- Base64
- bcrypt
- Creating Password Hashes
- EncFS/6
- Featherduster
- hash-identifier
- hashID
- Magic Function
- MD5
- OpenSSL
- PBKDF2
- PuTTY Tools
- Python Pickle
- ROT13
- RSA
- SHA256
- XOR
Name | Description | URL |
---|---|---|
Ciphey | Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes | https://github.com/Ciphey/Ciphey |
FeatherDuster | An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction. | https://github.com/nccgroup/featherduster |
RsaCtfTool | RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data. | https://github.com/Ganapati/RsaCtfTool |
$ echo aGVsbG8gd29ybGQh | base64 -d
$ base64 -d lasjkdfhalsfsaiusfs | base64 -d - // double decryption
$ python -c 'import bcrypt; print(bcrypt.hashpw(b"<PASSWORD>", bcrypt.gensalt(rounds=10)).decode("ascii"))'
$ python -c "import bcrypt; print(bcrypt.hashpw('<PASSWORD>'.encode(), bcrypt.gensalt(rounds=10)))"
$ npm install -g @carsondarling/bcrypt-cli
$ bcrypt $(echo -n "<PASSWORD>" | sha256sum | cut -d " " -f 1) && echo
$ cat /etc/shadow
root:$6$YIFGN9pFPOS3EmwO$qwICXAw4bqSjjjFaCT1qYscCV72BjFtx/tehbc7sQTJp09UJj9u83eBio1cLcaxyGkx2oDhJsXT6LL0FABlc5.:18277:0:99999:7:::
$ .\hashdump.exe /samdump
$ impacket-secretsdump -just-dc-ntlm <DOMAIN>.local/Administrator:"<PASSWORD>"@<RHOST>
$ echo Administrator:500:aad3b435b51404eeaad3b435b51404ee:d9485863c1e9e06543aa40cbb4ab9dff::: | md5sum
9ec906faff027b1337f9df4955f917b9
$ sudo apt-get install encfs
$ encfsctl export <SOURCE_FOLDER> <DESTINATION_FOLDER>
$ git clone https://github.com/nccgroup/featherduster.git
$ cd featherduster
$ python setup.py install
$ hash-identifier
$ hashid -m -j '48bb6e862e54f2a795ffc4e541caed4d'
$ echo 85f3980654g59sif | md5sum
$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365
$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XY/ST=<ST>/L=<L>/O=<O>/OU=<OU>/CN=<CN>"
$ openssl passwd '<PASSWORD>'
$ openssl passwd -6 -salt xyz <PASSWORD>
$ openssl req -in <FILE>.txt -noout -text
$ openssl req -text -noout -verify -in <FILE>.req
$ openssl pkcs12 -in <PFX>.pfx -clcerts -nokeys -out <CERTIFICATE>.crt
$ openssl pkcs12 -in <PFX>.pfx -nocerts -out <KEY>.key
$ openssl pkcs12 -in <CERTIFICATE>.pfx -nocerts -out <KEY>.key
$ openssl rsa -in <KEY>.key -out <KEY>.key
$ openssl pkcs12 -in <CERTIFICATE>.pfx -clcerts -nokeys -out <CERTIFICATE>.crt
$ evil-winrm -i <RHOST> -S -k <KEY>.key -c <CERTIFICATE>.crt
sha256:<ITERATION>:<FROM_HEX_TO_BASE64_SALT>:<FROM_HEX_TO_BASE64_HASHED_PASSWORD>
$ echo "sha256:50000:$(echo <SALT> | xxd -r -p | base64):$(echo <HASHED_PASSWORD> | xxd -r -p | base64)"
https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')To_Base64('A-Za-z0-9%2B/%3D')&oeol=FF
227d873cca89103cd83a976bdac52486
In2HPMqJEDzYOpdr2sUkhg==
97907280dc24fe517c43475bd218bfad56c25d4d11037d8b6da440efd4d691adfead40330b2aa6aaf1f33621d0d73228fc16
l5BygNwk/lF8Q0db0hi/rVbCXU0RA32LbaRA79TWka3+rUAzCyqmqvHzNiHQ1zIo/BY=
sha256:50000:In2HPMqJEDzYOpdr2sUkhg==:l5BygNwk/lF8Q0db0hi/rVbCXU0RA32LbaRA79TWka3+rUAzCyqmqvHzNiHQ1zIo/BY=
$ hashcat -a 0 -m 10900 <FILE> /PATH/TO/WORDLIST/<WORDLIST>
$ sudo apt-get install putty-tools
$ puttygen my_private_key.ppk -O private-openssh -o id_rsa
import cPickle
f = open('<FILE>', 'r')
mydict = cPickle.load(f)
f.close
for i in mydict:
b=[]
for x in i:
b.append(x[0] * x[1])
print ''.join(b)
$ python
Python 2.7.18 (default, Apr 20 2020, 20:30:41)
[GCC 9.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from Crypto.PublicKey import RSA
>>> f = open("decoder.pub","r")
>>> key = RSA.importKey(f.read())
>>> print key.n
85161183100445121230463008656121855194098040675901982832345153586114585729131
>>> print key.e
65537
e = 85161183100445121230463008656121855194098040675901982832345153586114585729131
n = 65537
Use msieve
to get the prime factors which are e
if multiplied.
