Hi outta there
i found on an old root server an runnin (unix)psybnc. in the psybnc.conf an pass
"1r0y's1''I14`P19`N"
Is it possible to decrypt it ?
Or anyone knows what a method it ist...
Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts
Decrypting Psybnc Passes
Started by
Fantafour
, Jul 28 2004 12:52 PM
9 replies to this topic
#2
ZoraX
-
- Members
-
- 149 posts
Specialist
Posted 29 July 2004 - 07:07 AM
I think passes in psybnc.conf is encrypted whit blowfish(as default) so try google for a blowfish decrypter:)
#3
Fantafour
-
- Members
-
- 61 posts
Private First Class
Posted 29 July 2004 - 01:33 PM
i didnt find any good results... can anyone help `?
#4
mortello
-
- Members
-
- 408 posts
Staff Sergeant
Posted 29 July 2004 - 02:13 PM
If my memory serves me well, blowfish isn't cracked yet.....or not public....but I may be confused with another encryption typei didnt find any good results... can anyone help `?
#5
ZoraX
-
- Members
-
- 149 posts
Specialist
Posted 08 August 2004 - 01:38 AM
Did some googleing and cant find any decrypter for it, sorry mate, cant help you to crack it...
isent there any other password files you can crack ? maybe psybnc pass and some other pass is the same?
isent there any other password files you can crack ? maybe psybnc pass and some other pass is the same?
#6 Guest_Mr_X_*
Guest_Mr_X_*
-
- Guests
Posted 08 August 2004 - 03:23 AM
Uses Psybnc sources to make a brute force password cracker. You'll find code to encode password. Then you make something that encode password and check if it's equal to the encrypted password found. Easy
#7
KuerbY
-
- Members
-
- 254 posts
Staff Sergeant
Posted 08 August 2004 - 01:49 PM
u can write your own plain-text pw in the file dont know if it helps you 
#8
mortello
-
- Members
-
- 408 posts
Staff Sergeant
Posted 08 August 2004 - 02:25 PM
Well, sounds easy, but requires alot of time, coding skills, and some brain too....all that combine and you may get something that works....chances are you won't, or it would already be public....don't you think...Uses Psybnc sources to make a brute force password cracker. You'll find code to encode password. Then you make something that encode password and check if it's equal to the encrypted password found. Easy
#9
phaeton
-
- Members
-
- 137 posts
Specialist
Posted 12 August 2004 - 11:03 AM
not really mortello, plus its not that hard, because there are other open source brute-forcers, you can write your own plugin or code for it 
check john the ripper...
check john the ripper...
#10
str8
-
- Members
-
- 1 posts
Private
Posted 20 February 2012 - 11:17 PM
+1 Mr_X
The source is your friend, just playing around a few minutes in lets say p_crypt.c....
