2

Cleaning up my disk space, I found an encrypted file (*.bfa), which I encrypted with Blowfish Advanced CS (Version 2.13.00.002) about 15 years ago. I still have a copy of the original version of Bfacs, which I used for that encryption and which still seem to run with actual Windows.

Not very surprising, I don't know the password for decryption anymore. I'm sure, back then I just used a normal word, lowercase, with no special characters or numbers. And I'm also sure I used Bfacs with standard configuration.

I just have experience with 'usual' IT-stuff and a little programming with c#, but not at all with hacking encrypted files. I'm sure this is quite no important file, as I didn't miss it for the last 15 years, but it makes me curios and there is always something new to learn ;-)

I read some infos about cracking tools like John the Ripper, Hashcat, Medusa and so on, but the more I read, the more I get confused, as there was no example which seem to fit my problem.

What kind of procedure or tool should I use for recovery? Where may I find some further beginner friendly information to read about this?

PasWei
  • 722
  • 3
  • 14
BEsmart
  • 21
  • 1
  • 1
    Do you know the format that Blowfish Advanced CS used for encryption? – forest Aug 05 '22 at 20:22
  • What format do you mean? The help file says, it's the standard blowfish algorithm by Bruce Schneier. – BEsmart Aug 06 '22 at 19:54
  • 1
    That's the algorithm, but you need to know how the format works. For example, does it use a KEK? How large is the salt? What about the key? How does it determine if encryption is successful? What block mode of operation does it use? Does it use HMAC for integrity or does it not use integrity? If it does, how is the HMAC key derived? And much more. – forest Aug 06 '22 at 21:01

1 Answers1

1

For a cracking tool (JtR, Hashcat...) to be able to have a go at the file, they need to have support for the specific file format that you are trying to attack (see e.g. how to crack an office document with Hashcat). Now, the very obscure tool you used isn't supported by common tools, so support for it, while likely possible, would take some programming and possibly quite a bit of it. Worst, the product isn't open source nor the format is documented, so some reverse engineering would be involved, doable but again would take some time.

Once that is done, if the password really is a dictionary word decrypting the file is a piece of cake, but you'd be down a few thousands dollars or euros (at least) in custom software development, and lots of time finding the right entity for the job.

If the program can be used on command line, it may be easier to script it to actually try to decrypt the file using each dictionary word until it succeeds.

How much is the data really worth to you? If it's not a treasure map situation, I'd say forget it. Crypto did its job.

Bruno Rohée
  • 5,221
  • 28
  • 39
  • You wouldn't need to develop custom software. You'd only need to find exactly how the raw primitives are used, and then you can block that into something like Hashcat manually. – forest Aug 11 '22 at 22:33
  • Developing a custom module for hashcat is software development. And possibly non trivial if a custom KDF is used... – Bruno Rohée Aug 11 '22 at 23:30
  • If a custom KDF is used, that could make things a little more difficult... But a custom module may not be needed. If the KDF is supported and you have a block of ciphertext and know what the plaintext is, you can use raw Blowfish support in Hashcat. – forest Aug 11 '22 at 23:32
  • Yup. But the hardest part is definitely the reverse engineering part anyway. No getting around it to know what is actually happening. – Bruno Rohée Aug 12 '22 at 07:41