0

I'm working on a school project where we are given a cipher file encrypted using openssl with AES-128 cipher and CBC mode. It is indicated that the file is encrypted with no salt and IV and has less than 16 characters in password which is appended by a number from 0-9 at the end. We are given a dictionary (words.txt) and the cipher file and I have to write a script to find the key and decrypt the content of the file.

For testing purposes, I encrypted a plaintext file using the following openssl command:

openssl enc -e -aes-128-cbc -in plain.txt -out test.txt -nosalt -pass pass:Zoroastrian6

And I am decrypting it using the following command:

openssl enc -d -aes-128-cbc -in test.txt -out test2.txt -nosalt -pass pass:Zoroastrian6

Which works fine. The password I have used for it is the last entry from the words.txt provided by my lecturer. This is what I have written so far:

#!/bin/bash

filename="words.txt"
let flag=0

while read line
do
    # Second loop to append 0-9 at the end of each line read from
    # the text file
    let count=0
    while [ $count -lt 10 ];
    do
        comm=$(openssl enc -d -aes-128-cbc -in test.txt -out test2.txt -nosalt -pass pass:$line$count 2>/dev/null)
        # If the program exits without an error, we print 
        # the password and exit the loop before setting the
        # exit flag to be checked in the first loop to break
        # out of it.
        if [ $? -eq 0 ]; then
            echo "$line$count"
            flag=1
            break
        fi
        ((count++))
    done
    # If flag is set here, it means the password was found
    # and we can exit the loop.
    if [ $flag -eq 1 ]; then
        break
    fi
    
done < "$filename"

The problem is that instead of reaching till the end of the file where the word "Zoroastrian" is located, it exits with the password "abstinent8". I don't know how to debug this as I'm new to bash scripting. Is there a way to check if openssl exited without any errors or a way to check if the decryption gave an error?

EDIT: words.txt can be found here.

Improve this question

1 Answer 1

Reset to default
3

Is there a way to check if openssl exited without any errors or a way to check if the decryption gave an error?

Yes, that's what you're doing.

Unfortunately, using the wrong key is not an error when using low level primitives like this. It just gives you the wrong plaintext.

In your case you use PKCS#5 padding (compare -nopad), so some plaintexts (~99.7%) happen to fail the padding check and cause an error, but that's nowhere near enough to ensure that the password was correct.

Professional systems use Authenticated Encryption, but for a toy example, you can e.g. check that all the characters in the message are printable, or add and check for a "Secret: " header to make the correct plaintext recognizable.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I'm sorry but what do you mean by the Secret: header?
If you encrypt the string "Secret: Hello World" instead of just "Hello World", then you can easily check if it's correctly decrypted by making sure the result starts with "Secret:".
I have been playing with the script, and I have found a weird thing. If I write anything after the part where openssl command is executed (right before the if statement), it runs once and prints "10th0" and exits. What does that mean? Google search doesn't bring up anything.
In that case, $? refers to that new command and not openssl. It succeeded so you print out the current password, which is "10th" from your dictionary and "0" from your number

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.