8.7 Encrypted database case #1
fwrite (buf+(3+4), real_flen, 1, f);fclose (f);free (buf);
};
// run: input output 0/1 password
// 0 for encrypt, 1 for decrypt
int main(int argc, char *argv[])
{
if (argc!=5)
{
printf ("Incorrect parameters!\n");
return 1;
};
if (strcmp (argv[3], "0")==0)
crypt_file (argv[1], argv[2], argv[4]);
else
if (strcmp (argv[3], "1")==0)
decrypt_file (argv[1], argv[2], argv[4]);
else
printf ("Wrong param %s\n", argv[3]);return 0;
};
8.7 Encrypted database case #1
(Thisparthasbeenfirstappearedinmyblogat26-Aug-2015. Somediscussion:https://news.ycombinator.
com/item?id=10128684.)
8.7.1 Base64 and entropy.
I’ve got theXMLfile containing some encrypted data. Perhaps, it’s related to some orders and/or cus-
tomers information.
<?xml version = "1.0" encoding = "UTF-8"?>
yjmxhXUbhB/5MV45chPsXZWAJwIh1S0aD9lFn3XuJMSxJ3/E+UE3hsnH
0KGe/wnypFBjsy+U0C2P9fC5nDZP3XDZLMPCRaiBw9OjIk6Tu5U=
mqkXfdzvQKvEArdzh+zD9oETVGBFvcTBLs2ph1b5bYddExzp
FCx6JhIDqnESyT3HAepyE1BJ3cJd7wCk+APCRUeuNtZdpCvQ2MR/7kLXtfUHuA==
...
The file is availablehere.
This is clearly base64-encoded data, because all strings consisting of Latin characters, digits, plus (+) and
slash (/) symbols. There can be 1 or 2 padding symbols (=), but they are never occurred in the middle of
string. Keeping in mind these base64 properties, it’s very easy to recognize them.