2024-01-16 22:44:28 +00:00
# Truques de CTFs de Criptografia
2022-04-28 16:01:33 +00:00
< details >
2024-01-16 22:44:28 +00:00
< summary > < strong > Aprenda hacking no AWS do zero ao herói com< / strong > < a href = "https://training.hacktricks.xyz/courses/arte" > < strong > htARTE (HackTricks AWS Red Team Expert)< / strong > < / a > < strong > !< / strong > < / summary >
2022-04-28 16:01:33 +00:00
2024-01-16 22:44:28 +00:00
Outras formas de apoiar o HackTricks:
2022-04-28 16:01:33 +00:00
2024-01-16 22:44:28 +00:00
* Se você quer ver sua **empresa anunciada no HackTricks** ou **baixar o HackTricks em PDF** , confira os [**PLANOS DE ASSINATURA** ](https://github.com/sponsors/carlospolop )!
* Adquira o [**material oficial PEASS & HackTricks** ](https://peass.creator-spring.com )
* Descubra [**A Família PEASS** ](https://opensea.io/collection/the-peass-family ), nossa coleção de [**NFTs** ](https://opensea.io/collection/the-peass-family ) exclusivos
* **Junte-se ao grupo** 💬 [**Discord** ](https://discord.gg/hRep4RUj7f ) ou ao grupo [**telegram** ](https://t.me/peass ) ou **siga-me** no **Twitter** 🐦 [**@carlospolopm** ](https://twitter.com/carlospolopm )**.**
* **Compartilhe seus truques de hacking enviando PRs para os repositórios do GitHub** [**HackTricks** ](https://github.com/carlospolop/hacktricks ) e [**HackTricks Cloud** ](https://github.com/carlospolop/hacktricks-cloud ).
2022-04-28 16:01:33 +00:00
< / details >
2024-01-16 22:44:28 +00:00
## Bancos de Dados de Hashes Online
2021-08-30 22:36:25 +00:00
2023-06-06 18:56:34 +00:00
* _**Pesquise no Google**_
2021-08-30 22:36:25 +00:00
* [http://hashtoolkit.com/reverse-hash?hash=4d186321c1a7f0f354b297e8914ab240 ](http://hashtoolkit.com/reverse-hash?hash=4d186321c1a7f0f354b297e8914ab240 )
2021-10-18 11:21:18 +00:00
* [https://www.onlinehashcrack.com/ ](https://www.onlinehashcrack.com )
* [https://crackstation.net/ ](https://crackstation.net )
* [https://md5decrypt.net/ ](https://md5decrypt.net )
2021-08-30 22:36:25 +00:00
* [https://www.onlinehashcrack.com ](https://www.onlinehashcrack.com )
2021-10-18 11:21:18 +00:00
* [https://gpuhash.me/ ](https://gpuhash.me )
2021-08-30 22:36:25 +00:00
* [https://hashes.org/search.php ](https://hashes.org/search.php )
2021-10-18 11:21:18 +00:00
* [https://www.cmd5.org/ ](https://www.cmd5.org )
2021-08-30 22:36:25 +00:00
* [https://hashkiller.co.uk/Cracker/MD5 ](https://hashkiller.co.uk/Cracker/MD5 )
* [https://www.md5online.org/md5-decrypt.html ](https://www.md5online.org/md5-decrypt.html )
2021-09-22 10:45:02 +00:00
2024-01-16 22:44:28 +00:00
## Solucionadores Automáticos Mágicos
2021-09-22 10:45:02 +00:00
2022-04-05 22:24:52 +00:00
* [**https://github.com/Ciphey/Ciphey** ](https://github.com/Ciphey/Ciphey )
2023-06-06 18:56:34 +00:00
* [https://gchq.github.io/CyberChef/ ](https://gchq.github.io/CyberChef/ ) (Módulo Mágico)
2022-04-05 22:24:52 +00:00
* [https://github.com/dhondta/python-codext ](https://github.com/dhondta/python-codext )
2022-07-05 17:49:17 +00:00
* [https://www.boxentriq.com/code-breaking ](https://www.boxentriq.com/code-breaking )
2021-08-30 22:36:25 +00:00
2023-06-06 18:56:34 +00:00
## Codificadores
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
A maioria dos dados codificados pode ser decodificada com estes 2 recursos:
2021-08-30 22:36:25 +00:00
* [https://www.dcode.fr/tools-list ](https://www.dcode.fr/tools-list )
* [https://gchq.github.io/CyberChef/ ](https://gchq.github.io/CyberChef/ )
2024-01-16 22:44:28 +00:00
### Solucionadores Automáticos de Substituição
2021-08-30 22:36:25 +00:00
* [https://www.boxentriq.com/code-breaking/cryptogram ](https://www.boxentriq.com/code-breaking/cryptogram )
2023-06-06 18:56:34 +00:00
* [https://quipqiup.com/ ](https://quipqiup.com ) - Muito bom!
