Challenge : Sfx encrypted file, to verify it's security level
Challenge : Sfx encrypted file, to verify it's security level
Hi
I have been working on encrypt_decrypt features, and i've done an sfx creator for encrypted content.
the objective is to transfert data to others with some level of security ( not as professionnal)
Before using it, I am interrested to know how robust is it.
As i've seen some topics on crypto subjects in this forum, i wonder if it could be an interresting challenge,
so i will be happy if some of you can try to extract the content of that sfx .
i've put it on pcloud in public folder
https://my.pcloud.com/publink/show?code ... 8fSLVix7qX
thanks for your support.
I have been working on encrypt_decrypt features, and i've done an sfx creator for encrypted content.
the objective is to transfert data to others with some level of security ( not as professionnal)
Before using it, I am interrested to know how robust is it.
As i've seen some topics on crypto subjects in this forum, i wonder if it could be an interresting challenge,
so i will be happy if some of you can try to extract the content of that sfx .
i've put it on pcloud in public folder
https://my.pcloud.com/publink/show?code ... 8fSLVix7qX
thanks for your support.
-
- Posts: 2958
- Joined: Jun 02, 2015 16:24
Re: Challenge : Sfx encrypted file, to verify it's security level
Hi Marpon,
could you tell the peasant what is a "sfx". Does it have to be an EXE?
Thank you
could you tell the peasant what is a "sfx". Does it have to be an EXE?
Thank you
Re: Challenge : Sfx encrypted file, to verify it's security level
yes sfx is the designation you can see on rar or other archivers
SFX for self extraction file, it has to be an executable, with embedded data.
SFX for self extraction file, it has to be an executable, with embedded data.
-
- Posts: 2958
- Joined: Jun 02, 2015 16:24
Re: Challenge : Sfx encrypted file, to verify it's security level
What I would try then is something like Uni-install (I may have forgotten the name /edit see below). You know the stuff that tries to decrypt self-installers.marpon wrote:yes sfx is the designation you can see on rar or other archivers
SFX for self extraction file, it has to be an executable, with embedded data.
But by hand, what can one do? Seems very hard.
https://portableapps.com/node/34460 -> universal extractor
seems the code is avaiable here: https://github.com/Bioruebe/UniExtract2
Re: Challenge : Sfx encrypted file, to verify it's security level
I know uniextract, i've used it for several years...
it use the archivers uncompress dll, or exe to uncompress files, it looks at the known signature of the compressed file to select the right tool to use.
Do not expect it will work for the challenge file, my objective is not to spray the info but to restrict it.
it use the archivers uncompress dll, or exe to uncompress files, it looks at the known signature of the compressed file to select the right tool to use.
Do not expect it will work for the challenge file, my objective is not to spray the info but to restrict it.
-
- Posts: 2958
- Joined: Jun 02, 2015 16:24
Re: Challenge : Sfx encrypted file, to verify it's security level
Of course.marpon wrote: Do not expect it will work for the challenge file, my objective is not to spray the info but to restrict it.
After all we have full access to the exe, so it's more a job for a decompiler. I had one very good in the past with which I was looking at how to win the videogames :) But right now I can't remember anything (I think it was a limited version of IDA pro, an incredible tool anyway), and it was not a totally free software. Ok, let's see if someone will crack your code then.
Re: Challenge : Sfx encrypted file, to verify it's security level
Well marpon, I'm out!
sfx_challenge.exe went straight to quarantine, and on this system it is a one way ticket.(Like a black hole in the centre of Win 10)
sfx_challenge.exe went straight to quarantine, and on this system it is a one way ticket.(Like a black hole in the centre of Win 10)
-
- Site Admin
- Posts: 6323
- Joined: Jul 05, 2005 17:32
- Location: Manchester, Lancs
Re: Challenge : Sfx encrypted file, to verify it's security level
As far as I know, there are no cryptographers or reverse engineering experts on the forum..
Compiled source code is a powerful obfuscation barrier, but an expert would probably be able to estimate a reasonable timeframe for cracking that step.
If you truly want to know how secure it is, share the algorithm with someone you trust, see if they can find any flaws.
Otherwise, if it's not a really trivial method (e.g. ROT13 transformation, BASE64 encoding), most people will quickly run out of patience, and it will never be cracked unless the NSA take an interest, or you try and use it as a method of DRM copy protection.
Compiled source code is a powerful obfuscation barrier, but an expert would probably be able to estimate a reasonable timeframe for cracking that step.
If you truly want to know how secure it is, share the algorithm with someone you trust, see if they can find any flaws.
Otherwise, if it's not a really trivial method (e.g. ROT13 transformation, BASE64 encoding), most people will quickly run out of patience, and it will never be cracked unless the NSA take an interest, or you try and use it as a method of DRM copy protection.
-
- Posts: 2958
- Joined: Jun 02, 2015 16:24
Re: Challenge : Sfx encrypted file, to verify it's security level
Just in case, and because it can help the author to watch at its own executable from an interesting perspective, I put this link to a decompiler suggested by srvaldez a few week ago. And tbis one is free.
viewtopic.php?f=3&t=27495
(seems developed by the nsa? didn't go too deep in this to tell...)
viewtopic.php?f=3&t=27495
(seems developed by the nsa? didn't go too deep in this to tell...)
Re: Challenge : Sfx encrypted file, to verify it's security level
Thank's all for your remarks
@Tourist Trap
I will avoid to download exe from that kind of organisation, i do not want to give total access to my pc...
@counting_pine
it's what i bet, put enougth difficulties for the people versus interrest
as i said it is for 'private' usage not commercial.
what i do not like is to use the well known zip, rar... tools, i'm sure their protection features have already been decoded by some organisation
@dodicat
sorry, but i'm interrested on what kind of anti-virus you are using.
i've been submitting the exe to VirusTotal, and only 3 on 71 got false positive detection
@Tourist Trap
I will avoid to download exe from that kind of organisation, i do not want to give total access to my pc...
@counting_pine
it's what i bet, put enougth difficulties for the people versus interrest
as i said it is for 'private' usage not commercial.
what i do not like is to use the well known zip, rar... tools, i'm sure their protection features have already been decoded by some organisation
@dodicat
sorry, but i'm interrested on what kind of anti-virus you are using.
i've been submitting the exe to VirusTotal, and only 3 on 71 got false positive detection