0

I am trying to decrypt aes-256-ecb encoded password using OpenSSL with the following (captured during a ctf only) informations:

##PASS_16##
oRnS7llE9q3utIvyP1rbK4OPVDjOPdEss36jsgu/Yvfh9yx0qR530oV8eLH9fxw2
AES-ECB-256
Key : thisIsTheSharedKeyIShouldKeepOK!

From what I gathered I understood that :

  • ecb mode doesn't have an IV to be specified
  • the ciphertext is base64 encoded so need to decide it before decryption
  • as my key is long enough, it doesn't need padding

decoded_cipher.txt contains the result of the following command :

echo "oRnS7llE9q3utIvyP1rbK4OPVDjOPdEss36jsgu/Yvfh9yx0qR530oV8eLH9fxw2" | base64 -d > decoded_cipher.txt

key.txt :

thisIsTheSharedKeyIShouldKeepOK!

hex_key.txt

7468697349735468655368617265644b65794953686f756c644b6565704f4b21

this openssl command :

openssl enc -aes-256-ecb -d -in decoded_cipher.txt -out decrypted.txt -K 7468697349735468655368617265644b65794953686f756c644b6565704f4b21 -nopad

gives me this error :

bad decrypt 40678142ED7F0000:error:1C80006B:Provider routines:ossl_cipher_generic_block_final:wrong final block length:../providers/implementations/ciphers/ciphercommon.c:429:

The final result should follow the following pattern : PASS_16{alphanumerical_message}) or alphanumerical_message

Does someone have an idea on how to decipher this encrypted message properly ?

Ekel
  • 33
  • 5
  • Don't encrypt passwords. Hash them. See [tag:password-encryption] for why. – user207421 May 02 '23 at 10:55
  • @user207421 what do you mean "_Don't encrypt passwords_" ??? I am trying to **decrypt** the message, not encrypt it. – Ekel May 02 '23 at 12:53
  • 1
    Your openssl enc command worked just fine for me without error (although it didn't result in the expected format) – Matt Caswell May 02 '23 at 12:59
  • 1
    Check that decoded_cipher.txt is the expected length. It should be exactly 48 bytes. That error can occur with ciphers where the ciphertext length is not a multiple of the block size (16) – Matt Caswell May 02 '23 at 13:03
  • @MattCaswell I juste checked decoded_cipher.txt's size and it's exactly 48 bytes. – Ekel May 02 '23 at 13:53
  • @MattCaswell I don't know what I did wrong but you're right, the openssl enc work just fine, same as you. But it didn't decrypt the message. Do you have any idea what should I do next ? – Ekel May 02 '23 at 14:02
  • 1
    Figure out why the key is wrong (and/or wrong cipher is being used) – Matt Caswell May 02 '23 at 16:11
  • that is exactly why I came to ask for help on stackoverflow. Thanks @MattCaswell – Ekel May 02 '23 at 18:13

0 Answers0