aes)?

My aes file is encrypted by AES Crypt back in March, 2016 and nothing has changed since then in terms of it was stored on a thumb drive up until recently when I copied it to a folder on my laptop hard drive. Of course the password has been forgotten, hence the need to crack. However, something is not as it should be with my aes file. I have continuously received the same ERROR message from the script aescrypt2hashcat.pl which is...

"ERROR: The file doesn't seem to be a correct aescrypt file (signature mismatch)". Any ideas how to overcome this?

I don't know how to solve this if the aescrypt2hashcat.pl script doesn't recognize it as a genuine aes file. I am certain however the original aes file was indeed created by AES Crypt in 2016 and no other cryptography software. By the way, at the beginning of 2016 AES Crypt came out with version 2 (AES 256) as opposed to version 1 (AES 128) and the aescrypt2hashcat.pl script works for version 2. In conclusion, I'm not sure what to do at this point.
Reply
#5
According to the error.png screenshot in your first post even AES Crypt itself doesn't recognize that file as a valid AES Crypt file. Either it was not created with AES Crypt or it has been damaged.
Reply
#6
next step would of course be to make sure it's a valid .aes file by comparing the file format description from https://www.aescrypt.com/aes_file_format.html with the file loaded in a hex editor (like explained above, for instance this HxD for windows that seems to be a recommended hex editor for that operating system. I normally just use tools like xxd for linux, but any good editor that shows you the bytes of the file in hexadecimal will work)



I'm pretty sure that this is you (Rust64 on github) that is complaining that the aescrypt2hashcat.pl script throws too many error messages: https://github.com/hashcat/hashcat/issues/2483 . The timing and the exact same problem at the same time can't just be a coincidence. I would always prefer that users just mention and post a link to their github issue, otherwise this gets so confusing. How should we otherwise know that fatcat is the same as Rust64 ?

Anyway, I'm not convinced that the aescrypt2hashcat.pl tool is throwing too many error messages... It does check exactly what it needs to check i.e. if the metadata is valid according to the .aes file format specification from the official AES Crypt website (the link was already posted several times above).
If you are in doubt, just create a new .aes file and see if aescrypt2hashcat.pl works... if you are able to generate a new example with the AES Crypt software (even an older version of AES Crypt, but still with file format 2) that isn't accepted by aescrypt2hashcat.pl, you could easily share that test file here and we will see what could have gone wrong. Of course you shouldn't post your target file with sensitive info in it. Only new tests. I can't come up with any file that was created by AES Crypt software but doesn't work with aescrypt2hashcat.pl (and this is exactly how it should be, everything works correctly in my tests).
Reply