Decrypt a file with known algo and password

pileofrogs has asked for the wisdom of the Perl Monks concerning the following question:

Greetings Monks!

Forgive me as I attempt, once again, to waste your time. This is more a general crypto question than a perl question, but any implementation I create will be in perl, so be merciful.

I have a password keeper program that keeps the passwords in a proprietary text file format, encrypted with AES128 and I know the password. I can open and close it with the afore-mentioned program, but I want to be able to decrypt and re-encrypt it outside of that app, so I can automate some of the tedious stuff.

I figure, if I know the password, it should be easy, right? Except, I have no idea where to start. I've googled around and all I get is pages telling me how to reset the admin password on Windows...

Anyone have any ideas?

Update:I've tried running it through gpg, but it's not in a gpg format. That's the thing. You'd think, if you know the algo and the password, it would be easy. What if the application makers put a salt on my password? What if they put the encrypted data inside a padding of their own design? There are all kind of things they could do to make it difficult for a layman like myself to decrypt, but still easy for the guys at the NSA. I'm trying to figure out how the guys at the NSA would do it.

Thanks!
--Pileofrogs

Comment on Decrypt a file with known algo and password

Replies are listed 'Best First'.
Re: Decrypt a file with known algo and password by jethro (Monsignor) on Mar 12, 2010 at 01:47 UTC
Well, you have two problems: How to decrypt and how to parse the proprietary format. How to decrypt is not that difficult. There are CPAN modules for AES, for example Crypt::OpenSSL::AES or Crypt::Rijndael, or you could look for standalone programs (gpg?) you can call from perl. Google is your friend. Parsing the proprietary format is probably more difficult, and often quite tedious. Hopefully someone else did it already	[reply]
Re: Decrypt a file with known algo and password by almut (Canon) on Mar 12, 2010 at 01:31 UTC
You could try Crypt::Rijndael, or Crypt::OpenSSL::AES.	[reply]
Re: Decrypt a file with known algo and password by spazm (Monk) on Mar 13, 2010 at 18:16 UTC
you are in a strong position, since you access to the encryption program, the password and the encryption design. That doesn't mean it will be easy. What is the software? Interesting avenues of investigation: 1) known plaintext attack: a) what does the program save if you give it a blank dataset? b) give the program one known entry, save it. Repeat from a clean slate. Do the two outfiles match? Try decoding both of the two outfiles with a third party AES128 decryption program, do the two decoded plaintexts match? c) if the decoded plaintexts above matched then we have a deterministic internal format that depends only on the input data. So now manipulate the input data and look for patterns in the output data. Use this to reverse engineer the internal format. d) can you see anything in the internal date format, any structure? Maybe it's gziped xml or a sqllite db? Anything interesting output if you run it through strings or use file for filetype hueristics? 2) Direct attack on the binary. Can you run it in a debugger? Does it still work to encode and decode? Enter your string to be encoded and watch it walk through the program, you're looking for the internal format not the encryption format at this point (assuming you were correct about the encryption format in your OP). Just some thoughts from a lazy Saturday afternoon.	[reply]


Don't ask to ask, just ask
	PerlMonks