-2

When I submit an Customer Reference ID in an Android Application it POSTs an Encrypted String to an API Endpoint.

For example, if I enter the following CR ID :

"CR-13261150"

it POSTs the following Encrypted Data:

splainText : "vpEz/Vm8Yi9v5/fzNE+MDoMIQGZ0vNvjPuX8UNAi26c="

     Count : 31

i can say count is based on Length of Customer ID,if the lenght is 11 then count is 31. (But All Valid Customer ID will have Length 11 for Sure)

Now let's assume if I submit the same CR ID in the following minute the Encrypted String Changes. But if I submit the same CR ID in the very same minute then for some reason I get the very same Encrypted String.

Please tell Me Which Encyption Method was Used and How to Decrypt it to Orginal Text.

Rohith
  • 7
  • Your second text looks like based encoded but that is not an encryption. If the actual data is encrypted then this is the end. A good encryption outputs data the is not distinguishable from random data. The only property you may be able to identify from the encrypted text if the algorithm is a block cipher or a stream cipher (based on it's length). – Robert Mar 22 '22 at 19:12
  • Does this answer your question? [How to determine what type of encoding/encryption has been used?](https://security.stackexchange.com/questions/3989/how-to-determine-what-type-of-encoding-encryption-has-been-used) – user Mar 22 '22 at 19:44
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community Mar 22 '22 at 20:28
  • Good encryption is indistinguishable from random data. – Mark Mar 23 '22 at 01:55
  • The problem isn't that the question was misunderstood, but rather that the question is off-topic here. We aren't the reverse engineering stack. – schroeder Apr 05 '22 at 19:27

2 Answers2

3

This is XOR encryption, with the key d684babf42876f1a2246973928c118f642398921e150882c4f912b

The following python script will decrypt the cyphertext:

import base64

cyphertextb64='k9Ca7yroAX8CDvhUTeA512MYqADAcakNbrAK'
keyb16='d684babf42876f1a2246973928c118f642398921e150882c4f912b'

cyphertextb16=base64.b64decode(cyphertextb64).hex()

#XOR Decryption:
plaintexthex=hex(int(cyphertextb16, 16) ^ int(keyb16, 16))  

plaintextbytes=bytes.fromhex(plaintexthex[2:])
plaintext=plaintextbytes.decode("utf-8")
print(plaintext)

This produces the decrypted plaintext, which is:

ET Phone Home!!!!!!!!!!!!!!

Edit:

In response to the question in the comment below about how I went about reverse-engineering this:

First, I did this to show that questions like this are pointless, because you can use a cipher like XOR to make any ciphertext decrypt to any plaintext you want, using a carefully chosen key.

As to how I chose the key: If you have A xor B = C then, the following is also true:

A xor C = B
C xor B = A

So, I made the given ciphertext A, and I made my wanted plaintext ('ET Phone Home!!!!!!!!!!!!!!') B, and used the first equation above to find the key, C.

This can be done using the following python script:

import base64

cyphertextb64='k9Ca7yroAX8CDvhUTeA512MYqADAcakNbrAK'
plaintext='ET Phone Home!!!!!!!!!!!!!!'
 
cyphertextb16=base64.b64decode(cyphertextb64).hex()
plaintextbytes=plaintext.encode("utf-8")
plaintextb16=plaintextbytes.hex()

#XOR:
key=hex( int(plaintextb16, 16) ^ int(cyphertextb16, 16) )

print('key:', key[2:])

Which produces:

key: d684babf42876f1a2246973928c118f642398921e150882c4f912b

Sure enough, 'decrypting' the given cyphertext by XORing it with the key above produces the wanted plaintext, as shown in the first script above.

mti2935
  • 19,868
  • 2
  • 45
  • 64
1

This is XOR encryption with the key c1bff2865e80211e71659d306d8119b5027c8871b514da7907df64

The following python script will decrypt the cyphertext:

import base64

cyphertextb64='k9Ca7yroAX8CDvhUTeA512MYqADAcakNbrAK'
keyb16='c1bff2865e80211e71659d306d8119b5027c8871b514da7907df64'

cyphertextb16=base64.b64decode(cyphertextb64).hex()

#XOR Decryption:
plaintexthex=hex(int(cyphertextb16, 16) ^ int(keyb16, 16))  

plaintextbytes=bytes.fromhex(plaintexthex[2:])
plaintext=plaintextbytes.decode("utf-8")
print(plaintext)

This produces the decrypted plaintext, which is:

`Rohith asked a bad question`
hft
  • 4,910
  • 17
  • 32