Channel: HACK4NET 🤖 Pentest Tools and News

↧

Xortool - A Tool To Analyze Multi-byte XOR Cipher

May 1, 2017, 8:17 am

≫ Next: ARPwner - ARP & DNS Poisoning Attack Tool

≪ Previous: The best female coders belong to these 10 countries

Xortool is a python tool that allows you to analyze multi-byte xor cipher and guess the xor key (based on count of equal chars) and the key length (base on knowledge of most frequent char).

Note: Python3 is not supported, use python 2.x.

Usage:

xortool [-h|--help] [OPTIONS] [<filename>]

Options:

  -l,--key-length       length of the key (integer)


  -c,--char             most possible char (one char or hex code)


  -m,--max-keylen=32    maximum key length to probe (integer)


  -x,--hex              input is hex-encoded str


  -b,--brute-chars      brute-force all possible characters


  -o,--brute-printable  same as -b but will only use printable


                        characters for keys

Example:

# xor is xortool/xortool-xor

tests $ xor -f /bin/ls -s "secret_key"> binary_xored

tests $ xortool binary_xored

The most probable key lengths:

   2:   5.0%

   5:   8.7%

   8:   4.9%

  10:   15.4%

  12:   4.8%

  15:   8.5%

  18:   4.8%

  20:   15.1%

  25:   8.4%

  30:   14.9%

Key-length can be 5*n

Most possible char is needed to guess the key!



# 00 is the most frequent byte in binaries

tests $ xortool binary_xored -l 10 -c 00

...

1 possible key(s) of length 10:

secret_key



# decrypted ciphertexts are placed in ./xortool_out/Number_<key repr>

# ( have no better idea )

tests $ md5sum xortool_out/0_secret_key /bin/ls

29942e290876703169e1b614d0b4340a  xortool_out/0_secret_key

29942e290876703169e1b614d0b4340a  /bin/ls

The most common use is to pass just the encrypted file and the most frequent character (usually 00 for binaries and 20 for text files) - length will be automatically chosen:

tests $ xortool tool_xored -c 20

The most probable key lengths:

   2:   5.6%

   5:   7.8%

   8:   6.0%

  10:   11.7%

  12:   5.6%

  15:   7.6%

  20:   19.8%

  25:   7.8%

  28:   5.7%

  30:   11.4%

Key-length can be 5*n

1 possible key(s) of length 20:

an0ther s3cret \xdd key

Here, the key is longer than default 32 limit:

tests $ xortool ls_xored -c 00 -m 64

The most probable key lengths:

   3:   3.3%

   6:   3.3%

   9:   3.3%

  11:   7.0%

  22:   6.9%

  24:   3.3%

  27:   3.2%

  33:   18.4%

  44:   6.8%

  55:   6.7%

Key-length can be 3*n

1 possible key(s) of length 33:

really long s3cr3t k3y... PADDING

So, if automated decryption fails, you can calibrate:

(-m) max length to try longer keys.
(-l) selected length to see some interesting keys.
(-c) the most frequent char to produce right plaintext.

DOWNLOAD XORTOOL (GITHUB)

DOWNLOAD XORTOOL-0.96.ZIP

DOWNLOAD XORTOOL-0.96.TAR.GZ

↧

Trending Articles

EASY COME, EASY GO

June 10, 2012, 7:22 am

UPDATE SC IDOL: TWO BECOME ONE

July 22, 2012, 5:12 am

Pokemon para colorear

January 9, 2013, 5:59 am

Sapos para colorear

June 6, 2013, 7:16 am

Smile Quotes

July 24, 2013, 4:29 am

Patama lines and Tagalog Quotes Pinoy Sayings

January 26, 2014, 8:40 pm

Tropa Quotes

May 26, 2015, 11:06 pm

“Mali man na ikaw ay ibigin ko, akoy iibig padin sayo”

August 22, 2023, 8:17 pm

RE: Mutton Pies (frankie241)

January 6, 2011, 11:17 pm

Vimeo 10.7.0 by Vimeo.com, Inc.

March 20, 2024, 9:50 pm

FORECLOSURE OF REAL ESTATE MORTGAGE

July 8, 2012, 6:30 am

HOY PANGIT, MAGBAYAD KA!

November 25, 2012, 6:30 pm

Girasoles para colorear

December 11, 2013, 4:06 am

tagalog love Quotes – Tiwala Quotes

July 22, 2013, 4:04 pm

The business quotes | Inspirational and Motivational Quotes for you

January 24, 2014, 9:58 pm

Long Distance Relationship Tagalog Love Quotes

February 19, 2014, 1:59 am

5 Tagalog Relationship Rules

August 20, 2015, 12:26 am

Re:Mutton Pies (lleechef)

March 1, 2015, 4:30 am

Ka longiing longsem kaba skhem bad kaba khlain ka pynlong kein ia ka...

October 28, 2018, 9:42 pm

Vimeo 10.7.1 by Vimeo.com, Inc.

April 10, 2024, 9:16 am

© 2025 //www.rssing.com