Cryptography & Encryption
Cryptography
Ciphers
https://www.boxentriq.com/code-breaking <-- useful site which can help identify type of cipher.
https://www.dcode.fr <-- one of the best sites I have found with many decoders for many types of ciphers.
Cyber Chef <-- very useful for chained ciphers which require different steps to solve. Can decrypt certificates.
Fernet
Fernet (symmetric encryption) - looks like base64 but decodes to garbage, in two parts. First part (32 bytes) is the key. Uses 128-bit AES in CBC mode and PKCS7 padding, with HMAC using SHA256 for authentication. IV is created from os.random()
.
Decode fernet @ https://asecuritysite.com/encryption/ferdecode <-- Will also give the IV and timestamp (could be useful!) more info about this @ https://cryptography.io/en/latest/fernet
Malbolge
Esoteric inferno encryption. Used in some CTF challenges. Malbolge programming language - text from base64 looks like random text, but complete garbage (much of it unprintable.) . Read for at https://en.wikipedia.org/wiki/Malbolge and https://www.tutorialspoint.com/execute_malbolge_online.php
BrainFuck
A programming language that uses a series of only +-.[]<>
characters.
++++++++++[>+>+++>+++++++>++++++++++<<<<-]>>>----.>++++++++++++++.-----------------.++++++++.+++++.--------.+++++++++++++++.------------------.++++++++. = BrainFuck
Decode using https://www.dcode.fr/brainfuck-language
OOK!
Uses only the word ook
paired with punctuation marks (.!?
). Shorthand leaves out ook
.
....................!?.?...?.......?...............?....................?.?.?.?.!!?!.?.?.?..................!.!.!!!!!!!!!.?.......!. = OOK!
Decode using https://www.dcode.fr/ook-language
Test for Plaintext Output from a (Python) Script
If this function is giving false positives/negatives, it can be tweaked by altering the number in the line:
0.6
has been tested as working for simple CTF usage.
Digital Certificates
X.509
https://8gwifi.org/PemParserFunctions.jsp -- extract information from various digital certificates
SSH Keys
For those interested in the details - you can see what's inside the public key file (generated as explained above), by doing this:- ```openssl rsa -noout -text -inform PEM -in key.pub -pubin or for the private key file, this:- openssl rsa -noout -text -in key.private which outputs as text on the console the actual components of the key (modulus, exponents, primes, ...)
`` extract public key from private key:
openssl rsa -in privkey.pem -pubout -out key.pub`
Encryption/Decryption
https://www.devglan.com/online-tools/aes-encryption-decryption
CyberChef: Website for encryption/decryption of many different types at same time
good cipher tools: http://rumkin.com/
one time pad: pt - ct = key
decrypt rsa private key: openssl rsautl -decrypt -inkey $key_file < $pass.crypt
($pass.crypt is hex file? encrypted contents of pub key?)
Decrypt LDAP Passwords
https://dotnetfiddle.net/2RDoWz
Decodes to: w3lc0meFr31nd
If you like this content and would like to see more, please consider buying me a coffee!
Last updated