-3

I am debugging a TCP connection, which returned multiple values such as:

+†Ä˜Õõıû

and

    'G1÷ù]TB*ø5£"ñB—£s∏f
'1÷ù]

What I am trying to find out, is how is this encrypted, and find a way to decrypt it.

Coder
  • 95
  • 2
  • @SteffenUllrich good point, however the answers there do not apply for mine. – Coder Nov 01 '19 at 14:23
  • 3
    @Coder: it is likely impossible to determine exactly what happens in your case based on the information so far. There is not sufficient context given ("TCP" is not enough), it is not even clear if you show the payload or if TCP and IP headers are included and there are likely not enough data. Apart from that you print binary data as strings which results in lot of information loss. The answers in the other question don't help you because likely nothing will help with the information currently presented. – Steffen Ullrich Nov 01 '19 at 14:29
  • @SteffenUllrich so there is no way, to identify what encryption was applied for this: `'G1÷ù]TB*ø5£"ñB—£s∏f '1÷ù]` – Coder Nov 01 '19 at 14:35
  • 2
    @Coder we don't even know if it is encryption. You are giving us much less information than the one you have, as noted by Steffen. – Ángel Nov 01 '19 at 14:46
  • @Coder What are actually providing is some text that doesn't make sense and ask how to decrypt it. This is actually impossible to happen and it's like asking to break an OTP as large as the message encrypted without knowing anything else... – game0ver Nov 01 '19 at 15:45
  • "is there a product/service that does X?" is off-topic. As a side note, if there was such a service, it would require a *lot* more text than what you've provided. – schroeder Nov 01 '19 at 16:31
  • I also find it strange that you included a lot more detail about the application in your cross-posted question on SO. – schroeder Nov 01 '19 at 16:33

1 Answers1

0

If something is properly encrypted, then it should be impossible to distinguish what algorithm was used based on ciphertext only.

It is possible that ancillary evidence such as the port and protocol being used, some sort of metadata specific to the application that is plaintext, or some other type of information could be used to surmise the encryption type based on the default behavior of the identified application.