Assembly Language for Beginners

(Jeff_L) #1

8.7 Encrypted database case #1


fwrite (buf+(3+4), real_flen, 1, f);

fclose (f);

free (buf);
};


// run: input output 0/1 password
// 0 for encrypt, 1 for decrypt


int main(int argc, char *argv[])
{
if (argc!=5)
{
printf ("Incorrect parameters!\n");
return 1;
};


if (strcmp (argv[3], "0")==0)
crypt_file (argv[1], argv[2], argv[4]);
else
if (strcmp (argv[3], "1")==0)
decrypt_file (argv[1], argv[2], argv[4]);
else
printf ("Wrong param %s\n", argv[3]);

return 0;
};


8.7 Encrypted database case #1


(Thisparthasbeenfirstappearedinmyblogat26-Aug-2015. Somediscussion:https://news.ycombinator.
com/item?id=10128684.)


8.7.1 Base64 and entropy.


I’ve got theXMLfile containing some encrypted data. Perhaps, it’s related to some orders and/or cus-
tomers information.


<?xml version = "1.0" encoding = "UTF-8"?>




1
yjmxhXUbhB/5MV45chPsXZWAJwIh1S0aD9lFn3XuJMSxJ3/E+UE3hsnH


2
0KGe/wnypFBjsy+U0C2P9fC5nDZP3XDZLMPCRaiBw9OjIk6Tu5U=


3
mqkXfdzvQKvEArdzh+zD9oETVGBFvcTBLs2ph1b5bYddExzp


4
FCx6JhIDqnESyT3HAepyE1BJ3cJd7wCk+APCRUeuNtZdpCvQ2MR/7kLXtfUHuA==

...

The file is availablehere.


This is clearly base64-encoded data, because all strings consisting of Latin characters, digits, plus (+) and
slash (/) symbols. There can be 1 or 2 padding symbols (=), but they are never occurred in the middle of
string. Keeping in mind these base64 properties, it’s very easy to recognize them.

Free download pdf