> I'm trying to figure out what kind of cipher was used in this: > > GGobQ2bsqd64PXVAmaDiDBg= > > Looks like Base64, but it's not. The original string is: > > [email protected] > > Thanks all!
As Thor mentioned, since the ciphertext is not a multiple of a common block cipher's block size (8 or 16 bytes), then an XOR might be in use. This points to either a block cipher in CFB, OFB, or similar modes, or a stream cipher (RC4?), or some hack someone put together that involves XORing some secret with the email address. Your next step should be to have several different plaintexts encrypted, then XOR away the plaintext from the ciphertext to get your keystream for each. If you see duplication across key streams, then you might be looking at a bad hack or use of a cipher which reuses the same IV for each email address, which is also a big no-no. HTH, tim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
