Password forensic | no password is secure

Everybody looses a password in his life. Well poop is you do, but i checked the best tools to recover multiple files that was password protected. ….. and yes my own files!

Most passwords in files used in PDF,ZIP,7Zip,Office and some more

I get some PDF and ZIP in the old standard encryption on test.

PDF: 128 bit RC4

ZIP:  2.0

Any way before we talk to much. Passware was given me a 1 month serial for the Forensic Studio to test it.  Here a nice screenshot …

passware2

My aim was to get the best tool that supports speed. So the TOP TEN of Recovery tools are

  1. Passware Forensic Studio  ~ arround 1000 $ but it has 5 clients included. Extra clients arround 100$ per client.
  2. Elcomsoft provides lots of tools we choose the Bundle included 20 clients. Price arround 5000€ !!!

So we can save cash if we wanna buy a recovery tool. Passware 1000$ + 20 clients = 3000$

So the rest of the tools comes later, first i have to explain a recovery. Don´t waste your money.

The Password

If you set a password under 6 chars it can be recovered in minutes. So for all that are sure you used just 6 chars grab some FREEWARE!

The Algo how the password is secure is needed as information. If you have a password like 12345 and hash the password with MD5 it takes a little bit longer to recover it. With a SHA-512 it takes f*ck*ng long time, you can be lucky if you can recover it with good GPU´s.

So next step is what kind of encryption is applied too?! If we talk about DES it doesnt matter, but if  AES comes into the game it is a huge differents.

For example we mix SHA512 and AES256 together its a GAME OVER for now. But outside are some weaker mixes.

You are not lost if you want to take a peek in your file, that’s why i tested some tools 🙂

Anyway…. a crypto is just math and can be recovered, but it needs more time. The solution called cluster or cloud cracking it isn’t new. You can also rent EC2 Amazon to crack things.

This setup is a hell-raiser….

Master Server: 2X Intel 16 Cores – 256GB RAM – 4X Nvidia or ATI GFX card´s. The price is arround 8000€ included HDD and stuff.

Clients: just more cores as possible… and a quad SLI Nvidia… the Ram doesnt matter.. 8-16GB.

Open the HELL DOORS use EC2 with 150 Cores and a bunch of GPU power! Ohhh the price isn’t cheap… try to get some 20-30K $ together 🙂

So don’t invest much money into a recovery tool… if you need it ok spend max. 20€/$ for it. The rest can be done by Freeware!

Continue the TOP TEN: 3. low budget application´s and 4. FREEWARE

Facts on my Rig´s local just low budget….. In 1 hour i checked 62 trillions of password´s with a brute force attack.

passware31

If you need help… use the contact button 🙂

 

Veröffentlicht unter Passwords | Verschlagwortet mit , , , , , , | Kommentare deaktiviert für Password forensic | no password is secure

Amiga Retro Scandoubler

Der Amiga ist ein paar Tage alt und ist mit den neueren Monitoren nicht mehr kompatible.

Jedoch gibt es eine gute 10×10 cm Lösung aus China, die direkt in den Amiga gebaut werden kann.

GBS8200 bereits ab 14€ erhältlich….

scandoublerDiese kleine Platine konvertiert ein RGB in ein VGA Signal mit einer Auflösung von 640×480, 800×600, 1024×768, 1360×768. Jeder Kanal kann abgeglichen werden über kleine Potis aus der Platine.

Auch YUV kann gewandelt werden. 480i, 576i, 720i, 1080i, 480p, 576p, 720p, 1080p

Nachteil kein HDMI Ausgang, dieser muss extra per Konverter erneut gewandelt werde.

Veröffentlicht unter Amiga | Verschlagwortet mit , , , , | Kommentare deaktiviert für Amiga Retro Scandoubler

Amiga Kick Switch Prototyp in Produktion

Jetzt ist es soweit, für alle Amiga Fan´s, die noch Zubehör brauchen. Der erste Prototyp des 2er KickRom Umschalter ist in Produktion. Der Preis für die Bauteile sind ca. 3€, dazu kommt noch die Platine.

 

protonnt-2

Die Schaltung basiert auf dem Chip Select Verfahren, via Kippschalter wird das jeweilige ROM ausgewählt und durch ein LED angezeigt. Das LED kann via Kabel direkt in das Oberteil des Gehäuses integriert werden.