$ ./msieve n = 85161183100445121230463008656121855194098040675901982832345153586114585729131
p = 280651103481631199181053614640888768819
q = 303441468941236417171803802700358403049
That means: n = pq
280651103481631199181053614640888768819 * 303441468941236417171803802700358403049
https://stackoverflow.com/questions/4798654/modular-multiplicative-inverse-function-in-python
from Crypto.PublicKey import RSA
n = 85161183100445121230463008656121855194098040675901982832345153586114585729131
e = 65537
p = 280651103481631199181053614640888768819
q = 303441468941236417171803802700358403049
m = n-(p+q-1)
def egcd(a, b):
if a == 0:
return (b, 0, 1)
else:
g, y, x = egcd(b % a, a)
return (g, x - (b // a) * y, y)
def modinv(a, m):
g, x, y = egcd(a, m)
if g != 1:
raise Exception('modular inverse does not exist')
else:
return x % m
d = modinv(e, m)
key = RSA.construct((n, long(e), d, p, q))
print key.exportKey()
$ python crypto.py
-----BEGIN RSA PRIVATE KEY-----
MIGsAgEAAiEAvEeFgY9UxibHe/Mls88ARrXQ0RNetXeYj3AmLOYUmGsCAwEAAQIg
LvuiAxyjSPcwXGvmgqIrLQxWT1SAKVZwewy/gpO2bKECEQDTI2+4s2LacjlWAWZA
A2kzAhEA5Eizfe3idizLLBr0vsjD6QIRALlM92clYJOQ/csCjWeO1ssCEQDHxRNG
BVGjRsm5XBGHj1tZAhEAkJAmnUZ7ivTvKY17SIkqPQ==
-----END RSA PRIVATE KEY-----
Write it into a file named decoder.priv
$ openssl rsautl -decrypt -inkey decoder.priv < pass.crypt
$ echo -n fff34363f4d15e958f0fb9a7c2e7cc550a5672321d54b5712cd6e4fa17cd2ac8 | wc -c
64
$ echo foobar | sha256sum
aec070645fe53ee3b3763059376134f058cc337247c978add178b6ccdfb0019f -
$ echo -n aec070645fe53ee3b3763059376134f058cc337247c978add178b6ccdfb0019f | wc -c
64
$ python3
Python 3.10.6 (main, Aug 10 2022, 11:19:32) [GCC 12.1.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import hashlib
>>> password = "password123"
>>> encoded = password.encode()
>>> result = hashlib.sha256(encoded)
>>> print(result)
<sha256 _hashlib.HASH object @ 0x7f315f0a96f0>
>>> print(result.hexdigest())
ef92b778bafe771e89245b89ecbc08a44a4e166c06659911881f383d4473e94f
^ = XOE
1 ^ 1 = 0
1 ^ 0 = 1
0 ^ 1 = 1
0 ^ 0 = 0
110011 flipped with 111111 = 001100