D.ChaosMS Forum
Would you like to react to this message? Create an account in a few clicks or log in to continue.

Hmph... encrypted shit.

View previous topic View next topic Go down

Sardine

Sardine

Sardine
Sardine

Posts : 1017
Points : 1231
Reputation : 15
Join date : 2011-08-11
Age : 26

Hmph... encrypted shit. Empty Hmph... encrypted shit.

Post by Sardine Sun Oct 09, 2011 9:26 pm

So, on my email server which I'm totally not bragging about, the passwords are encrypted with salted md5 and than reencrypted with a sha256 encryption....

I can't seem to be able to encrypt this on my own without cracking into the mail server software which was closed source as of v5 :< (note: they changed their encryption methods from v4 (which was open source) to salted md5 and sha256 in v5).

Back to top Go down

Lazarus_Again

Newbie

Lazarus_Again

Posts : 5
Points : 17
Reputation : 0
Join date : 2011-10-08

Hmph... encrypted shit. Empty Re: Hmph... encrypted shit.

Post by Lazarus_Again Sun Oct 09, 2011 9:31 pm

WilliNetwork wrote:So, on my email server which I'm totally not bragging about, the passwords are encrypted with salted md5 and than reencrypted with a sha256 encryption....

I can't seem to be able to encrypt this on my own without cracking into the mail server software which was closed source as of v5 :< (note: they changed their encryption methods from v4 (which was open source) to salted md5 and sha256 in v5).


This is generally done to stop people from tampering with the software.

Get ready bro, because if you want to re-encrypt that shit, you're in for a little trouble.

You're going to have to trash the current encryptions a bit to do any customizing. I would detail the steps on how to do this somewhere else, so that when you finish encrypting, you can seal that wound back up.

The hard part is getting in. Other than that, you're pretty much set. I would try to list steps, but I'm lazy, and I don't know what code you use (probably shitty Java, but maybe not).

Back to top Go down

Sardine

Sardine

Sardine
Sardine

Posts : 1017
Points : 1231
Reputation : 15
Join date : 2011-08-11
Age : 26

Hmph... encrypted shit. Empty Re: Hmph... encrypted shit.

Post by Sardine Sun Oct 09, 2011 9:35 pm

Lazarus_Again wrote:
This is generally done to stop people from tampering with the software.

Get ready bro, because if you want to re-encrypt that shit, you're in for a little trouble.

You're going to have to trash the current encryptions a bit to do any customizing. I would detail the steps on how to do this somewhere else, so that when you finish encrypting, you can seal that wound back up.

The hard part is getting in. Other than that, you're pretty much set. I would try to list steps, but I'm lazy, and I don't know what code you use (probably shitty Java, but maybe not).

Open sourcing a thing means that the developers allow tampering with the software, to allow community-driven updates.

I'm asking about how and what algorithms they use to encrypt the password, not how to crack into the software.

Back to top Go down

Lazarus_Again

Newbie

Lazarus_Again

Posts : 5
Points : 17
Reputation : 0
Join date : 2011-10-08

Hmph... encrypted shit. Empty Re: Hmph... encrypted shit.

Post by Lazarus_Again Sun Oct 09, 2011 9:38 pm

WilliNetwork wrote:
Lazarus_Again wrote:
This is generally done to stop people from tampering with the software.

Get ready bro, because if you want to re-encrypt that shit, you're in for a little trouble.

You're going to have to trash the current encryptions a bit to do any customizing. I would detail the steps on how to do this somewhere else, so that when you finish encrypting, you can seal that wound back up.

The hard part is getting in. Other than that, you're pretty much set. I would try to list steps, but I'm lazy, and I don't know what code you use (probably shitty Java, but maybe not).

Open sourcing a thing means that the developers allow tampering with the software, to allow community-driven updates.

I'm asking about how and what algorithms they use to encrypt the password, not how to crack into the software.

You said the v5 was closed-source. Maybe I misinterpreted, but whatever.

Anyway,are you re-encrypting it, or are you trying to get past the encryptions?

I thought you wanted to customize that shit with your own code, but I guess not.

I pulled this from wikipedia, about the algorithm.

"MD5 processes a variable-length message into a fixed-length output of 128 bits. The input message is broken up into chunks of 512-bit blocks (sixteen 32-bit little endian integers); the message is padded so that its length is divisible by 512. The padding works as follows: first a single bit, 1, is appended to the end of the message. This is followed by as many zeros as are required to bring the length of the message up to 64 bits fewer than a multiple of 512. The remaining bits are filled up with a 64-bit little endian integer representing the length of the original message, in bits.
The main MD5 algorithm operates on a 128-bit state, divided into four 32-bit words, denoted A, B, C and D. These are initialized to certain fixed constants. The main algorithm then operates on each 512-bit message block in turn, each block modifying the state. The processing of a message block consists of four similar stages, termed rounds; each round is composed of 16 similar operations based on a non-linear function F, modular addition, and left rotation. Figure 1 illustrates one operation within a round. There are four possible functions F; a different one is used in each round:"

I can't post the link, but this might be pretty good.

Back to top Go down

Sardine

Sardine

Sardine
Sardine

Posts : 1017
Points : 1231
Reputation : 15
Join date : 2011-08-11
Age : 26

Hmph... encrypted shit. Empty Re: Hmph... encrypted shit.

Post by Sardine Sun Oct 09, 2011 9:53 pm

Lazarus_Again wrote:
You said the v5 was closed-source. Maybe I misinterpreted, but whatever.

Anyway,are you re-encrypting it, or are you trying to get past the encryptions?

I thought you wanted to customize that shit with your own code, but I guess not.

I pulled this from wikipedia, about the algorithm.

-lolpediasnip-

I can't post the link, but this might be pretty good.

I'm not "re"-encrypting it, I'm trying to copy their encryption method. Which is, again, salted md5 --> sha256 blowfish. I have no fucking idea how you get the salt from the password, now I know you can just encrypt it into md5 from 3rd party programs. But then I'm stuck with encrypting the md5 checksum into sha256 blowfish.

Back to top Go down

Sponsored content




Hmph... encrypted shit. Empty Re: Hmph... encrypted shit.

Post by Sponsored content

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum