Intro
In the following table, you can find a list of programs that can open files with.enc extension.This list is created by collecting extension information reported by users through the 'send report' option of FileTypesMan utility. The product name, description, and company name are taken from the version information of the.exe file.The 'Actions' list is taken from the context menu items added. Recommended software programs are sorted by OS platform (Windows, macOS, Linux, iOS, Android etc.) and possible program actions that can be done with the file: like open enc file, edit enc file, convert enc file, view enc file, play enc file etc. (if exist software for corresponding action in File-Extensions.org's database).
- Encode files to Base64 format. Select a file to upload and process, then you can download the encoded result. The maximum file size is 192MB. Destination character set for text files. Newline separator (for the 'encode each line separately' and 'split lines into chunks' functions). Encode each line separately (useful for when you have multiple.
- .know if all works ok, as this is my first crack there are a couple of small bugs which i would appreciate help on, but again please see read me file.
Use our super handy online tool to encode or decode your data. Base64 Encoding of 'crack' Simply enter your data then push the encode button. To encode binaries (like images, documents, etc.) use the file upload form a little further down on this page.
This is my write-up of a Miscellaneous challenge The Encrypted Flag on the CTF site 247CTF.com.
Instructions
We have had enough of everybody reading our flags. Since all of our cryptography implementations have been broken, we decided not to roll our own!
Howto
First step is almost always checking what the file represents:
We can see that it is an openssl encrypted data with salted password, but we have no idea which cipher and digest are used.
Simple task
As the assignment is rated as easy, We can first try with the most poular cipher (AES-256-CBC) and digest (SHA256). The cipher is by default set to AES-256-CBC in bruteforce-salted-openssl:
Lucky us!
What Is An Enc File
Complicated task
If this would be a bit more complicated and the exercise would not use the default values for cipher and digest, we would need to find them somehow.
Unfortunatly, OpenSSL is pretty good at hiding the info about underlying encryption used, so mostly we can guess.
The idea is to learn what we can and then brute force all the possible encryptions.
Lets see all the ciphers of openssl
could use to encrypt the data:
The file is multi column:
But to iterate over it in a loop if needed, we need to convert it to one cipher per line:
To achieve this, open the file with vim
, use CTRL+V
to visual select column, cut it and paste it to the end of the file. You can remove excessive trailing whitespaces by using :%s/s+$//e
.
Next we can check the byte size of the contents:
As 64 is divisible by 8, there is a great chance that the encryption uses block cipher. We can now ignore other cipher variants and delete them from the ciphers.list
file.
When we have the list we can try to brute force the encryption:
Again if luck is on our side, the password should be broken, otherwise do the similar thing to get all the digest algorithms and iterate over them too:
The iteration process and text manipulation is left for the reader :)
All we need to do now is decrypt the file with the cracked password:
Appendix
I basically got the flag right away, in the first try, but sheer volume of trash in the current working directory obfuscated the flag.txt file, so I did not see it.
Enc File Crack Windows 10
To be honest, I always seem to overextend this CTF tasks. So on this one, after false negative solution of the first try, I went full throttle in. By listing all openssl ciphers and storing them to a file, with the idea of iterating and brute forcing each one of them with rockyou.txt, I have complicated my life a bit. But on a bright side of the additional complications I have faced, now I have a solution to brute force files where cipher is unknown for my future endeavors.