Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 3 Sep 2021 17:41:39 +0200
Subject: brute forcing AES key


I have a string, result of encryption by an App. 
The code for encryption of this App is visible here: <>
It looks to me that the dev of this App is missing something important: he did not use a derivation fonction to create a secret key, he uses the user provided password directly as an encryption key.
So I guess it would be feasible to use a password cracker software like JtR to brute force the password / key and decrypt the string I have. 

Is that possible with JtR, if at all?


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.