Weitere Platinen für den Amiga sind geplant, jedoch wird es etwas Zeit kosten, diese zu verwirklichen.

nfot-1

Die Platine kann unbestückt käuflich erworben werden direkt beim PCB Manufaktur. Der Preis steht noch nicht fest. Ich schätze es wird sich so um die 18€ handeln.

Lieber 18€ wie 35€ bei Ebay gebraucht und in brüchiger alter Gammel Leiterplatte.

PS: Bin an Open Source Hardware für den Amiga interessiert….

Veröffentlicht unter Amiga | Verschlagwortet mit , , , , , | Kommentare deaktiviert für Amiga Kick Switch Prototyp in Produktion

Amiga Kick Switch for 3 Kick´s

Kickswitch11

A new Amiga Kick Rom switch 1.0 for 3 Rom´s.  More Soon….. 2 Kick Rom auto switch….

and a 2 or 3 switch with LCD……

Manufacturer Price at 100 pieces 5€

Manufacturer Price at 50  pieces  7€

Single PCB: 36€

 

 

 

Veröffentlicht unter Amiga | Verschlagwortet mit , , , , , , , , | Kommentare deaktiviert für Amiga Kick Switch for 3 Kick´s

My Amiga wake up from the dead

KS2KS13buba

GOING RETRO…..

Veröffentlicht unter Allgemein | Kommentare deaktiviert für My Amiga wake up from the dead

HDCP / DRM 2015/2016

Weak Hardware

HDCP 2.2 is cracked and bypassed by HDMI splitter´s or converters. Ten years ago the master-key for HDCP was leaked to the net. But why is it bypassed again?

Companies that sell solutions to protect the customers content are high payed and those systems cost´s a bunch of money. But the devil is in the detail. Every crypto is just a layer that prevent´s that normal people can not copy or share the content to each other. If you ask people who are interested in bypassing such protections you find out they are very creative in thinking.

A senior crypto engineer does not check every possible way or worst case scenario. He did what he get payed for and nothing more. There are multiple ways to leak critical information s out of Blueray players or Smart TV´s and more. HDCP we can find on your local computer,beamer,tv…. and set-top boxes.

A company for iptv want to have a cheap and good solution to protect the content. The problem is there is no cheap way… and here begins the problem.

If i wanna have 1 gallon of milk i have to pay the farmer fully. Both sides are happy… i got the fresh milk and he can invest for more stuff in his farm and can survive.

So a design of good hardware depends first on the engineer who did the most work, but the management want to keep the cost´s low to get more profit. The management removes good part´s of the engineers process and replace the part´s with cheap unsecure solutions.

But back to HDCP!

Every who is in digital stuff knows that a flash EEPROM can be dumped. Company´s did this fault every time to rise the profit. A „secure“ flash ic is a bit expensive then a normal one… it´s just penny´s but they calculate in masses.

Possible Attacks are:

  • Rooting your device and grab data
  • Sniff the Key on HDMI
  • Dump a flash ic to get the RSA cert´s
  • Decrypt the traffic and leak data or content

After grabbing confidential stuff:

  • decrypt the traffic at least the magic key (AES or 3DES)
  • Build your homemade solution

For example HDFury has a down converter from HDCP 2.2 to 1.4 that converts to the compromised version of HDCP. HDFury isnt th the only Manufacturer of such devices.

A Lawsuit against HDFury is on and you get the info here

killer-1

A HDCP KILLER xD

This happens if you design a system and don´t think about what you do. Those converters bypass the HDCP 2.2 by using a legal for now to make a conversion to HDCP 1.4.    A least it´s not forbidden to forget to use the 2.2 version. There is no law in the moment for that. If the use the 2.2 version and remove watermark´s or emulate the crypto it´s a big problem by the law.

I dunno about the other problems like pulling data from a non secured flash or a general IC that is not protected. But i think if is there no protection and i can use the flash ic for another thing i can pull legally the code. Modify the code is a fraud.

Anyway if a secure system alloud´s to get converted it´s not a secure system and a company sold rubbish to the customer. A strict system has not alloud to bypass ohh my mistake … i mean convert. *giggle*

Another HOME MADE PROBLEM…..

