EvilZone

Hacking and Security => Hacking and Security => : Raavgo May 28, 2013, 02:58:03 PM

: Need help to crack a PGP encrypted file
: Raavgo May 28, 2013, 02:58:03 PM

Hello Ez,
To practice my hacking skill I am doing Hacker challenges.
The challenge I will ask you about, gave me a headache for about 3 days now.
I've been googling and thinking about it a lot.
So here it comes:

Challenge Description

Decrypt the PGP file: secretmusic.mp3.asc
Complete your task! (you will find out)

My Questions are:

• How do I decrypt a PGP file (Brute Force?, Rainbow Tables?)
• Do I need to code my own program for the decryption?

If you have some, I would love to get some good Tips.
have a nice day Raavgo

: Re: Need help to crack a PGP encrypted file
: str0be May 29, 2013, 12:19:25 PM

Is it this challenge -> https://www.hacking-lab.com/cases/7039-music-hero/index.html ?

You aren't going crack pgp itself. That leaves only the other options. I'm not a member of hacking-lab but I managed to get the tarball of the challenge. I was thinking maybe that playing a game of Music Hero with the provided music would reveal the passphrase. Instead of playing I decided to try and brute-force the score. Here's the script for interests sake:

:

#!/bin/sh

# I'm guessing this can be solved by brute-forcing the perfect score
# that you would obtain by playing the provided mp3 in a game of Music Hero.

SCORE=0
LIMIT=$1

while [ $SCORE -ne $LIMIT ]; do
    gpg --no-tty                        \
        --homedir .gnupg/               \
        --passphrase $SCORE             \
        --output secret.mp3             \
        --decrypt secretmusic.mp3.asc > /dev/null 2>&1

    if [ $? -eq 0 ]; then
        echo "KEY FOUND: $SCORE"
        exit
    fi

    SCORE=$(( $SCORE + 1 ))

    if [ $(( $SCORE % 1000 )) -eq 0 ]; then
        echo -n "$SCORE..."
    fi

done

echo "Limit reached, giving up."

After trying roughly 1.7 million scores so far, I haven't found a match. Maybe the score isn't the answer? Can you provide any more info? Also, I'm a complete noob to gpg/pgp so I could be missing something obvious with that script...

: Re: Need help to crack a PGP encrypted file
: Raavgo May 30, 2013, 04:59:17 PM

Yeah its that challenge.
I've thought about a dictionary attack or maybe a brute force attack via GPU.
I don't really have more information than the given things :(

: Re: Need help to crack a PGP encrypted file
: str0be May 30, 2013, 07:13:15 PM

I don't think blind brute-force will work. I only tried the game score because it mentioned Music Hero and provided music files you can play with. I gave up after 2 million, though.

: Re: Need help to crack a PGP encrypted file
: Raavgo May 30, 2013, 10:08:37 PM

Well thats why I thought a word list would be good but still I will keep the brute force idea in my mind maybe it is a easy password.. Who knows  ;)