Exploit Notes
Exploit Notes

Exploits related to Cryptography

Others

AES (Advanced Encryption Standard)
Atbash Cipher
Base32, Base64
Caesar Cipher
Camellia Cipher
Certificates
Cryptography
Fernet
GPG (GNU Privacy Guard)
HMAC
MD4, MD5
Multi-Tap Cipher
NTLM, NTLMv2 Cracking
PEM (Privacy Enhanced Mail) Cracking
PGP (Pretty Good Privacy) Cracking
PKCS (Public-Key Cryptography Standards) Cracking
Padding Oracle Attack
RAR (Roshal Archive) Cracking
RIPEMD
ROT13, ROT47
RSA (Rivest Shamir Adleman)
SHA1 Hash Collision Attack
SHA1, SHA256, SHA512 Cracking
Transposition Cipher
Vigenere Cipher

PKCS (Public-Key Cryptography Standards) Cracking

Last modified: 2022-12-01

Cryptography

PKCS are a group of public-key cryptography standards.

Decrypt

PKCS#12

First of all, you need to format the PKCS file to make the John to recognize it.

pfx2john example.pfx > hash.txt

Crack the password using the formatted text.

john --wordlist=wordlist.txt hash.txt

PBKDF2-HMAC-SHA256

PBKDF2 is part of PKCS#5 v2.0. The format is as follows:

sha256:<iteration>:<base64-salt>:<base64-password-hash>

# ex.
sha256:10000:ayZoqdmIewDpUB:Ud6aAhvpw9RqZPt/0Rd0U9uPDKLOWKnYHAS+Lm07oqDWwDLw/U74P0jXQ0nsGW9O/jc=

To create the hash based on this, run the following commands.

echo 'sha256:10000:'$(echo '<salt-string>' | base64 | cut -c 1-14)':'$(echo 'password-string' | base64) > hash.txt

Now crack the hash using Hashcat.

hashcat -m 10900 wordlist.txt hash.txt
Twitter GitHub

Tools by HDKS

Fuzzagotchi

Automatic web fuzzer.

aut0rec0n

Auto reconnaissance CLI.

Hash Cracker

Hash identifier.