 

 

 

 

Veröffentlicht unter Weak Hardware | Verschlagwortet mit , , , , , , , | Kommentare deaktiviert für HDCP / DRM 2015/2016

Is 7Zip with AES secure?

Hi, today i wanna talk about the security of 7Zip. If you think 7 Zip is good for you then think about your security. If you wanna encrypt a file with AES you are welcome.

Till today AES is one of the strongest encryption, but be carefull what you do!

ziprart-1

7zip generates a SHA256 that has your Password inside.

Example:

$7z$0$19$0$$16$63078584706589b6606f98bb33af77cf$919

346473$16$6$3e790d4558b8876c2cb9741d5e25cac1

$7z$0$19$0$$16$8f3326e912909e81f7ae67378da68de7$31112

15484$16$11$81be1198d6adc21b6c1860330b5fc6f2

strong2

Titan

So far secure if you don’t have arround 120.000€ for a small cluster network. At least a single GPU need 10 years to crack a 7Zip hash that has 8 chars, to cut the time a Cluster and a NAS as collector can split the time to less than 5 years.

Cracking an encryption (the password or key) takes a bunch of time. Why not generate all possible keys and check them? Sure it takes lot´s of space like Petabytes… but once generated it´s faster. Same to the RSA…. generate is faster than tear down to primes.

SHA256 with 5 Chars = 16 Hours on a single GPU.

*Cracking speed of a HASH depens on your local GPU!

 

Importent is that the SHA256 is based on AES, that means if you use C as password the SHA is always Unique! Make 2 files with the same password…. you will see a different HASH! So if you use the password C often or a name like Mike or Anton it´s easyer to tear down. So the AES function is useless on 7Zip and Winrar. It´s not secure!

Grab a AES encrypter tool… that do not put your password into the archive too!

Using some kind of thoose packers with encryption is like using a known backdoor. Why using a password if it´s inside a file? Make no sense!

 

Veröffentlicht unter Allgemein | Verschlagwortet mit , , , , , | Kommentare deaktiviert für Is 7Zip with AES secure?

Counterfight Nvidia 650 TI

IMG_2627

Well made in China means mostly counteright product´s. You should never by computer part´s on Ebay or Alibaba etc!

2650

The Core is pirated by filthy few somewhere in Korea or China, even the Samsung Ram is not Samsung…. more than a bad copy of it.

What did they do?

For me it looks like the main Pcb is a faulty by manufacturing process and it´s a Geforce 2X GTX series. They have overwritten the Chip information s and the Vendor and Subvendor ID and patched all facts to Geforce 650 TI.

Even the sensor for temperature is broken.

This is how to make money with scam ware…. on multiple way…

The Seller only refunds 20-25% of the price. This is the way to make money isn’t it?

I wish that those people will get cancer or a bad accident.

 

IMG_26415

Veröffentlicht unter Counterfight | Verschlagwortet mit , , , , , , , | Kommentare deaktiviert für Counterfight Nvidia 650 TI

Gema vs Telekom

Die Gema hat mal wieder geklagt, das die Telekom die Seite Goldesel sperren soll. Seht euch das Video von Semper an und lacht euch weg.

 

@Gema wenn Sie kein Personal haben, das fähig ist solche Webseiten hops zu nehmen, stellen Sie Personal ein, das es kann.

Was SemperVideo schon sagte… VPN Service und die Sperre ist weg. Das heisst auch das die Gema nicht für 50 Cent denkt. Das würde auch bedeuten das immer mehr Webuser auf eine VPN umstellte würden und man sich alle Zähne selber zieht gegen Copyright Verstöße vor zu gehen.

Veröffentlicht unter Allgemein | Verschlagwortet mit , , | Kommentare deaktiviert für Gema vs Telekom

Text encryption for the middle east

Well so many talk´s arround cause of the IS secret messaging and the retention (logs). Does it really make sence to try to break a secret message ?

