[OWASP-Delhi] Brute-force file decryptioin

reuben kurien reubengkurien at gmail.com
Wed Feb 10 07:31:34 UTC 2016


Hi Folks,

I've come to face the difficult (or impossible) task of decrypting a file
encrypted using AES-256. Was wondering if any of you would have some
helpful suggestions to impart.

It's a windows-based software (SafeGuard Portable from Sophos). It asks for
a password for file decryption. Unfortunately, the owner of the files has
misplaced the password and has contacted me for help. I've informed him of
the sheer difficulty in computing the possibilities (32 char passphrase)
and my lack of expertise in the same. Also, I do not have access to any
specialised hardware for super fast computing. So the only sane option for
me is to brute force it using an intelligent dictionary- created from
permutations and combinations of all strings that the person considers as
valid candidates for the password.

Now, the question is whether there are tools that allow me to generate the
intelligent dictionary (created as mentioned above), submit entries in it
to the windows software one by one (no command line options or APIs
available for this software as per my research) and can recognise it if a
successful decryption happens. Please suggest any practical solution and
correct me if my approach is wrong.

Thanks & Regards,
Reuben Kurien
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-delhi/attachments/20160210/fe1add5c/attachment.html>


More information about the OWASP-Delhi mailing list