[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Eudora/Trumpet encryption (stupid, solved here)



On Sat, 19 Aug 1995, Markku-Juhani Saarinen wrote:

> 
> On Wed, 16 Aug 1995, Sean A. Walberg wrote:
> 
> > I'm a crypto newbie here, but does anybody know how Trumpet Winsock 
> > and/or Eudora encrypt the passwords in their .ini files?  I am trying to 
> > write a front end for a client and would rather it set up automatically 
> > rather than the program ask.
> > 
> 
> It's not xor. It's wrap-around addition. Not much better than rot-13 :) I 
> broke it for my friend just a couple of days back, but it seems like he 
> has deleted the source I wrote at his place (crytoanalysis and writing the 
> 4-line c-source took about 20 minutes, total). Besides the key (the one 
> used in encryption of the password) may be different in different 

four line C source?  I'm impressed.  I've enclosed a bit longer C-source 
that does the same.

> versions and licences of these programs.
> 
> Here's what you'll have to do to get the built-in key:
> 
> 1. set password to 00000000, for example, and see what it encrypts into.
> 2. now substract 0x30 (ascii 0) from every character of the encrypted 
>    password. congratulations, you have the key! :)
> 
> Now you can pretty much figure out how to decrypt any password.
> 
> Note:
> Encrypted characters are in the range 32..127. First perform a logical
> and with 0x7f. If the result is smaller than 32, add 32.

Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those 
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: [email protected]       http://www.netresponse.com/zldf  
/*This was written to deal with trumpet winsock's 'encryption' by
  spitting out the ppp-username and ppp-password values.

  This was written by: Ben Samman <[email protected]>.

  The algorithm is very simple and a simple inspection of this file should
  be sufficient for most people to figure out whats going on.

  Feel free to copy this as you please, as long as you include this
  message with it.

  If you use this, please send me mail and tell me what its used
  for--I'd be somwhat curious.

  If there are any questions, feel free to mail me and ask me.

  USAGE:
  trmpbrk <base> <pass>

  Definitions:

  BASE:
  Base is a trumpwsk.ini file in which you have inputted "000000000000" into
  the ppp-username box in the File/PPP Options/Username menu in Trumpet
  Winsock.  Don't forget to rename this to something other than
  trumpwsk.ini(something like "0")

  I've included my copy of base, but every version/revision of
  Trumpet Winsock changes it, so I would recommend you do this yourself.

  PASS:
  This is the file that you want to decrypt the value for.  Most of the time
  it will be trumpwsk.ini.

  Example:

  trmpbrk 0 trumpwsk.ini

  (c)Ben Samman  <[email protected]>
  */
  
#include <stdio.h>
#include <stdlib.h>

void main(int argc, char **argv)
{
  int i;
  
  unsigned char line[256], username[256], username_2[256];
  FILE *BASE, *PASS;
  printf("TRMPBRK.EXE for finding PPP passwords from TRUMPWSK.INI\n");
  printf("By: Ben Samman <[email protected]>\n");
  printf("Copyright 1995\n");
  printf("\n\n");
  
  /*First test for number of arguments*/
  if (argc!=3)
    {
      fprintf(stderr, "Error: Too few arguments\n");
      fprintf(stderr, "Usage:\t%s <base> <password_file>\n", argv[0]);
      exit(1);
    }

  BASE=fopen(argv[1], "r");
  PASS=fopen(argv[2], "r");

  while((strncmp(fgets(line, 255, BASE), "ppp-username", 12))!=0);
  for (i=14;i<(strlen(line)-3);i++)
    {
      username[i-14]=line[i]-'0';
    }
  username[i]=0;

  while((strncmp(fgets(line, 255, PASS), "ppp-username", 12))!=0);
  for (i=14;i<(strlen(line)-3);i++)
    {
      username_2[i-14]=line[i]-username[i-14];
      username_2[i-14]=(((username_2[i-14])%128)+(96*(username_2[i-14]<32)));
    }
  
  username_2[i]=0;
  
  printf("PPP Username: %s\n", username_2);

  while((strncmp(fgets(line, 255, BASE), "ppp-password", 12))!=0);
  for (i=14;i<(strlen(line)-3);i++)
    {
      username[i-14]=line[i]-'0';
    }
  username[i]=0;

  while((strncmp(fgets(line, 255, PASS), "ppp-password", 12))!=0);
  for (i=14;i<(strlen(line)-3);i++)
    {
      username_2[i-14]=line[i]-username[i-14];
      username_2[i-14]=(((username_2[i-14])%128)+(96*(username_2[i-14]<32)));
    }
  
  username_2[i]=0;
  
  printf("PPP Password: %s\n", username_2);
}