Here we got a sample encrypted message that is protected by AMN AI-Mujahed.

pw0q+zl3a4yRG0YkB+OHkLnfkRLcrahjFPNFSacnsfg6ID83gZMpojHYh+nK1IaNv61oyDtKvxPS
ZUM+KtlzZXxszMwQKBo21qn2P88gTl5hghTMO3LOu00HReDtbbmkMboaYTWgaGKuBXAQHNmRIQdp
cy7ZTFCwNBrMBKqZ/A2XUzsKqYZGYY04UedehsPjGL4DDwc4RgElSryoxBVz/6tKgZJ/ZH9YzM2G
lnmY5hh7JvSQNfCJ/UnfeOtwErCCugjfm7Pq1Eh8Kg29AhLnnYow72o+C+CC69I75JYc2OmUPPSf
JOhN9jRX7TFewnByVa7ONMvWAJR6tBKVz3btBcws3u30kXhFA5NQINwNKadpnJfOPdAz2ed1B1Md
0D0wyPfE2NhqpVa4LXcOXp5xnbFb+tQESid8q9G6p75QZ7dMn7hWbO6eh8rO4GsNcGN/IjLtJU2I
/lDT+3oM9R4claUSQ8dsd/lD9P7OXe8oxVnyslFnUT8X8zGjTKkIidYopiGfUmv7h5QEjWMYrV74
NfHQzdz+Z5bSmyRjt8L+l8VVtCgvKOelwPzDrR07Cp93iOSN9MDskKSZJbsM8tBwqOnH5ac6zcZS
terWrgKXVPaEw3/XUDDJVTHQFO8gyGCtmGo3mRNyNDcPwbTEU4CVga+6iacV+aaSRWAkWChyvkU6
kYUQcW39niAFc8XUoTe1vXYNXsgCOmCRxO88nQxl7MOfKTGXmbEQmA/iIEteNt32yGNRGOaxoqL4
NmKQDXRl8DHLEM1+WLw5sqSTf3BteML4R+ny8dhAlL9aKgVoW5Ha8fI9bNbkmhtUUCYuez+OsFUI
dMejAJJtnd3GImqlF321VVVs/eS4vCspA8HUnP5LtNoEQC9PQ7tuVBNJ+yhVZ8IKpKU/+W3KRpIM
8lyoBA1VCOOhIy1mtEeDwq45Xz1jNATwb3gth+4Zatq8WoDRLPEjXIRYRlB9w1VrbD2CWVATneVd
JZ6VX0rFPdFyRYYhUeDqqZKemxIuha9+PRodzreVmN3rbVGH0J0yY+DU3g/Tujstl2NC1FpS9pzZ
4YMWaMaGeqQv7Kb6jZNBRUkaTSFZMq8HFSlZURMqt1+eF/AwdFU2V6Xopl0Cu0C+M2nYppz30EIe
mWuiy0svY72XY0YL1Y06JUlwnnQFYpw18SQgZRvLHWxR7PuGi9qKZf7hVSPUVsdi1g3KjeMpv85o
ZZEsz33/ICdkRMI+MqHBJFdWkHZnB8ZAbxhLKzxdekoMsOh/ESy5pkTxcEoE0wf3u+PZ7JK0RRlT
6Bn13Dxuu/sIXh595A7nys/YMk6YP/vm6TuRMWnbjBHIQuPJqZACCJO3CzWqA5hXCL1RczBTXp+E
jD6ge8mA7vliILddi0kv559Uzrm22fI+Hr+mOKusl27nXTe2zWKbVrcW9aRZJsMGeuOVkt7i9hkw
Rtzn2iB9F0a85+AFilWHl4FaAWTwrmHW9FNL4B2izoFpLKt3hPM+Bnz6nCqUdGDRWeqSs6VyeS8q
eKhAyrk=

crypto1rsagen-2

This message is basically protected by the NIST standart´s. It uses RSA & AES and a signature. So who in da hell will break it? At least nobody you just can collect this messages and hope that you can get the secret keys to open it in future. So the dice is against the anti terror units. Remember how long it takes to tear down the RSA by factoring the Primes.

512bit RSA can be done in 1-2 month with a single computer. 768bit takes more than 12 month at least 2-3 years with heavy computer power and GPU´s. The Tool uses 2K and 4K RSA thats stronger then the open source GNU PG.

The second problem is the AES, we don´t need to talk about brute force it.

Veröffentlicht unter Allgemein | Verschlagwortet mit , , , , | Kommentare deaktiviert für Text encryption for the middle east