13 replies to this topic

[CALYPSO_VXT]

I use Steganos Security Suite 7.07 and have an Encrypted SAFE file accessed through a password. However for some reason I cannot remember the password despite using the damn thing every day. Are there any utilities anyone knows of that could help to either recover or hack the password. Any help would be really appreciated. I'm getting desperate as I have files I need to access. PS Files are created as an encrypted *.sle file I am pretty sure I know the first 9 of the 13 characters Don't care if it takes a week for the utility to work it out as long as it does !!

[Gedi]

I think Steganos uses a 128 bit md5 hash, which is a non revesable, key based algorithm. Your only answer is to brute force it. The producers won't have a fail safe in place for password recovery as this would be a weakness in the software. Do you have any idea as to the length and characters used in the password (e.g. uppercase, lowercase, integers ??)

[CALYPSO_VXT]

How do you brute force it? Reckon I know just about what the characters are I only ever use certain ones and always the same first 9. I could tie it down to about 10 characters and special symbls that I only ever use. e.g. '!' for '1' and '3' for 'E' Its is also 13 charactes long.

[Gedi]

How do you brute force it?

god, now you've got me thinking back a few years. All my software is Linux based.

Only one I can remember at the moment is Cain & Abel >here<

If I remember any more I'll add them.

[CALYPSO_VXT]

Appreciate it sounds fishy. Its not. I am starting to think the file is corrupt or something because I have 3 safe files all using the same password and 2 work but this one doesn't. I haven't used it it for a couple of weeks (Holiday) and I am sure I didn't change it before I went away. I am getting desperate as the file contains all my photos (wedding, children, holidays etc) and the wife is going to kill me. Literally. I spent hours typing in differnet combinations and am starting to think I am going mad. I am getting so confused with passwords I am starting to doubt my mind. If anyone has any ideas I would be really grateful. I am really worried I wont sort this. I have written to the company but had no reply yet. Meantime I keep typing in the vain hope I get it right.

[Gedi]

If you can't do it, someone can do it for you. All is not lost

[CALYPSO_VXT]

Cheers Gedi. Feel sick at the moment worrying about it.

[Gedi]

you'll need to work out which file is the password file. Take a copy of it and run play with that. A 10 character password will take a few days to brute. This can be reduced by narrowing down the characters and length.

[Gedi]

Oh, one more thing, don't encrypt things that don't need to be. Only things you want to keep away from prying eyes need to be stored securely. Pics and other valuable, none security related things would be better kept on backup, like a CD.

Edited by Gedi, 27 November 2004 - 07:31 PM.

[CALYPSO_VXT]

Gedi, I'll do some work to find the pwd file. Don't care if it takes a month to work out the password so long as it does. I intalled a wirelss network and decided to put everything in an encrypted file. I have CV, docs etc in other files I can still use. Just pictures. If I ever get this back it will be secured in triplicate and a copy put in the Bank safe (Unencrypted!!) Any help with the brute would be again appreciated. Oh yes, If I do get it back I owe you big time !!

[CALYPSO_VXT]

Gedi, I'll do some work to find the pwd file. Don't care if it takes a month to work out the password so long as it does. I intalled a wirelss network and decided to put everything in encrypted files. Just became a bit obsessed. I check my Norton firewall logs and get attempted hacks all the time. Thats why I bought Steganos Suite. I have CV, important docs etc in other files I can still use. Just pictures. If I ever get this back it will be secured in triplicate and a copy put in the Bank safe (Unencrypted!!)I ahve alreaqdy abcked up my other just to be sure. Any help with the brute would be again appreciated. Oh yes, If I do get it back I owe a few beers for your moral support and help !! Mike

[CALYPSO_VXT]

Wrote to the Suppliers who were unable to help or offer advice. Basically said they don't use backdoors etc. They did say that the data is held in a carrier file called *.sle Spent a couple of days using file recovery utilities, searching backups and the like. This has resulted in about 75% of the pictures being recovered in 1 form or another which is really good news. All the wedding ones, all the christening and about half of my son. Holidays and others gone though. Have now had time to look at Cain and Abel and try and work out how Steganos does things but could not find a password file. To find out if it used one (not really knowing any other way) I created a new small SAFE using the Staganos software and password protected it. The file was called TEST.SLE and I put a word doc in. I copied the TEST.SLE file to a new PC and loaded the Steganos software. Having looked at the Registry I worked out what needed to be changed to get the the software to recognise the file when I ran it. I ran the software, clicked open safe and input the password. The TEST.SLE file opened. up. This proved that other than the actual carrier file containing the data there is no password file and its not held in the registry etc. I can therefore conclude that the password is held in the actual TEST.SLE file and the Staganos software when run must access the file and check the password on a header or something. (Forgive my ignorance if this is total Boll%%%s) So, the question now is how do I find out what the encrypted password is as I cannot edit the file to find it. Can I run the softeware, input a false password or something and do a memory dump or something / are there any utilities, editors or programs I can run to look at the encrypted file. The Carrier file is 25GB in size. If I can work this out I can run a simple test on a 1 digit password to prove I can use Cain & Abel to decrypt it and then move on to tryng to decrypt my other file. Sorry its long. Any help on getting the password would be gratefully received.