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
#### Caesar - ROTx Solucionadores Automáticos
2021-08-30 22:36:25 +00:00
* [https://www.nayuki.io/page/automatic-caesar-cipher-breaker-javascript ](https://www.nayuki.io/page/automatic-caesar-cipher-breaker-javascript )
2024-01-16 22:44:28 +00:00
#### Cifra Atbash
2021-08-30 22:36:25 +00:00
* [http://rumkin.com/tools/cipher/atbash.php ](http://rumkin.com/tools/cipher/atbash.php )
2024-01-16 22:44:28 +00:00
### Solucionadores Automáticos de Codificações Base
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
Verifique todas estas bases com: [https://github.com/dhondta/python-codext ](https://github.com/dhondta/python-codext )
2021-08-30 22:36:25 +00:00
2022-02-05 13:50:50 +00:00
* **Ascii85**
2024-01-16 22:44:28 +00:00
* `BQ%]q@psCd@rH0l`
2022-02-05 13:50:50 +00:00
* **Base26** \[_A-Z_]
2024-01-16 22:44:28 +00:00
* `BQEKGAHRJKHQMVZGKUXNT`
2021-10-18 11:21:18 +00:00
* **Base32** \[_A-Z2-7=_]
2024-01-16 22:44:28 +00:00
* `NBXWYYLDMFZGCY3PNRQQ====`
* **Zbase32** \[_ybndrfg8ejkmcpqxot1uwisza345h769_]
* `pbzsaamdcf3gna5xptoo====`
* **Base32 Geohash** \[_0-9b-hjkmnp-z_]
* `e1rqssc3d5t62svgejhh====`
* **Base32 Crockford** \[_0-9A-HJKMNP-TV-Z_]
* `D1QPRRB3C5S62RVFDHGG====`
* **Base32 Extended Hexadecimal** \[_0-9A-V_]
* `D1NMOOB3C5P62ORFDHGG====`
* **Base45** \[_0-9A-Z $%\*+-./:_]
* `59DPVDGPCVKEUPCPVD`
* **Base58 (bitcoin)** \[_1-9A-HJ-NP-Za-km-z_]
* `2yJiRg5BF9gmsU6AC`
* **Base58 (flickr)** \[_1-9a-km-zA-HJ-NP-Z_]
* `2YiHqF5bf9FLSt6ac`
* **Base58 (ripple)** \[_rpshnaf39wBUDNEGHJKLM4PQ-T7V-Z2b-eCg65jkm8oFqi1tuvAxyz_]
* `pyJ5RgnBE9gm17awU`
* **Base62** \[_0-9A-Za-z_]
* `g2AextRZpBKRBzQ9`
* **Base64** \[_A-Za-z0-9+/=_]
* `aG9sYWNhcmFjb2xh`
* **Base67** \[_A-Za-z0-9-_.!\~\_]
* `NI9JKX0cSUdqhr!p`
* **Base85 (Ascii85)** \[_!"#$%&'() \*+,-./0-9:; < =>?@A-Z\[\\]^\_\`a-u_]
* `BQ%]q@psCd@rH0l`
* **Base85 (Adobe)** \[_!"#$%&'() \*+,-./0-9:; < =>?@A-Z\[\\]^\_\`a-u_]
* `<~BQ%]q@psCd@rH0l~>`
* **Base85 (IPv6 ou RFC1924)** \[_0-9A-Za-z!#$%&() \*+-; < =>?@^_\`{|}\~\_]
* `Xm4y` V\_|Y(V{dF>\`
* **Base85 (xbtoa)** \[_!"#$%&'() \*+,-./0-9:; < =>?@A-Z\[\\]^\_\`a-u_]
* `xbtoa Begin\nBQ%]q@psCd@rH0l\nxbtoa End N 12 c E 1a S 4e6 R 6991d`
* **Base85 (XML)** \[_0-9A-Za-y!#$()\*+,-./:;=?@^\`{|}\~z\__]
* `Xm4y|V{~Y+V}dF?`
* **Base91** \[_A-Za-z0-9!#$%&() \*+,./:; < =>?@\[]^\_\`{|}\~"_]
* `frDg[*jNN!7&BQM`
* **Base100** \[]
* `👟👦👣👘👚👘👩👘👚👦👣👘`
* **Base122** \[]
* `4F ˂ r0Xmvc`
* **ATOM-128** \[_/128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC_]
* `MIc3KiXa+Ihz+lrXMIc3KbCC`
* **HAZZ15** \[_HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5_]
* `DmPsv8J7qrlKEoY7`
* **MEGAN35** \[_3G-Ub=c-pW-Z/12+406-9Vaq-zA-F5_]
* `kLD8iwKsigSalLJ5`
* **ZONG22** \[_ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2_]
* `ayRiIo1gpO+uUc7g`
* **ESAB46** \[]
* `3sHcL2NR8WrT7mhR`
* **MEGAN45** \[]
* `kLD8igSXm2KZlwrX`
* **TIGO3FX** \[]
* `7AP9mIzdmltYmIP9mWXX`
* **TRIPO5** \[]
* `UE9vSbnBW6psVzxB`
* **FERON74** \[]
* `PbGkNudxCzaKBm0x`
* **GILA7** \[]
* `D+nkv8C1qIKMErY1`
* **Citrix CTX1** \[]
* `MNGIKCAHMOGLKPAKMMGJKNAINPHKLOBLNNHILCBHNOHLLPBK`
[http://k4.cba.pl/dw/crypo/tools/eng\_atom128c.html ](http://k4.cba.pl/dw/crypo/tools/eng\_atom128c.html ) - 404 Morto: [https://web.archive.org/web/20190228181208/http://k4.cba.pl/dw/crypo/tools/eng\_hackerize.html ](https://web.archive.org/web/20190228181208/http://k4.cba.pl/dw/crypo/tools/eng\_hackerize.html )
### HackerizeXS \[_╫Λ↻├☰┏_]
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
