This is some data found near the end of a JPG file:
18{8uck3y3$}
! 18{b4063c521f76545d8c94e999dd63f445d8c01cfc}
# 18{U2FsdGVkX19RJjdBbDB51ok1hkFXaB91NpZNoQjbVXYlMeMTaWRTdg==}?
Other files on the site have similar blocks of data, i.e.
n{<some l33t>}! n{<hex string>}# n{<base64>}?
Where n
is constant. Some of the base64 strings (this one included) when decoded begin with Salted__
. I've read that this often means the encryption was done by "openssl enc". Not all of the base64 strings begin with this.
I am looking for suggestions on how to take my analysis further. I believe the base64 string is the encrypted string. I believe the "l33tsp34k" string is the key or very similar to the key ("buckeyes" in this example). And I believe the hex info might be a hash (but the hash sizes are not always the same length). I think if I can crack one, then the others should also crack.
Any suggestions?