Based on tooling and ideas from
And the articles it came from:
This is a NodeJS based crib dragger. This performs crib dragging attacks against ciphertext encrypted using an XOR operation with a predictable key.
These scripts can be used to cryptanalyze:
- One-Time Pad with reused key (XOR two ciphertexts together)
- Any stream cipher with reused key (XOR two ciphertexts together)
- Single character XOR
- Multiple character XOR
$ npm install
For basic xor'ing of two strings
$ npm run xor 10 11
For encrypting using nodeJS broken out of the box aes-256-ctr
$ npm run encrypt "hello"
(node:1407) Warning: Use Cipheriv for counter mode of aes-256-ctr
For encrypting and then xor'ing two strings
$ npm run xorencrypt "hello" "how are you"
(node:1748) Warning: Use Cipheriv for counter mode of aes-256-ctr
(node:1748) Warning: Use Cipheriv for counter mode of aes-256-ctr
For running cribdrag and interactively doing plain text attacks
$ npm run xorencrypt "You have walked the path of the cryptographer and you are ready for further information. Congrats...." "Your next step will be to contact to receive the next phase of the challenge."
(node:1748) Warning: Use Cipheriv for counter mode of aes-256-ctr
(node:1748) Warning: Use Cipheriv for counter mode of aes-256-ctr
$ npm run cribdrag 00000052480f131d545712180e1544571d0409001204541c4f4f054f1a1c0443175215110303491008040b0a1b4e2109094110035b430e1f45541d4513011a450f191700121d175406000a54491e0e0e0108411b0f4f1a4645630c06061e0d111d494b0064
? Please enter your crib: bitcoin
Notice that you will have output with possible drag matches such as
39: rapher *** (possible drag match)
Read through the articles posted above, but the next drag attempt would be 'cryptographer', so on so forth until the messages are broken.
$ npm run phone
npm run phone <phone number from the list below>
[ '555-555-5555',
'854-434-1345' ]
(choose a number)
$ npm run phone 876-875-8765
Found exact encrypted password match of: c9d73a845d2c82b444a0666e attempting decrypt of all phone numbers
If you have internal access to a column of encrypted phone numbers and you know that the format is 555-555-5555 as well as at least one phone number you should be able to decrypt all the other phone numbers. Getting the internal number can be as simple as
- Trying 1 or 2 known public numbers
- Insider giving you their phone number
- etc...
Runs lint, build, and test
$ npm test
Run just the unit tests
$ npm run test:unit
Remove the dest folder (clean)
$ npm run clean