╫☐↑Λ↻Λ┏Λ↻☐↑Λ
```
2022-07-05 17:49:17 +00:00
### Morse
2024-01-16 22:44:28 +00:00
* [http://k4.cba.pl/dw/crypo/tools/eng_hackerize.html ](http://k4.cba.pl/dw/crypo/tools/eng_hackerize.html ) - 404 Morto: [https://web.archive.org/web/20190228181208/http://k4.cba.pl/dw/crypo/tools/eng_hackerize.html ](https://web.archive.org/web/20190228181208/http://k4.cba.pl/dw/crypo/tools/eng_hackerize.html )
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
.... --- .-.. -.-. .- .-. .- -.-. --- .-.. .-
```
2022-07-05 17:49:17 +00:00
### UUencoder
2024-01-16 22:44:28 +00:00
* [http://k4.cba.pl/dw/crypo/tools/eng_morse-encode.html ](http://k4.cba.pl/dw/crypo/tools/eng_morse-encode.html ) - 404 Morto: [https://gchq.github.io/CyberChef/ ](https://gchq.github.io/CyberChef/ )
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
begin 644 webutils_pl
M2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(
M3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/
F3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$$`
`
end
```
* [http://www.webutils.pl/index.php?idx=uu ](http://www.webutils.pl/index.php?idx=uu )
2024-01-16 22:44:28 +00:00
### XXEncoder
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
begin 644 webutils_pl
hG2xAEIVDH236Hol-G2xAEIVDH236Hol-G2xAEIVDH236Hol-G2xAEIVDH236
5Hol-G2xAEE++
end
```
2022-07-05 17:49:17 +00:00
### YEncoder
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
=ybegin line=128 size=28 name=webutils_pl
ryvkryvkryvkryvkryvkryvkryvk
=yend size=28 crc32=35834c86
```
* [http://www.webutils.pl/index.php?idx=yenc ](http://www.webutils.pl/index.php?idx=yenc )
2022-07-05 17:49:17 +00:00
### BinHex
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
(This file must be converted with BinHex 4.0)
:#hGPBR9dD@acAh"X!$mr2cmr2cmr!!!!!!!8!!!!!-ka5%p-38K26%& )6da"5%p
-38K26%'d9J!!:
```
* [http://www.webutils.pl/index.php?idx=binhex ](http://www.webutils.pl/index.php?idx=binhex )
2022-07-05 17:49:17 +00:00
### ASCII85
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
< ~85DoF85DoF85DoF85DoF85DoF85DoF~>
```
* [http://www.webutils.pl/index.php?idx=ascii85 ](http://www.webutils.pl/index.php?idx=ascii85 )
2023-06-06 18:56:34 +00:00
### Teclado Dvorak
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
drnajapajrna
```
2021-10-18 11:21:18 +00:00
* [https://www.geocachingtoolbox.com/index.php?lang=en\&page=dvorakKeyboard ](https://www.geocachingtoolbox.com/index.php?lang=en\&page=dvorakKeyboard )
2021-08-30 22:36:25 +00:00
2022-07-05 17:49:17 +00:00
### A1Z26
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
Letras para o seu valor numérico
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
8 15 12 1 3 1 18 1 3 15 12 1
```
2024-01-16 22:44:28 +00:00
### Cifra Afinada Codificar
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
Letra para número `(ax+b)%26` (_a_ e _b_ são as chaves e _x_ é a letra) e o resultado de volta para letra
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
krodfdudfrod
```
2023-06-06 18:56:34 +00:00
### Código SMS
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
**Multitap** [substitui uma letra ](https://www.dcode.fr/word-letter-change ) por dígitos repetidos definidos pelo código da tecla correspondente em um [teclado de telefone móvel ](https://www.dcode.fr/phone-keypad-cipher ) (Este modo é usado ao escrever SMS).\
2023-06-06 18:56:34 +00:00
Por exemplo: 2=A, 22=B, 222=C, 3=D...\
2024-01-16 22:44:28 +00:00
Você pode identificar este código porque verá **vários números repetidos** .
