From: White Adept <adept@minerva.cis.yale.edu>
To: Markku-Juhani Saarinen <marks@evitech.fi>
Message Hash: 7ed976fe299aefdcb28e4149ef9ca2918ceef8c256bd423435939e277dfa9762
Message ID: <Pine.SOL.3.91.950827001240.28053A-200000@minerva>
Reply To: <Pine.3.89.9508191650.A25524-0100000@evitech.evitech.fi>
UTC Datetime: 1995-08-27 04:14:07 UTC
Raw Date: Sat, 26 Aug 95 21:14:07 PDT
From: White Adept <adept@minerva.cis.yale.edu>
Date: Sat, 26 Aug 95 21:14:07 PDT
To: Markku-Juhani Saarinen <marks@evitech.fi>
Subject: Re: Eudora/Trumpet encryption (stupid, solved here)
In-Reply-To: <Pine.3.89.9508191650.A25524-0100000@evitech.evitech.fi>
Message-ID: <Pine.SOL.3.91.950827001240.28053A-200000@minerva>
MIME-Version: 1.0
Content-Type: text/plain
On Sat, 19 Aug 1995, Markku-Juhani Saarinen wrote:
>
> On Wed, 16 Aug 1995, Sean A. Walberg wrote:
>
> > I'm a crypto newbie here, but does anybody know how Trumpet Winsock
> > and/or Eudora encrypt the passwords in their .ini files? I am trying to
> > write a front end for a client and would rather it set up automatically
> > rather than the program ask.
> >
>
> It's not xor. It's wrap-around addition. Not much better than rot-13 :) I
> broke it for my friend just a couple of days back, but it seems like he
> has deleted the source I wrote at his place (crytoanalysis and writing the
> 4-line c-source took about 20 minutes, total). Besides the key (the one
> used in encryption of the password) may be different in different
four line C source? I'm impressed. I've enclosed a bit longer C-source
that does the same.
> versions and licences of these programs.
>
> Here's what you'll have to do to get the built-in key:
>
> 1. set password to 00000000, for example, and see what it encrypts into.
> 2. now substract 0x30 (ascii 0) from every character of the encrypted
> password. congratulations, you have the key! :)
>
> Now you can pretty much figure out how to decrypt any password.
>
> Note:
> Encrypted characters are in the range 32..127. First perform a logical
> and with 0x7f. If the result is smaller than 32, add 32.
Ben.
____
Ben Samman..............................................samman@cs.yale.edu
I have learned silence from the talkative, toleration from the intolerant,
and kindness from the unkind; yet, strange, I am ungrateful to those
teachers.-- K. Gibran. SUPPORT THE PHIL ZIMMERMANN LEGAL DEFENSE FUND!
For information Email: zldf@clark.net http://www.netresponse.com/zldf
/*This was written to deal with trumpet winsock's 'encryption' by
spitting out the ppp-username and ppp-password values.
This was written by: Ben Samman <samman@cs.yale.edu>.
The algorithm is very simple and a simple inspection of this file should
be sufficient for most people to figure out whats going on.
Feel free to copy this as you please, as long as you include this
message with it.
If you use this, please send me mail and tell me what its used
for--I'd be somwhat curious.
If there are any questions, feel free to mail me and ask me.
USAGE:
trmpbrk <base> <pass>
Definitions:
BASE:
Base is a trumpwsk.ini file in which you have inputted "000000000000" into
the ppp-username box in the File/PPP Options/Username menu in Trumpet
Winsock. Don't forget to rename this to something other than
trumpwsk.ini(something like "0")
I've included my copy of base, but every version/revision of
Trumpet Winsock changes it, so I would recommend you do this yourself.
PASS:
This is the file that you want to decrypt the value for. Most of the time
it will be trumpwsk.ini.
Example:
trmpbrk 0 trumpwsk.ini
(c)Ben Samman <samman@cs.yale.edu>
*/
#include <stdio.h>
#include <stdlib.h>
void main(int argc, char **argv)
{
int i;
unsigned char line[256], username[256], username_2[256];
FILE *BASE, *PASS;
printf("TRMPBRK.EXE for finding PPP passwords from TRUMPWSK.INI\n");
printf("By: Ben Samman <samman@cs.yale.edu>\n");
printf("Copyright 1995\n");
printf("\n\n");
/*First test for number of arguments*/
if (argc!=3)
{
fprintf(stderr, "Error: Too few arguments\n");
fprintf(stderr, "Usage:\t%s <base> <password_file>\n", argv[0]);
exit(1);
}
BASE=fopen(argv[1], "r");
PASS=fopen(argv[2], "r");
while((strncmp(fgets(line, 255, BASE), "ppp-username", 12))!=0);
for (i=14;i<(strlen(line)-3);i++)
{
username[i-14]=line[i]-'0';
}
username[i]=0;
while((strncmp(fgets(line, 255, PASS), "ppp-username", 12))!=0);
for (i=14;i<(strlen(line)-3);i++)
{
username_2[i-14]=line[i]-username[i-14];
username_2[i-14]=(((username_2[i-14])%128)+(96*(username_2[i-14]<32)));
}
username_2[i]=0;
printf("PPP Username: %s\n", username_2);
while((strncmp(fgets(line, 255, BASE), "ppp-password", 12))!=0);
for (i=14;i<(strlen(line)-3);i++)
{
username[i-14]=line[i]-'0';
}
username[i]=0;
while((strncmp(fgets(line, 255, PASS), "ppp-password", 12))!=0);
for (i=14;i<(strlen(line)-3);i++)
{
username_2[i-14]=line[i]-username[i-14];
username_2[i-14]=(((username_2[i-14])%128)+(96*(username_2[i-14]<32)));
}
username_2[i]=0;
printf("PPP Password: %s\n", username_2);
}
Return to August 1995
Return to “White Adept <adept@minerva.cis.yale.edu>”