Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: pent-test a container file

From: Julien <prospi () gmail com>
Date: Fri, 19 Jan 2007 11:28:50 +0100
Hi,

So for you, the only possible attack is to "brute force" the password
interface ?
I actually know that the used algo is AES... no more.
The minimum password length to use is 6 characters (including numbers
and special characters..)

Thanks



2007/1/18, Jan Heisterkamp <janheisterkamp () web de>:

hi julien!

> I've have to test the security of an encryption application. This
> application create a container file to store all private data. The
> tool use a private encryption type.
> The only hint they gave me is that user have to submit is password to
> open this container.
> The aim of this test is to open the files inside this container file.

I can't see the question behind this all...submit the password!

You should check wich encryption they use then choice you tool or write
your own and crack it.

regards
Jan


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: