RE: Re: Encoding Schemes

["Lyal Collins" <lyal.collins () key2it com au>]

Well, you have some nice bit patterns in these samples, if you think about
the input characters as hex bytes or binary, rather than ascii
E.g.
AAAAAA=C8AFBCD461F1
AAAAAB=C8AFBCD461F2
AAAABB=C8AFBCD462F2

The last character changes by 1 bit for the first 2 samples above, and so
does the output hex
The second last character changed by 1 bitfor the second 2 samples above, so
does the output hex

This leads to the 'key' at  position 6 being the common bits of  
0x41 xor 0xF1 ('A')
0x42 xor 0xF2 ('B')
So the key byte for pos 6 is something like 'B0'
Rinse and repeat for different byte positions - there are real good bit
changes in most input bytes for the samples shown below

This is assuming nothing like a password length parameter exists in the Xor
for each byte, but that becomes obvious as you look at the results. It
doesn't appear obviously so to me, however.

Lyal


-----Original Message-----
From: cisspstudy () yahoo com [mailto:cisspstudy () yahoo com] 
Sent: Thursday, 10 November 2005 7:16 AM
To: webappsec () securityfocus com
Subject: Re: Re: Encoding Schemes


I have some more results for the people on the list:

CLEARTEXT=ENCODED_TEXT

ABCDEF=C8ACBED165F6
BCDEFG=CBADB9D066F7
CDEFGH=CAAAB8D367F8
EFGHIJK=CCA8BADD69FA18
123456=B8DCCEA11586
A23456=C8DCCEA11586
B23456=CBDCCEA11586
AAAAAA=C8AFBCD461F1
AAAAA=C8AFBCD461
AAAA=C8AFBCD4
AAAAAB=C8AFBCD461F2
AAAABB=C8AFBCD462F2

I guess it is a XOR. How do I figure out the key? What is the key?

Cheers