News:

Who uses forums anymore?

Main Menu

Need help decrypting something.

Started by deadly7, June 12, 2005, 05:35:44 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

deadly7

Ok, I use CoreFTP to connect to my FTP accounts on my website. as anybody that uses it knows, it saves the password unless told not to. It also encrypts it (or encodes, whichever you prefer to say, they're the same thing I think). That's all fine and dandy, since I like things to be secureish. However, I lost the password to a friend's FTP account, and I kind of need it so that I can check up on her website without having to navigate some 6ish folders, and it makes updating her website easier. Here's what I need help with. The registry key that it sets is encrypted and thus I am unable to read it. I've tried to find a pattern in the encryption of letters, but so far I haven't managed to. So my question is, could someone that knows something or other about encrypting/decrypting things download CoreFTP (Windows Platform only, right now I think) and help me decrypt the password so I can write it down somewhere and don't have to change her account, thus having to re-explain to her about how to change her password (she's not computer literate).
http://www.download.com/Core-FTP-Lite/3000-2160_4-10256215.html?tag=lst-0-1
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
[17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

iago

The right word would be "encoded" or possibly "hashed".  It's probably hashed, so you're out of luck unless you want to bruteforce it. 

Reversing the hashing algorithm might be interesting, though...

Warrior

One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

iago

#3
Wait, I didn't realize it's a client.  Ok, it would be encoded, not hashed.

Why don't you just create a VB program that listens on localhost port 21, then try connecting to it?  FTP passwords are sent in 100% plaintext, so it would send
USER yourname
PASS whatever

Here is a full session, the italic stuff is what you would have to send to make it work:

iago@Slayer:~$ telnet ftp.mozilla.org 21
Trying 64.12.204.21...
Connected to ftp.mozilla.org.
Escape character is '^]'.
220-m2
220

USER anonymous
331 Please specify the password.
PASS nothing
230 Login successful.


<edit> actually, I can set this up with 1 line of Shell.  Talk to me on AIM if you're interested.

Sidoh

Quote from: Warrior on June 12, 2005, 05:58:23 PM
help me decrypt this

roirraw snwo

After several hours of work, my results:

Sawriorr Sonw

iago

Quote from: iago on June 12, 2005, 06:15:50 PM
Wait, I didn't realize it's a client.  Ok, it would be encoded, not hashed.

Why don't you just create a VB program that listens on localhost port 21, then try connecting to it?  FTP passwords are sent in 100% plaintext, so it would send
USER yourname
PASS whatever

Here is a full session, the italic stuff is what you would have to send to make it work:

iago@Slayer:~$ telnet ftp.mozilla.org 21
Trying 64.12.204.21...
Connected to ftp.mozilla.org.
Escape character is '^]'.
220-m2
220

USER anonymous
331 Please specify the password.
PASS nothing
230 Login successful.


<edit> actually, I can set this up with 1 line of Shell.  Talk to me on AIM if you're interested.

In case you need it, here's the code:

echo -ne "220 OK\n331 Please specify the password\n" | nc -vv -l -p 1234

it requires netcat (nc) to be installed, and will listen for a connection on port 1234:

Quoteiago@Slayer:~$ echo -ne "220 OK\n331 Please specify the password\n" | nc -vv -l -p 1234
listening on [any] 1234 ...
192.168.226.132: inverse host lookup failed: Unknown host
connect to [192.168.226.1] from (UNKNOWN) [192.168.226.132] 1200
USER anonymous
PASS test
sent 39, rcvd 27

deadly7

I was at el pool, sorry. iago, I don't run Slackware, remember?

If someone could help me make a program that listens to port 21, that's be awesome. I'm not a programmer.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
[17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Nate


deadly7

[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
[17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

iago

Hit me up, port 5101, I'll tell you what the pass was

(www.javaop.com)

iago


deadly7

Aye.
Topic closed.
For anybody wondering, the password was

i'm not telling you, you fucking whores
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
[17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Newby

- Newby
http://www.x86labs.org

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote from: Rule on June 30, 2008, 01:13:20 PM
Quote from: CrAz3D on June 30, 2008, 10:38:22 AM
I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Joe

[6:14:52 PM] The FTP Password Getter by Joe[x86] loaded.
[6:14:52 PM] Listening on port 21.
[6:14:55 PM] Accepted a connection on port 21.
[6:14:55 PM] Username: test
[6:14:55 PM] Password: test2

EDIT -
deadly you whore, you made me waste 50 minutes of my life to write something you didn't even need. Grr.

Poke this nigger
Quote from: Camel on June 09, 2009, 04:12:23 PMI'd personally do as Joe suggests

Quote from: AntiVirus on October 19, 2010, 02:36:52 PM
You might be right about that, Joe.


wires

You don't have a life remember?

Took you 50 minutes to program something that listens for a connection?