what algorithm i made is... (note - im using 5 step encryption over here you can add as many)
1.i accept the password and store it in a array.
2.i declare a integer array dynamically of the same size as the password and a character array of the same size.. this character array would serve as a temporary variable for storing and retrieving the password.
3.now comes the storing part...
well people have made excellent algorithms but the problem comes when the cracker decompiles the program... he though doesn't get the algorithm but with the help of jump statements is easily able to bypass the password protection or can even make out how the encryption works... for instance if you use base64 then the cracker would goto the password file and would make out or try to understand the algorithm that encryption used... its actually not a tough job to bypass password fields esp if you know dll injections and assembly language!!
coming to the point...
4. mark this whatever is the password array just use its address in the main i'll tell you the reason y... but use it in main() and now within a loop that runs the number of times the password arrays size
initiate a random() with range 5 and don't forget to use randomize() within the loop/..
so it would randomly send number from 1-5... now here is the trick..
if it sends 1 then i take the element of the password array and change its base to hex... and send 1 into the integer array....
if it sends 2 then i change base to oct and send 2 into the integer array....
if it sends 3 i perform base64 and send 3 to array
if it sends 4 i perform md5 and send 4 to array
if it sends 5 i add value 666 to the ascii of the character and send 5 to array!!
while doing this i pass the encrypted character into the temp password array!!
so in the password file i save the encrypted password and in another file i place the numbers that occured in the random()...
eg. of this is...
within the loop...
password[m] is say 'a'
random() generated 5 and i store 5 in a integer varianble x
so
temppass[m]=(char *)(password[m] + 666);
then i use randomize function to make sure 5 doesn't appear the next iteration...
i store 5 in the integer array...!!
since the program doesn't know what is the encryption algorithm decompilation won't help... atleast not to guess how encryption algorithm worked...
cracker opens a password file he gets many encryptions which is confusing for him....
now 2 ways to crack are left...
1. he decompiles the program again... now he performs bypasses the password field... using jump statements... that is why i prefered to encrypt within the main rather than a seperate function... that is why it depends on where the programmer places encryption so as to offer least jump statements...
2.he gets the various algorithm i used say he comes to know all 5 placements... now he opens the file containing numbers and decrypts it!!
so either use many encryptions well it doesn't help 100% but yes 25% it might...
or hide the file in a secure place... like for windows in the application data folder...
i don't regard it as the best algorithm... but i tried to make 2 brute force tools for it...
1st one hanged and couldn't calculate even abc password...
2nd one worked because this time i used the file with the numbers!!
i tried bypassing my own password field via dll injection and i faced failure...!!
so you all are left to judge.. infact it is simpler than the rest algorithms!!
i made it after i was able to decrypt sdes encryption algorithm... sum 2 months ago... its a master piece... try using it... as projects or whatever you want ;)
1.i accept the password and store it in a array.
2.i declare a integer array dynamically of the same size as the password and a character array of the same size.. this character array would serve as a temporary variable for storing and retrieving the password.
3.now comes the storing part...
well people have made excellent algorithms but the problem comes when the cracker decompiles the program... he though doesn't get the algorithm but with the help of jump statements is easily able to bypass the password protection or can even make out how the encryption works... for instance if you use base64 then the cracker would goto the password file and would make out or try to understand the algorithm that encryption used... its actually not a tough job to bypass password fields esp if you know dll injections and assembly language!!
coming to the point...
4. mark this whatever is the password array just use its address in the main i'll tell you the reason y... but use it in main() and now within a loop that runs the number of times the password arrays size
initiate a random() with range 5 and don't forget to use randomize() within the loop/..
so it would randomly send number from 1-5... now here is the trick..
if it sends 1 then i take the element of the password array and change its base to hex... and send 1 into the integer array....
if it sends 2 then i change base to oct and send 2 into the integer array....
if it sends 3 i perform base64 and send 3 to array
if it sends 4 i perform md5 and send 4 to array
if it sends 5 i add value 666 to the ascii of the character and send 5 to array!!
while doing this i pass the encrypted character into the temp password array!!
so in the password file i save the encrypted password and in another file i place the numbers that occured in the random()...
eg. of this is...
within the loop...
password[m] is say 'a'
random() generated 5 and i store 5 in a integer varianble x
so
temppass[m]=(char *)(password[m] + 666);
then i use randomize function to make sure 5 doesn't appear the next iteration...
i store 5 in the integer array...!!
since the program doesn't know what is the encryption algorithm decompilation won't help... atleast not to guess how encryption algorithm worked...
cracker opens a password file he gets many encryptions which is confusing for him....
now 2 ways to crack are left...
1. he decompiles the program again... now he performs bypasses the password field... using jump statements... that is why i prefered to encrypt within the main rather than a seperate function... that is why it depends on where the programmer places encryption so as to offer least jump statements...
2.he gets the various algorithm i used say he comes to know all 5 placements... now he opens the file containing numbers and decrypts it!!
so either use many encryptions well it doesn't help 100% but yes 25% it might...
or hide the file in a secure place... like for windows in the application data folder...
i don't regard it as the best algorithm... but i tried to make 2 brute force tools for it...
1st one hanged and couldn't calculate even abc password...
2nd one worked because this time i used the file with the numbers!!
i tried bypassing my own password field via dll injection and i faced failure...!!
so you all are left to judge.. infact it is simpler than the rest algorithms!!
i made it after i was able to decrypt sdes encryption algorithm... sum 2 months ago... its a master piece... try using it... as projects or whatever you want ;)
No comments:
Post a Comment