Shoutbox

is there any software to decrypt the log files with password in linux??
i need a program to do that...

or the algorithm to decrypt ... i can write a program to do that if i know how it works...

quote:

---

Originally posted by Taborda
is there any software to decrypt the log files with password in linux??

---

No, encrypting/decrypting is done using Windows APIs. They don't exist in *nix.

quote:

---

Originally posted by CookieRevised
The only difference between a rainbow crack and a brute force is that with the rainbox crack you calculate all the possible hashes first before doing the actuall comparisson. While with brute force you do the exact same calculations, but you compare each result immediatly.

---

You forget the most important difference ! Now that I have these tables I can recover the content of ANY .ple 'secured' using a numeric [0-8 digits] password within minutes. That is what I call an 'implementation' error !

quote:

---

... you first need to have the rainbow tables, which can take years to create (on a single PC).

---

... calculating tables ...

quote:

---

Originally posted by Taborda
is there any software to decrypt the log files with password in linux??
i need a program to do that...

or the algorithm to decrypt ... i can write a program to do that if i know how it works...

---

If you have a working C source code implementation for "MultiByteToWideChar()" ... I have all the rest (OpenSSL based)

quote:

---

Originally posted by Noproblemo

quote:

---

Originally posted by CookieRevised
The only difference between a rainbow crack and a brute force is that with the rainbox crack you calculate all the possible hashes first before doing the actuall comparisson. While with brute force you do the exact same calculations, but you compare each result immediatly.

---

You forget the most important difference ! Now that I have these tables I can recover the content of ANY .ple 'secured' using a numeric [0-8 digits] password within minutes.

---

That's the exact same thing I said, it is not another difference:

quote:

---

with the rainbox crack you calculate all the possible hashes first before doing the actuall comparisson.

---

implying that once you have the calculations you only need to compare.

quote:

---

Originally posted by Noproblemo
That is what I call an 'implementation' error !

---

I fail to see how that is an error...

quote:

---

Originally posted by Noproblemo

quote:

---

... you first need to have the rainbow tables, which can take years to create (on a single PC).

---

... calculating tables ...

---

sure... Calculate the time needed to calculate the rainbow tables for all possible characters, from 1 to, let's say, 10 character long pwds. Examples of how long it can take are shown on the original Rainbow Crack page.

Well, hello.

Has anyone done something since the last post?

I was wondering if decrypting ple files without password can be done at this date.

I've done some research and apparently AccessData Recover Password ToolKit (PRTK) 6.1 can decrypt ple files with a "dictionary attack" the problem is i have no money to buy the program and the module that decrypt these files is not available in the demo.

Can anyone help please?

The thing is that my father forgot the password for his logs and there are very important financial information from his company and he needs it desperately

help would be appreciated!
Thanks

As you can read in many many posts on these forums, decrypting without a password is not possible.

It was never possible, it is not possible, and it will never be possible.

There would be absolutely no point in encrypting stuff with a password if there is a tool to simply decrypt it without a password.

--

The password is needed since the password itself is the key to decrypt the logs.
The encryption/decryption system is not a simple "if the password is not correct you aren't allowed to view it"-system (which can be bypassed easly), but a "I need the correct password to know what calculations I need to do to decrypt"-system

--

Brute force attacks are possible for any any decryption/encryption system in the world... in theory(!). That's not rocket science.

However, in practice, a brute force attack takes an extreme lot of time, in the order of years, even decades(!), and that's even using an über-super-computer....

Even using rainbow-tables will take a lot of time, despite what some people might say. The reason is very simple: you need to calculate the rainbow tables first. Which takes the same amount of time as with brute force attackers.

A dictionary attack is nothing more than a brute force attack using only known words. In other words, if you have a password which is not an existing word, a dictionary attack will be completely useless. Even using 1 digit in your password renders almost all dictionary attacks useless.

The point is that in almost all cases you don't know what password is used; It can be an existing word, but chances are just the same that it isn't.

------------

Forgive me for saying this also, but using Messenger to communicate "very important financial information" is not smart to do. There are better, more secure ways, to do this sort of thing. Even then, if he needs this info, why don't he ask the info again from his contact he got it from, or request it in a more official way via his company.

Also, the point of a password is that you also can remember it. If you have trouble remembering passwords, either don't use them, or either write them down.

------------

In the next version of Messenger Plus! Live you will be able to set a password hint. In that way remembering a password would be somewhat easier (but less secure ofcourse). See Patchou's reply to forgoten password from chatlog of v4.0.0.214.

that was very helpful thanks mate

A bruteforcing app and rainbow tables was mentioned earlier in this thread, does anyone have a link? I forgot a password to some of my older logs, and I'm pretty sure it was a shortish one that could be bruteforced...

The only information regarding rainbow tables in reference to decrypting chat logs is given from like 10 posts ago. Read up a little, it contains a link to some brute force concept project.

However, rainbow tables are massive... hundreds of megabytes at the least, gigabytes normally...

The guy who first posted about using rainbow tables said his tables are 500MB big and that's just for numbers and a password length of up to 8 digits.

So that's roughly 10^8 combinations = 100.000.000 combinations (not taking in account the fact that you can also have pwds with 7 or 6 or 5, etc digits).

Now throw in the alphabet and your possible combinations for 8 characters will sky rocket up to 62^8 or 218 trillion combinations!!!

That's 2 million times the amount of the only-numerical combinations.

Rainbow tables have an unique setup so you don't need 2 million times 500MB of space. But still, the time it takes to generate those tables would be years if not decades if you try this at your own computer (assuming it is a super-fast computer).

In short, there is no rainbow table for Messenger Plus! Live logs, there is no "link" to one. And I'm afraid you wont be able to decrypt your logs.


-----

EDIT, PS: Oh, and I even forgot to mention the fact that you now can choose between different sets of key lengths in Messenger Plus! Live. So, multiply all the time taken to generate such a table by 4 (since you can choose from 4 different key lengths to base the encryption on).

Yeah, I know how large rainbow tables are and I know how long it takes to generate them. I've done a couple for myself, and downloaded several hundred gigabytes of others. I also know how long bruteforcing takes, as I've done some experimenting with it.

I'm pretty sure that the password was less than 8 characters lower-alpha numeric, which is relatively easy to bruteforce...I just don't have any software that can bruteforce them, and I don't have the coding capabilities to modify rainbowcrack like the other guy, which was why I was asking