here is a partial solution for you...... well if you have salt.h
To finish your puzzle see p_blowfish.c
// Reverse Engineered by str8
// Totally stole most code from psybnc
// Ripped out only parts needed for their crypt functions to work
// Encrypted items are returned with +{encrypted context}
// Still looking for where this goes with the ={encrypted context}
// partially finished USER1.USER.PASS decryption
// may fit into the key section <- see p_blowfish.c
//
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "salt.h"
int baselen=67;
char crybu[2000];
char ctxt[50];
char cfunc[60];
unsigned char base[]="'`0123456789abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@$=&*-#";
//int baselen=67;
unsigned char xres[3];
int cline;
// messing with strmncpy -> strncpy
#define pcontext { strncpy(ctxt,__FILE__,sizeof(ctxt));strncpy(cfunc,__FUNCTION__,sizeof(cfunc)); cline=__LINE__; }
int wrong=0;
unsigned int unhashdot(unsigned char *hash)
{
unsigned int lf=baselen;
unsigned char *pt;
unsigned int erg=0;
unsigned long ln=0;
wrong=0;
while (ln<baselen && base[ln] != hash[0]) {
ln++;
}
if (ln!=baselen) {
erg=ln * lf;
} else {
wrong=1;
}
ln=0;
while (ln<baselen && base[ln] != hash[1]) {
ln++;
}
if (ln!=baselen) {
erg=erg+ln;
} else {
wrong=1;
}
return erg;
}
/* hashing routines for string driven systems */
//***************************************************
unsigned char *hashdot(unsigned int r)
{
unsigned int cnt;
unsigned int hh=0;
unsigned int hl=0;
cnt=r;
for(;cnt>0;cnt--)
{
hl++;
if (hl==baselen) {hl=0;hh++;}
}
xres[0]=base[hh];
xres[1]=base[hl];
xres[2]=0;
return xres;
}
// some crypt func
//******************
char *psycrypt(char *st)
{
char *pte;
char *ptt;
char *pts1,*pts2;
char *pt;
char *hpt;
char hbuf[3];
int res;
int slen=0;
unsigned int zn;
unsigned int tslt1 = CODE1;
unsigned int tslt2 = CODE2;
int p1,p2,p3,p4,p5;
int erg;
int de=0;
pcontext;
memset(crybu,0x0,sizeof(crybu));
pt = crybu;
pte = pt;
ptt = st;
if (*ptt=='+') {
ptt++;
de=1;
} else {
*pte++='+';
}
pts1 = slt1 +SA1;
pts2 = slt2 +SA2;
while(*ptt!=0)
{
if (slen>1990) break;
if (tslt1>255 || tslt1 <0) tslt1=CODE1;
if (tslt2>255 || tslt2 <0) tslt2=CODE2;
if (*pts1==0) pts1=slt1;
if (*pts2==0) pts2=slt2;
res=0;
if (de) {
hbuf[0]=*ptt++;
hbuf[1]=*ptt;
hbuf[2]=0;
p1=unhashdot(hbuf);
p2=*pts1;p3=tslt1;p4=*pts2;p5=tslt2;
erg=p1-p2-p3+p4-p5;
*pte=erg;
res=erg;
} else {
p1=*ptt;p2=*pts1;p3=tslt1;p4=*pts2;p5=tslt2;
res=p1;
erg=p1+p2+p3-p4+p5;
hpt=hashdot(erg);
*pte++=hpt[0];slen++;
*pte=hpt[1];
}
tslt1--;
res=res/10;
tslt2=tslt2+res;
pte++;ptt++;pts1++;pts2++;slen=slen+1;
}
*pte=0;
return pt;
}
// encrypt char
//*********************
char *cryptit(char *tocipher)
{
if (*tocipher=='+')
return tocipher;
else
return psycrypt(tocipher);
}
// decrypt the char
//**********************
char *decryptit(char *todecipher)
{
if (todecipher[0]=='+')
return psycrypt(todecipher);
else
return todecipher;
}
// eventual main loop :S
//*****************************
int main(int argc, char** argv){
if ( argc != 3 ){
printf ("Reverse Engineered by str8\nUsage: %s string {c,d}\n", argv[0]);
exit(1);
}
if ( strcmp (argv[2],"c") ){
printf ("%s\n", decryptit(argv[1]) );
}else if ( strcmp(argv[2],"d") ){
printf ("%s\n", cryptit(argv[1]) );
}
return 0;
}
The source is your friend, just playing around a few minutes in lets say p_crypt.c....
