关于Crypto_Identifier
Crypto_Identifier是一款针对渗透测试和 CTF比赛的密码学工具,该工具基于纯Python开发,可以尝试使用多种算法和分组链接模式对数据进行解密,可以帮助广大研究人员快速检查未知加密算法的秘文以及密钥字典。
功能特性
支持的加密算法
AES
ARC2
ARC4
Blowfish
CAST
DES
DES3
XOR
支持的分组链接模式
ECB
CBC
CFB
OFB
工具要求
Python 2.7/3.x
Argparse库
Crypto库
工具下载
由于该工具基于Python开发,因此我们首先需要在本地设备上安装并配置好Python环境。
接下来,广大研究人员可以使用下列命令将该项目源码克隆至本地:
git clone https://github.com/Acceis/crypto_identifier.git工具使用
python ./crypto_identifier.py --helpusage: crypto_identifier.py [-h] --input INPUT [--key KEY] [--keys KEYS][--printable] [--grep GREP][--algo {ARC4,CAST,AES,XOR,ARC2,DES,Blowfish,DES3}][--mode {ECB,CBC,CFB,OFB}]optional arguments:-h, --help 显示工具帮助信息和退出--input INPUT, -i INPUT输入字符串(Base64)--key KEY, -k KEY 密钥字符串--keys KEYS, -ks KEYS密钥文件--printable, -p 仅显示有效数据结果--grep GREP, -g GREP 在结果中grep搜索字符串--algo {ARC4,CAST,AES,XOR,ARC2,DES,Blowfish,DES3}, -a {ARC4,CAST,AES,XOR,ARC2,DES,Blowfish,DES3}要使用的密码算法--mode {ECB,CBC,CFB,OFB}, -m {ECB,CBC,CFB,OFB}要使用的分组链接模式
(向右滑动,查看更多)
工具使用样例
多密码+多模式
python ./crypto_identifier.py --input "WpbizgqtUDjD5TV5ELVswFL92ao3T41T" --key secret(向右滑动,查看更多)
输出结果:
CAST128Cipher (ECB) : secret (with IV): 'x95x12(x8d0_O8xc7xb6x1fx9bxc1xbd5xe0'CAST128Cipher (CBC) : secret (with IV): 'xcfx84xcaC:xf2x1fx00x04S*xe2xd1x08Y 'CAST128Cipher (CFB) : secret (with IV): 'x0fnFx83xd6xbex942xc4xccox11pxa7x81xd5'CAST128Cipher (OFB) : secret (with IV): 'x0fxfbxd1x01xd2Lxedx18xc1x1c5^xfdvxabxfb'AESCipher (CFB) : secret (with IV): 'x14xa9%xfdNxa3Fxbfx9b7,0@"xf6xb14Vxfb{Fxc2xcf?'ARC2 (ECB) : secret (with IV): 'xab4x8acx93 xe6xcax19xe7x15Mx7fxa7xe8'ARC2 (CBC) : secret (with IV): 'xf1xa2hxadx99x8dpxdetxfcxd2l]xcaxcb('ARC2 (CFB) : secret (with IV): 'xb8x06rxaax0fXx8cx92)x00xc0xedx0exa8x0exa7'ARC2 (OFB) : secret (with IV): 'xb87}9{xc8fxa3x99xe4xda?,x01`x11'DESCipher (ECB) : secret (with IV): 'a DES test case'DESCipher (CBC) : secret (with IV): ';xb6xa6x8bYx8d$]xb0x91x15x1aqxc6txc0'DESCipher (CFB) : secret (with IV): 'xc0x06xe6x7flxaex8bvxeexcfx8c[x88x07!x07'DESCipher (OFB) : secret (with IV): 'xc0x86ugx1fx16xd4)xff0xc3x07-x10&x80'BlowfishCipher (ECB) : secret (with IV): 'x1eBklxbex14x81x8c9*xaaxeexebW-3'BlowfishCipher (CBC) : secret (with IV): 'Dxd4x89xa2xb4xb9xd1xb4xfaxcfx9fx97xfbxe2Axf3'BlowfishCipher (CFB) : secret (with IV): 'x83xf59xea`-xfdd8KNxb0xcfYoxef'BlowfishCipher (OFB) : secret (with IV): 'x83xd1Vx01xdfxad^tkP5x94xeerxa0x9f'DES3Cipher (ECB) : secret (with IV): "<x00mlxa0xc1x84\xcfx1e,o'xbdxa1xa8"DES3Cipher (CBC) : secret (with IV): 'fx96x8fxa2xaalxd4dx0cxfbx19x167x08xcdh'DES3Cipher (CFB) : secret (with IV): 'x8exe2x04x9axaax08xedJxfd%(xa2Fx92x06xa9'DES3Cipher (OFB) : secret (with IV): 'x8eS+x18xce[xc5x0fx13xc7k8xdexbcxdaF'ARC4Cipher : secret : 'xb7xa00xd2x88tx86x9exf1.x8exa5xe3Sx99xf7xffxcaxabHxb4xbcIx0f'CAST128Cipher (ECB) : secret : 'xc7xcbyrxd4xe6xcfxa7x95x12(x8d0_O8xc7xb6x1fx9bxc1xbd5xe0'CAST128Cipher (CBC) : secret : 'xc7xcbyrxd4xe6xcfxa7xcfx84xcaC:xf2x1fx00x04S*xe2xd1x08Y 'CAST128Cipher (CFB) : secret : 'xc6xa4<xf0>xe3x1dgx0fnFx83xd6xbex942xc4xccox11pxa7x81xd5'CAST128Cipher (OFB) : secret : 'xc6x8a"?xd5#=x9931;axdaBxd0vxcbQ>6+Lxc1x9d'AESCipher (CFB) : secret : 'x14xa9%xfdNxa3Fxbfx9b7,0@"xf6xb14Vxfb{Fxc2xcf?'XORCipher : secret : ")xf3x81xbcoxd9#]xa0x97Prcxd0x0fxb27x89xaaxcfT=xe8'"ARC2 (ECB) : secret : 'x97 xb6x9bxb5Zx8axdcxab4x8acx93 xe6xcax19xe7x15Mx7fxa7xe8'ARC2 (CBC) : secret : 'x97 xb6x9bxb5Zx8axdcxf1xa2hxadx99x8dpxdetxfcxd2l]xcaxcb('ARC2 (CFB) : secret : 'Uxefx12xx0bx88x87*xb8x06rxaax0fXx8cx92)x00xc0xedx0exa8x0exa7'ARC2 (OFB) : secret : 'Urx86rxfc|2xbfxfbxb0xa2xafxbaxe0xadx8f6x9aYxd9x926x8c{'DESCipher (ECB) : secret : 'This is a DES test case'DESCipher (CBC) : secret : 'This is ;xb6xa6x8bYx8d$]xb0x91x15x1aqxc6txc0'DESCipher (CFB) : secret : '>>xd2xfdxe4xf0!yxc0x06xe6x7flxaex8bvxeexcfx8c[x88x07!x07'DESCipher (OFB) : secret : '>x1942Hx03x04xd6x9axbd2vx9bx16x19rxb0xe5&x1e(xcex0fx12'BlowfishCipher (ECB) : secret : 'xacxb6xcbzxe8xd76x91x1eBklxbex14x81x8c9*xaaxeexebW-3'BlowfishCipher (CBC) : secret : 'xacxb6xcbzxe8xd76x91Dxd4x89xa2xb4xb9xd1xb4xfaxcfx9fx97xfbxe2Axf3'BlowfishCipher (CFB) : secret : '#Xxe0rSxf0yxfex83xf59xea`-xfdd8KNxb0xcfYoxef'BlowfishCipher (OFB) : secret : '#?xa1x06Tx7fx98x19x0bx000xf3x1axa9x08.x94x8fxd1ax9cx16xe6xb1'DES3Cipher (ECB) : secret : "x90xc9xa5xd0x18)'x94<x00mlxa0xc1x84\xcfx1e,o'xbdxa1xa8"DES3Cipher (CBC) : secret : "x90xc9xa5xd0x18)'x94fx96x8fxa2xaalxd4dx0cxfbx19x167x08xcdh"DES3Cipher (CFB) : secret : 'zp-x9dxb5xe8Rx1ax8exe2x04x9axaax08xedJxfd%(xa2Fx92x06xa9'DES3Cipher (OFB) : secret : 'zxe1DYx07x17#Y6nxbfxd8x15%xbcx0f<Mx9cxa60Ix9axbe'
(向右滑动,查看更多)
多密码+多模式,仅打印有效结果
python ./crypto_identifier.py --input "WpbizgqtUDjD5TV5ELVswFL92ao3T41T" --key secret --printable(向右滑动,查看更多)
输出结果:
DESCipher (ECB) : secret (with IV): a DES test caseDESCipher (ECB) : secret : This is a DES test case
单密码+单模式
python ./crypto_identifier.py --input "WpbizgqtUDjD5TV5ELVswFL92ao3T41T" --key secret --algo DES --mode ECB(向右滑动,查看更多)
输出结果:
DESCipher (ECB) : secret (with IV): 'a DES test case'DESCipher (ECB) : secret : 'This is a DES test case'
使用字典作为密钥
python ./crypto_identifier.py --input "WpbizgqtUDjD5TV5ELVswFL92ao3T41T" --keys ./500-worst-passwords.txt --printable(向右滑动,查看更多)
输出结果:
DESCipher (ECB) : secret (with IV): a DES test caseDESCipher (ECB) : secret : This is a DES test case
许可证协议
本项目的开发与发布遵循BEER-WARE许可证协议。
项目地址
Crypto_Identifier:https://github.com/Acceis/crypto_identifier
【
原文始发于微信公众号(FreeBuf):Crypto_Identifier:一款针对渗透测试和CTF的密码学工具
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论