| To: | "Jan Heisterkamp" <janheisterkamp@web.de> |
|---|---|
| Subject: | Re: pent-test a container file |
| From: | Julien <prospi@gmail.com> |
| Date: | Fri, 19 Jan 2007 11:28:50 +0100 |
| Cc: | pen-test@securityfocus.com |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=pBlkmGQlbYA8/YG5GajOCF/8RFz/NAg6NnlGTyqbBW/aYbPVLAUXHiFE4DSs3fHqba7ZFK7x2Ey94ZauAsswN4/+4VsBoQlsMgBGrt734We8sgdEgFIgbg/AsH9XqNebV0mKQfLi5hm1Dp0jYektTbUPgo7X3eyP5pUS0vBv4Aw= |
| In-reply-to: | <45AFE40A.7070605@web.de> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| References: | <45AFE40A.7070605@web.de> |
| Resent-date: | Fri, 19 Jan 2007 10:56:01 -0700 (MST) |
| Resent-from: | pen-test-return-1078483430@securityfocus.com |
| Resent-message-id: | <20070119175601.EEA9E155530@outgoing2.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
Hi, So for you, the only possible attack is to "brute force" the password interface ? I actually know that the used algo is AES... no more. The minimum password length to use is 6 characters (including numbers and special characters..) Thanks 2007/1/18, Jan Heisterkamp <janheisterkamp@web.de>: hi julien! > I've have to test the security of an encryption application. This > application create a container file to store all private data. The > tool use a private encryption type. > The only hint they gave me is that user have to submit is password to > open this container. > The aim of this test is to open the files inside this container file. I can't see the question behind this all...submit the password! You should check wich encryption they use then choice you tool or write your own and crack it. regards Jan ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Mile2 Training (Certifications), Lee Lawson |
|---|---|
| Next by Date: | Re: Automated Nmap Scans / Front End, pkc_mls |
| Previous by Thread: | RE: pent-test a container file, Jan Heisterkamp |
| Next by Thread: | Re: pent-test a container file, Jamie Riden |
| Indexes: | [Date] [Thread] [Top] [All Lists] |