From: Paul Bradley <paul@fatmans.demon.co.uk>
Date: Mon, 23 Jun 1997 08:16:13 +0800
To: "Wasim Q. Malik" <wmalik@sdnpk.undp.org>
Subject: Re: Decrypting DES
In-Reply-To: <Pine.LNX.3.95.970622144439.10853D-100000@sdnpk.undp.org>
Message-ID: <Pine.LNX.3.91.970622171143.170B-100000@fatmans.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain




> *	The key has to be stored somewhere in the file, in whatever form,
> with which the entered key is compared. It could somehow be gotten hold
> of from there. Perhaps a hex editor could be used to scan the first few
> bytes of a file for the key.

No, the keys are not stored in the files in anything worth it`s salt, and 
if it is a passwd file it`ll be hashed anyway.

Depends entirely on the software, there are freely available crackers for 
files from a lot of micro$oft stuff, and some other popular programs such 
as pkzip etc... Otherwise get a good cryptgrapher to look at the 
software, run a sniffer on the network, a keygrabber on the machine, or 
give up.

For a good introduction covering much of the stuff you need try the 
sci.crypt FAQ.

        Datacomms Technologies data security
       Paul Bradley, Paul@fatmans.demon.co.uk
  Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: FC76DA85
     "Don`t forget to mount a scratch monkey"