Jump to content

problem with the function _Crypt_DecryptFile ( $sSourceFile, $sDestinationFile, $vCryptKey, $iAlgID )


Recommended Posts

Posted

I have a problem with the function _Crypt_DecryptFile ( $sSourceFile, $sDestinationFile, $vCryptKey, $iAlgID )
I encrypt an Excel file with _Crypt_Encrypt with the algorithm $CALG_AES_256 and with $vCryptKey=123
but when I launched a brute force to decrypt this file unfortunately this function Returns True even if $vCryptKey is different from 123
For example this function returns true even if $vCryptKey= 27 and 143 and 067
are there any negative holes in this function
thank you

Posted

Cross-posting on both the French and English fora is pointless. You've read my answer over there, so don't do it.

This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Posted (edited)
2 hours ago, mehdi350 said:

... excuse me I posted this problem on the French and English forums to have different solutions

@jchd has already explained in detail (French forum), why the function _Crypt_DecryptFile may return True even though an incorrect CryptKey has been passed. However, in none of these cases does this function return the original file, meaning the operation is safe.  For interested users : Here is the 'french' link :  https://www.autoitscript.fr/forum/viewtopic.php?f=3&t=15803

So if you are looking for an alternative solution, then I recommend taking a look at the UDF cryptong-udf-cryptography-api-next-gen made by @TheXman.

Additional info : A brute force operation on an AES256 encrypted file, unless the password was chosen super simple, could take some time (your lifetime for example :lol:). The use of such a simple password is strongly discouraged.

Edited by Musashi
additional info

Musashi-C64.png

"In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move."

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...