This is a "CTF Challenge" (a set of online infosec challenges) and I have become stuck.
I noticed in the conversation one person asks for the other person to send the salted password file.
I wanted to grab that data so I right clicked it and copied as printable text:
Salted__ð£s¯H+^1Y®ê-ié«æ×¹½¦þFÐö}×Gþ|vÎ
At this point I think I have the salted password so I save it to file.des3.
In the conversation the dialog is as followed:
Hey, how do you decrypt this file again?
You're serious?
Yeah, I'm serious
sigh openssl des3 -d -salt -in file.des3 -out file.txt -k supersecretpassword123
So I figured this is basically telling me how to do it. So I run the same command:
rasp4@server:/ctf$ openssl des3 -d -salt -in file.des3 -out file.txt -k supersecretpassword123
The following output appears:
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
bad decrypt
139871006373184:error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length:../crypto/evp/evp_enc.c:599:
I look at the contents of file.txt and see this:
à@ %eõý#Äu´;RTÉÒ…²eèmkúì Øß”Êrâês¸qEG
I'm lost on what to do at this point. What am I supposed to do with that output? Why did I get an error from running the same command as the conversation did? My intuition is telling me something didn't copy from the data on Wireshark properly.
