Algorithm

AES (Advanced Encryption Standard)

AES-CBC Bit Flipping Attack

AES-CBC Padding Oracle Attack

AES-ECB Padding Attack

Ansible Vault Secret

Atbash Cipher

Base32, Base64

Caesar Cipher

Camellia Cipher

Certificates

Cryptography

DES (Data Encryption Standard)

Diffie-Hellman Key Exchange

ECC (Elliptic Curve Cryptography)

ECDSA (Elliptic Curve Digital Signature Algorithm)

Fernet

GPG (GNU Privacy Guard)

HMAC

KDBX Files

Kerberos TGT Cracking

Length Extension Attack

MD4, MD5

Multi-Tap Cipher

NTLM, NTLMv2

PEM (Privacy Enhanced Mail)

PGP (Pretty Good Privacy)

PKCS (Public-Key Cryptography Standards)

PowerShell Credentials

RAR (Roshal Archive)

RIPEMD

ROT13, ROT47

RPNG (Pseudo Random Number Generator) Guessing

RSA (Rivest Shamir Adleman)

SHA1 Hash Collision Attack

SHA1, SHA256, SHA512

Transposition Cipher

Vigenere Cipher

Key Derivation Function

Bcrypt

PBKDF2

Scrypt

Tool

John the Ripper

Math

Chinese Remainder Theorem

Exponentiation

GCD (Greatest Common Divisor)

Modular Congruence

Quadratic Residue

Bit Wise Operation

AND Bitwise Operations

OR Bitwise Operations

Shift Bitwise Operations

XOR Bitwise Operations

Conversion

Convert Binary to Int in Python

Convert Bytes to Hex in Python

Convert Bytes to Int in Python

Convert Bytes to Matrix in Python

Convert Bytes to String in Python

Convert Character to Binary in Python

Convert Character to Unicode in Python

Convert Hex to Bytes in Python

Convert Hex to Int in Python

Convert Int to Binary in Python

Convert Int to Bytes in Python

Convert Int to Hex in Python

Convert Int to String in Python

Convert Matrix to Bytes in Python

Convert String to Binary in Python

Convert String to Bytes in Python

Convert String to Int in Python

Convert Unicode to Character in Python

Zero Padding in Python

Ansible Vault Secret

Last modified: 2023-08-26

Cryptography

Ansible Vault can encrypt a file which includes sensitive data. However, we may be able to decrypt the file with password or by cracking hash to retrieve password.

Decryption

First check the file encrypted with Ansible Vault.

cat example.yml

# -- output --
$ANSIBLE_VAULT;1.1;AES256
62313365396662343061393464336163383764373764613633653634306231386433626436623361
6134333665353966363534333632666535333761666131620a663537646436643839616531643561
63396265333966386166373632626539326166353965363262633030333630313338646335303630
3438626666666137650a353638643435666633633964366338633066623234616432373231333331
6564

We can use ansible2john to generate the hash to make it crackable.

ansible2john example.yml > hash.txt

Then crack this hash using John The Ripper or Hashcat.

john --wordlist=wordlist.txt hash.txt
# or
hashcat -a 0 -m 16900 hash.txt wordlist.txt

After cracking and retrieving the passwrod, we can use it to decrypt the file as below.

ansible-vault decrypt example.yml --output decrypted.txt

References

https://docs.ansible.com/ansible/2.9/user_guide/vault.html#

ON THIS PAGE

Decryption