HackDig : Dig high-quality web security articles for hacker

SmarterMail Password Decryption Updates

2016-05-24 21:50

Greetings and salutations!

One of my faithful readers reminded me that one of my old programs I wrote no longer works. This is due to SmarterMail updating their source code and me not updating enough.

So to fix this, I have come up with a half-ass solution.

For those wondering how to decrypt SmarterMail hashes, here’s how: It’s DES encryption with a 14 character key and 4 byte initialization vector.

I started to write a project for decryption, but I never quite finished. Here’s what I put together:

The main part of the code is this:

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using System.Xml;
using System.Security.Cryptography;
using System.Globalization;
using System.IO;

namespace SmarterMail_Password_Decryptor_v2
    public partial class Form1 : Form
        public static string PasswordKey = "03a8ur98qhfa9h";

        public Form1()

        private void BtnDecrypt_Click(object sender, EventArgs e)
            string hashval = tbHash.Text;
            label2.Text = "";

            if (hashval == "")
                label2.Text = "Error, missing pass hash, try again!";
            byte[] bytepass = Convert.FromBase64String(tbHash.Text);
            File.WriteAllBytes("temp.wut", bytepass);
            DecryptFile("temp.wut", "temp.huh", PasswordKey);
           // string password = CryptographyHelper.DecodeFromBase64(0, PasswordKey, hashval);
            //label2.Text = "Pass is " + password;

        static void DecryptFile(string sInputFilename, string sOutputFilename, string sKey)
            byte[] my_IV = new byte[]
            DESCryptoServiceProvider DES = new DESCryptoServiceProvider();

            DES.Key = UnicodeEncoding.ASCII.GetBytes(sKey);
            DES.IV = my_IV;
            DES.Mode = CipherMode.CFB;
            DES.Padding = PaddingMode.ISO10126;
            FileStream fsread = new FileStream(sInputFilename, FileMode.Open, FileAccess.Read);
            ICryptoTransform desdecrypt = DES.CreateDecryptor();
            CryptoStream cryptostreamDecr = new CryptoStream(fsread, desdecrypt, CryptoStreamMode.Read);
            FileStream fsDecrypted = new FileStream(sOutputFilename, FileMode.Create, FileAccess.Write);

I am of course omitting several classes I derived from the decompiled mail server code, but this is included in the attachment below.

As you can see we have our encryption type type (symmetrical / DES), our key, and our IV, as well as a method to decrypt. This project is not complete, but most of the pieces are here: SmarterMail_Password_Decryptor_v2_pass_12345

Happy hacking!


Source: /setadpu-noitpyrced-drowssap-liamretrams/50/6102/golb/moc.cesnorig.www

Read:7690 | Comments:0 | Tags:code cracking reversing cracking smartermail

“SmarterMail Password Decryption Updates”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)


Tag Cloud