here is a partial solution for you...... well if you have salt.h
To finish your puzzle see p_blowfish.c
// Reverse Engineered by str8
// Totally stole most code from psybnc
// Ripped out only parts needed for their crypt functions to work
// Encrypted items are returned with +{encrypted context}
// Still looking for where this goes with the ={encrypted context}
// partially finished USER1.USER.PASS decryption
// may fit into the key section <- see p_blowfish.c
//
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "salt.h"
int baselen=67;
char crybu[2000];
char ctxt[50];
char cfunc[60];
unsigned char base[]="'`0123456789abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@$=&*-#";
//int baselen=67;
unsigned char xres[3];
int cline;
// messing with strmncpy -> strncpy
#define pcontext { strncpy(ctxt,__FILE__,sizeof(ctxt));strncpy(cfunc,__FUNCTION__,sizeof(cfunc)); cline=__LINE__; }
int wrong=0;
unsigned int unhashdot(unsigned char *hash)
{
unsigned int lf=baselen;
unsigned char *pt;
unsigned int erg=0;
unsigned long ln=0;
wrong=0;
while (ln<baselen && base[ln] != hash[0]) {
ln++;
}
if (ln!=baselen) {
erg=ln * lf;
} else {
wrong=1;
}
ln=0;
while (ln<baselen && base[ln] != hash[1]) {
ln++;
}
if (ln!=baselen) {
erg=erg+ln;
} else {
wrong=1;
}
return erg;
}
/* hashing routines for string driven systems */
//***************************************************
unsigned char *hashdot(unsigned int r)
{
unsigned int cnt;
unsigned int hh=0;
unsigned int hl=0;
cnt=r;
for(;cnt>0;cnt--)
{
hl++;
if (hl==baselen) {hl=0;hh++;}
}
xres[0]=base[hh];
xres[1]=base[hl];
xres[2]=0;
return xres;
}
// some crypt func
//******************
char *psycrypt(char *st)
{
char *pte;
char *ptt;
char *pts1,*pts2;
char *pt;
char *hpt;
char hbuf[3];
int res;
int slen=0;
unsigned int zn;
unsigned int tslt1 = CODE1;
unsigned int tslt2 = CODE2;
int p1,p2,p3,p4,p5;
int erg;
int de=0;
pcontext;
memset(crybu,0x0,sizeof(crybu));
pt = crybu;
pte = pt;
ptt = st;
if (*ptt=='+') {
ptt++;
de=1;
} else {
*pte++='+';
}
pts1 = slt1 +SA1;
pts2 = slt2 +SA2;
while(*ptt!=0)
{
if (slen>1990) break;
if (tslt1>255 || tslt1 <0) tslt1=CODE1;
if (tslt2>255 || tslt2 <0) tslt2=CODE2;
if (*pts1==0) pts1=slt1;
if (*pts2==0) pts2=slt2;
res=0;
if (de) {
hbuf[0]=*ptt++;
hbuf[1]=*ptt;
hbuf[2]=0;
p1=unhashdot(hbuf);
p2=*pts1;p3=tslt1;p4=*pts2;p5=tslt2;
erg=p1-p2-p3+p4-p5;
*pte=erg;
res=erg;
} else {
p1=*ptt;p2=*pts1;p3=tslt1;p4=*pts2;p5=tslt2;
res=p1;
erg=p1+p2+p3-p4+p5;
hpt=hashdot(erg);
*pte++=hpt[0];slen++;
*pte=hpt[1];
}
tslt1--;
res=res/10;
tslt2=tslt2+res;
pte++;ptt++;pts1++;pts2++;slen=slen+1;
}
*pte=0;
return pt;
}
// encrypt char
//*********************
char *cryptit(char *tocipher)
{
if (*tocipher=='+')
return tocipher;
else
return psycrypt(tocipher);
}
// decrypt the char
//**********************
char *decryptit(char *todecipher)
{
if (todecipher[0]=='+')
return psycrypt(todecipher);
else
return todecipher;
}
// eventual main loop :S
//*****************************
int main(int argc, char** argv){
if ( argc != 3 ){
printf ("Reverse Engineered by str8\nUsage: %s string {c,d}\n", argv[0]);
exit(1);
}
if ( strcmp (argv[2],"c") ){
printf ("%s\n", decryptit(argv[1]) );
}else if ( strcmp(argv[2],"d") ){
printf ("%s\n", cryptit(argv[1]) );
}
return 0;
}
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
