Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Decrypting a file


  • Please log in to reply
13 replies to this topic

#1 KamakaZ

KamakaZ

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:05:46 PM

Posted 30 March 2009 - 08:28 PM

I have a file that needs to be decrypted. Ihave a key folder that has the key in it but need a program to do it... any ideas?

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.


BC AdBot (Login to Remove)

 


#2 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:12:46 AM

Posted 30 March 2009 - 08:37 PM

I have a fish I want to catch, and I have a tackle box full of lures. Any ideas? :thumbsup:

#3 KamakaZ

KamakaZ
  • Topic Starter

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:05:46 PM

Posted 30 March 2009 - 09:21 PM

you need to go to a river, just as i need a program that will do it...

The file that is encrypted ends with .ift i have 3 other files there that end with .dsh, .dat and .lst which all have the word KEY in there filename.

If the "KEY" files are opened in notepad, through all the jargon there is "VeriSign INC" shown in plain text. The file contains a list of compatible HDD models i can use, this device is very picky and the HDD just died...

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.


#4 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:12:46 AM

Posted 30 March 2009 - 09:59 PM

I think maybe I need a pole. My point was that there is no possible way anybody can give you any sort of advice without way more information. .dsh .dat. and .lst are common extensions for data files, list files, and dashboard pda wallpaper files. In helping figure out what application generated them, they are useless. VeriSign is a corporation that issues ssl certificates, which is equally useless information. I can not find anything on Google regarding .ift extensions, so there is no help there.

For all practical purposes, if the file really is encrypted, as opposed to just encoded, the likelihood of being able to decrypt it is slim, especially if you do not know the file that created it, or uses it. It may be a Verisign license file, it might not.

#5 KamakaZ

KamakaZ
  • Topic Starter

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:05:46 PM

Posted 30 March 2009 - 10:20 PM

i also couldn't find anything on google, or anything helpful to do with VeriSign...

It is a file off a photocopier hard drive that stores what hard drive models can be used for the machine, it is installed with the system software and the copier checks the harddrive's model number, if it matches it works, otherwise it errors.

an 80GB hard drive from the manufacture is $500, so if i can get the model's out of the file, i can save myself $500...

And yes, i suppose you would need a pole too... lol

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.


#6 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:12:46 AM

Posted 30 March 2009 - 10:28 PM

Now I am lost. What are you trying to do? Decrypt an entire hard drive? I can but a 500 gig drive for about $90. I am not seeing the correlation between decrypting a file and mitigating the need to buy a hard drive.

#7 KamakaZ

KamakaZ
  • Topic Starter

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:05:46 PM

Posted 30 March 2009 - 10:47 PM

- the device only supports specific models of hard drives.
- these hard drives are listed in a "encrypted or encoded" file on the hard drive, this get placed there when you install the system software (via a connected PC).
- hard drives from the photocopier manufacture cost $500 for an 80GB.
- to avoid this cost, we are trying to find out what other hard drives are supported, which is in the file mentioned above, and get one of them instead of forking out $500.

does that make sense?

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.


#8 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:12:46 AM

Posted 30 March 2009 - 10:52 PM

Yep. What model photocopier?

#9 KamakaZ

KamakaZ
  • Topic Starter

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:05:46 PM

Posted 31 March 2009 - 05:22 PM

It's from a canon copier, the file is pretty similar across the board

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.


#10 Carpetsmoker

Carpetsmoker

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eindhoven, Netherlands
  • Local time:07:46 AM

Posted 31 March 2009 - 06:26 PM

You can try common algorithms such as AES, DES, 3DES, RSA, XOR, (Yes, unfortunately), IDEA, etc.

through all the jargon there is "VeriSign INC"


This means it is probably signed, this doesn't really say anything about the algorithm since you can use different algorithms for most protocols.

The file that is encrypted ends with .ift i have 3 other files there that end with .dsh, .dat and .lst which all have the word KEY in there filename.


Can you perhaps post these files? This might provide some information.

It's from a canon copier, the file is pretty similar across the board


Exact make&model?

Edited by Carpetsmoker, 31 March 2009 - 06:27 PM.

UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.

#11 KamakaZ

KamakaZ
  • Topic Starter

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:05:46 PM

Posted 31 March 2009 - 07:52 PM

You can try common algorithms such as AES, DES, 3DES, RSA, XOR, (Yes, unfortunately), IDEA, etc.


What program would i use to "try" those algorithms?

I don't have the files with me at the moment, i am at home, i will try to post them all though.

EDIT: Here is a link to the files http://202.45.110.174/canon

Edited by KamakaZ, 31 March 2009 - 07:57 PM.

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.


#12 Carpetsmoker

Carpetsmoker

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eindhoven, Netherlands
  • Local time:07:46 AM

Posted 31 March 2009 - 11:50 PM

You can try common algorithms such as AES, DES, 3DES, RSA, XOR, (Yes, unfortunately), IDEA, etc.


What program would i use to "try" those algorithms?


There are many, google seems to turn up a good result at the first hit:

http://www.google.com/search?client=opera&...-8&oe=utf-8
http://www.google.com/search?hl=en&cli...amp;btnG=Search

... ect.

A quick glance doesn't tell me anything, other than:

[~/decrypt]% file *
hdformat.ift: data
key.dat:	  data
key.dsh:	  DOS executable (COM)
key.lst:	  data

The .dsh seems to be an executable? Perhaps used for decrypting?
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.

#13 KamakaZ

KamakaZ
  • Topic Starter

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:05:46 PM

Posted 01 April 2009 - 04:51 PM

i tried a few things i found on the internet but none were any good...

if that key file is used to encrypt/decrypt the file, how would i use it??

What program did you use to give you that information? About what each file is?

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.


#14 Carpetsmoker

Carpetsmoker

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eindhoven, Netherlands
  • Local time:07:46 AM

Posted 01 April 2009 - 06:55 PM

I tried executing key.com (key.dsh renamed) in DOSBox, it does seem to do something, but I'm not sure what...

You can try running a disassembler on the program and see if that yields any useful information...

Other than that, it is very difficult for me to do anything, since I have no ciphertext at all ...

if that key file is used to encrypt/decrypt the file, how would i use it??


I don't know, it didn't come with a manual.

What program did you use to give you that information? About what each file is?


I used file(1), it is a command found on most UNIX-like systems, it can recognize file types based on known header, footer, data patterns.

A Windows version can be fetched from:
http://gnuwin32.sourceforge.net/packages/file.htm
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users