Date: Fri, 3 Sep 2021 17:41:39 +0200 From: p+password@...atpro.net To: john-users@...ts.openwall.com Subject: brute forcing AES key Hello, I have a string, result of encryption by an App. The code for encryption of this App is visible here: <https://github.com/Anubis901/SafeCrypto/blob/main/lib/encryption.dart> It looks to me that the dev of this App is missing something important: he did not use a derivation fonction to create a secret key, he uses the user provided password directly as an encryption key. So I guess it would be feasible to use a password cracker software like JtR to brute force the password / key and decrypt the string I have. Is that possible with JtR, if at all? thanks patpro
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.