Bruteforcer tool

Discussion related to AES Crypt, the file encryption software for Windows, Linux, Mac, and Java.
Post Reply
bloublou
Posts: 2
Joined: Sat Nov 02, 2019 4:12 pm

Bruteforcer tool

Post by bloublou »

Hello,

Unfortunately i have lost my password, but i have hope to find it by bruteforcing the file ! :oops:
It is only 9 charachters long, and no symbols. Only alpha-numerical (and only ascii space)

Someone have an easy solution to bruteforce it ? (tool or script w/e)

Thanks all
bloublou
Posts: 2
Joined: Sat Nov 02, 2019 4:12 pm

Re: Bruteforcer tool

Post by bloublou »

I have found and slightly edited a python script which do the job : https://pastebin.com/1kW1TidM

Just put yourself in a folder where there are :

1. your encrypted .aes file
2. the aescrypt console executable that you can fetch here https://www.aescrypt.com/download/

Inside the python script, don't forget to modify the name of your file, by default it is "filename.aes".

NB : Don't forget to modify the alphabet if you know approximatively which letters/symbols there are in your key
User avatar
paulej
Posts: 595
Joined: Sun Aug 23, 2009 7:32 pm
Location: Research Triangle Park, NC, USA
Contact:

Re: Bruteforcer tool

Post by paulej »

I have C code that will do it, but works only in Linux. It's very fast. Requirement is to have all the passwords you want to try in a file. It will then read the file and attempt each one by short-circuiting the process substantially. It doesn't require AES Crypt to be installed, as everything is in the source to do what it needs.

I don't like advertising such a tool, because I don't want people to get the impression that one can easily break the security. But, it is a good reminder that strong passwords are important.

Do you use Linux?
radium
Posts: 1
Joined: Wed Jun 30, 2021 2:35 am

Re: Bruteforcer tool

Post by radium »

Hello @paulej, I am a security student, doing MS. I have also written a C code for the same purpose. I am not sure whether it is fast. For a random 3 character password (A-Z, a-z, 0-9) it is taking around 12-20 minutes. Can you share your version of the code?
User avatar
paulej
Posts: 595
Joined: Sun Aug 23, 2009 7:32 pm
Location: Research Triangle Park, NC, USA
Contact:

Re: Bruteforcer tool

Post by paulej »

@radium,

Here ya go: http://www.aescrypt.com/download/v3/linux/aescrack.tgz

Have a look at decrypt.c, and specifically decrypt_optimized(). You can integrate that logic with the generation of passwords you're using to see if a v1 or greater file can be decrypted using the password you try. The v0 file format is different and I didn't do anything to optimize that one. What this function does is load what I call the "session block" from the AES Crypt file and then just try every password guess by running it through the hash functions to see if we can compute the correct hash.

It effectively highlights that the weakest link is the hash function used, though it is SHA-256, so not weak. Nonetheless, on my list of to-dos for the next version of AES Crypt is to strengthen this to where the keyed HMAC is computed over something not visible. Every scheme I've considered so far is weaker than I'd like, though. (Yes, I do spend time thinking of how to brute-force attack encrypted files.) Perhaps I might at least encrypt some data that must be decrypted with a key that must be fed into the HMAC to verify the integrity of the session block. At least then two different function (SHA-256 + AES) are required. I will also likely migrate to an even stronger hash (either SHA-512 or some SHA-3 variant).

I always welcome input. Sadly, I seem to get about as much criticism as constructive input. One complaint, for example, is the 8192 rounds of SHA-256. I've had people express adamantly that it's not enough and I've had other tell me it's pointless. It was suggested to have 100,000 rounds for security. I did tests. The 100,000 rounds adds a little more time, but not so much that it matters. In the worst case, I need 10 computers instead of one to do the same work. That gain is insignificant as I consider that I can fire up 100 or 1000 servers easily. What I want is several orders of magnitude in complexity, but not complexity that would burden the user. It needs to still be fast for those who have the proper key.
Post Reply