sc4ry Posted April 14, 2010 Share Posted April 14, 2010 Hello Everybody, i want to decrypt some text from mIRC, which uses FiSH (http://fish.secure.la/). FiSH is using the Blowfish-Algo. I tried the blowfish.au3 from here (http://www.autoitscript.com/forum/index.php?showtopic=44581&st=0&p=332160&#entry332160), but it seems not so easy to use the key and the text to decrypt. I receive the following code, which is crypted with password "1234" (without "") -> +OK XyYxV1HYaF.1 Now i want to find the way, to decrypt this msg with the key to receive -> Blubb I think there must be 2 ways: 1. Using blowfish.au3; 2. Using FiSH.dll At this time, i have no idea, how to use the blowfish.au3 for that, but maybe, if i/we understand, how Fish works? What i find in the mrc, is the follwing (but because i´m a dll and decryption noob, this does not really helps me ;-)) int decrypt_string(char *key, char *str, char *dest, int len); int encrypt_string(char *key, char *str, char *dest, int len); $dll(%FiSH_dll,DH1024_comp, %FiSH.prv_key $2) If i take a look in the dll (with dependency walker), i also find the functions FiSH_decrypt_msg und FiSH_encrypt_msg. But both together does not show me, how to use it. could anybody help me? thanks very much. Link to comment Share on other sites More sharing options...
PsaltyDS Posted April 14, 2010 Share Posted April 14, 2010 I receive the following code, which is crypted with password "1234" (without "") -> +OK XyYxV1HYaF.1Now i want to find the way, to decrypt this msg with the key to receive -> BlubbThat sounds like you want an asymmetric algorithm. Blowfish is a symmetric algorithm, which means the same key must be used to decrypt that was used to encrypt. You want to encrypt with one key ("1234") and decrypt with a different one ("Blubb"), sort of like with RSA.I don't know anything about "FiSH". Maybe it puts an asymmetric wrapper of some kind around a Blowfish encrypted block of data. You would have to take that up with them. Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Link to comment Share on other sites More sharing options...
DoubleMcLovin Posted April 14, 2010 Share Posted April 14, 2010 That sounds like you want an asymmetric algorithm. Blowfish is a symmetric algorithm, which means the same key must be used to decrypt that was used to encrypt. You want to encrypt with one key ("1234") and decrypt with a different one ("Blubb"), sort of like with RSA.I don't know how to help with this problem, but after reading the question, he does not want to decrypt with a different key, "Blubb" id the decrypted text. 1234 remains the key throughout. Link to comment Share on other sites More sharing options...
PsaltyDS Posted April 14, 2010 Share Posted April 14, 2010 (edited) I don't know how to help with this problem, but after reading the question, he does not want to decrypt with a different key, "Blubb" id the decrypted text. 1234 remains the key throughout.I see what you mean. I may have misunderstood the question.As for the FiSH DLL, is there documentation available for it? Edited April 14, 2010 by PsaltyDS Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Link to comment Share on other sites More sharing options...
evilertoaster Posted April 14, 2010 Share Posted April 14, 2010 Blowfish keys should be a multiple of 8, otherwise different implementations might pad them differently (and give you different results). Here's an exmaple for enc/dec for the AutoIt version: #include "Blowfish.au3" $text="Blubb" $key="12345678" $cipher=Blowfish($key,$text,0) MsgBox(0,"This encrypted text is",$cipher) $decrypted=Blowfish($key,$cipher,1) MsgBox(0,"There and back agian:",$decrypted) This matches a 2nd implementations results (http://webnet77.com/cgi-bin/helpers/blowfish.pl) so I'd assume it's correct. Now you just to verify the encrypted text given to you by the FiSH algo... Link to comment Share on other sites More sharing options...
PsaltyDS Posted April 14, 2010 Share Posted April 14, 2010 Nice catch. I was comparing to this site: http://www.oclib.com/library/com/oclib/javascript/security/encryption/blowfish/20070210/demo.html, and it came up different from SkinnyWhiteGuy's function every time. Using the one you found, it matches (after conversion with "StringToBinary($cipher)"). Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Link to comment Share on other sites More sharing options...
evilertoaster Posted April 14, 2010 Share Posted April 14, 2010 (edited) http://www.oclib.com/library/com/oclib/javascript/security/encryption/blowfish/20070210/demo.html is most likely wrong or it expects input differently, or has an implementation quirk (maybe a different block mode). Skinny's and http://webnet77.com/cgi-bin/helpers/blowfish.pl match the values expected by the text vectors- http://www.schneier.com/code/vectors.txt Edited April 14, 2010 by evilertoaster Link to comment Share on other sites More sharing options...
sc4ry Posted April 14, 2010 Author Share Posted April 14, 2010 Hey, thank you for your help. Cause i´m german, i don´t understand all what you wrote. sorry for that ;-) using the blowfish.au3 isn´t that hard, but the result is not that, what i want or expect. i don´t know, what the fish.dll really does ... but i want to build that back. and the only thing i know already is, that it also uses blowfish ... but in what way? maybe i have to use directly the dll and not the blowfish.au3 ... but how? something i know found is, how the call should be done: FiSH_encrypt_msg(HWND mWnd, HWND aWnd, char *theData, char *params, BOOL show, BOOL nopause) know i have to do this in autoit (with nearly no dll-expirience). if anyone have a tip ... please let me know =) Link to comment Share on other sites More sharing options...
sc4ry Posted April 15, 2010 Author Share Posted April 15, 2010 and a BIG, GREAT THANKS goes tooooo ... BugFix =) He did the following: Func _FiSH_encrypt_msg($mWnd, $aWnd, $sData, $show, $nopause) Local $tData = DllStructCreate('char[900]') DllStructSetData($tData, 1, $sData) Local $tParams = DllStructCreate('char[900]') Local $ret = DllCall('Fish.dll', 'int', 'FiSH_encrypt_msg', 'hwnd', $mWnd, 'hwnd', $aWnd, 'ptr', DllStructGetPtr($tData), _ 'ptr', DllStructGetPtr($tParams), 'BOOLEAN', $show, 'BOOLEAN', $nopause) If @error Then Return SetError(@error,0,-1) Switch $ret[0] Case 0, 1 Return $ret[0] Case 2 Local $aOut[2] = [DllStructGetData($tData,1), DllStructGetData($tParams,1)] Return $aOut Case 3 Return DllStructGetData($tData,1) EndSwitch EndFunc which works fine with following settings: $mWnd = WinGetHandle("[Class:SciTEWindow]") $aWnd = ControlGetHandle("[Class:SciTEWindow]", "", "Scintilla2") $sData = "1234 Blubb" $show = True $nopause = True Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now