| #36234 posted 2018-11-15 @ 12:00 GMT |
Sharing some code today... |
Decrypt AES cipher using keys and data from offsets within files.
Copyright (C) 2017 Robert V. <email@example.com>
Software licensed under GPLv2.
Program abbreviated 'saes' as in "sliding AES".
The idea is to use a scripting language (eg. Python, Perl, Bash) to call this program which will decrypt a file at given offset using a key in another file at a given offset, and finally initialization vector (IV) from a third file at given offset depending on decryption method used.
This is useful when you want to perform "sliding window" and similar methods to attempt decryption of data incrementally while also sliding through a suspect file dump with potential key, and file containing IV.
The main reason I wrote this program in C was to get performance when testing many input files while generating several hundred thousand potentially decrypted file dumps for later analysis.
$ saes -h
saes v0.96 by modrobert in 2017
Function: AES decrypt cipher from offsets within files.
Syntax : saes -a <key size bits> -b <block mode> -c <cipher file> [-h]
[-i <iv file>] -k <key file> [-l <cbc/ctr length *>] -o <output file>
[-q] [-s <iv offset *>] -t <key offset *> [-u <cipher offset *>]
[-v <ctr counter *>]
Options : -a can be 128, 192 or 256 bits in length
-b can be 'ECB', 'CBC' and 'CTR'
-l needs to be a multiple of 16 bytes for ECB, not CTR
-q quiet flag, only errors reported
-v ctr counter for AES-CTR, prog converts to big-endian as needed
*) can be in integer decmial or hex (0x) format
Result : 0 = ok, 1 = read error, 2 = write error, 3 = arg error,
4 = cipher error.
Project home: https://github.com/modrobert/saes
Thanks goes to Paladin for giving the green light.
_____________________________ ____________ __________________ /\________
\ __________________ \ _____/____/ _ \ /_ /
/ / | l/ _/ ____) _/ _ \ \/ cREAM /
/______________l_______/ \______________\_______| \_ /________/
-+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-