2021-08-30 22:36:25 +00:00
2023-06-06 18:56:34 +00:00
Você pode decodificar este código em: [https://www.dcode.fr/multitap-abc-cipher ](https://www.dcode.fr/multitap-abc-cipher )
2021-08-30 22:36:25 +00:00
2023-06-06 18:56:34 +00:00
### Código Bacon
2021-08-30 22:36:25 +00:00
2023-06-06 18:56:34 +00:00
Substitua cada letra por 4 As ou Bs (ou 1s e 0s)
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
00111 01101 01010 00000 00010 00000 10000 00000 00010 01101 01010 00000
AABBB ABBAB ABABA AAAAA AAABA AAAAA BAAAA AAAAA AAABA ABBAB ABABA AAAAA
```
2023-06-06 18:56:34 +00:00
### Runas
2021-08-30 22:36:25 +00:00
![](../.gitbook/assets/runes.jpg)
2023-06-06 18:56:34 +00:00
## Compressão
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
**Raw Deflate** e **Raw Inflate** (ambos encontrados no Cyberchef) podem comprimir e descomprimir dados sem cabeçalhos.
2021-08-30 22:36:25 +00:00
2023-06-06 18:56:34 +00:00
## Criptografia Fácil
2021-08-30 22:36:25 +00:00
2022-07-05 17:49:17 +00:00
### XOR - Autosolver
2021-08-30 22:36:25 +00:00
* [https://wiremask.eu/tools/xor-cracker/ ](https://wiremask.eu/tools/xor-cracker/ )
2022-07-05 17:49:17 +00:00
### Bifid
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
Uma palavra-chave é necessária
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
fgaargaamnlunesuneoa
```
2022-07-05 17:49:17 +00:00
### Vigenere
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
É necessário uma palavra-chave
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
wodsyoidrods
```
2023-06-06 18:56:34 +00:00
## Criptografia Forte
2021-08-30 22:36:25 +00:00
2022-07-05 17:49:17 +00:00
### Fernet
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
2 strings base64 (token e chave)
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
Token:
gAAAAABWC9P7-9RsxTz_dwxh9-O2VUB7Ih8UCQL1_Zk4suxnkCvb26Ie4i8HSUJ4caHZuiNtjLl3qfmCv_fS3_VpjL7HxCz7_Q==
Key:
-s6eI5hyNh8liH7Gq0urPC-vzPgNnxauKvRO4g03oYI=
```
* [https://asecuritysite.com/encryption/ferdecode ](https://asecuritysite.com/encryption/ferdecode )
2023-06-06 18:56:34 +00:00
### Compartilhamento Secreto de Samir
2021-08-30 22:36:25 +00:00
2024-01-16 22:44:28 +00:00
Um segredo é dividido em X partes e para recuperá-lo você precisa de Y partes (_Y < = X_).
2021-10-18 11:21:18 +00:00
```
2021-08-30 22:36:25 +00:00
8019f8fa5879aa3e07858d08308dc1a8b45
80223035713295bddf0b0bd1b10a5340b89
803bc8cf294b3f83d88e86d9818792e80cd
```
2024-01-16 22:44:28 +00:00
### OpenSSL força bruta
2021-08-30 22:36:25 +00:00
2023-06-06 18:56:34 +00:00
## Ferramentas
2021-08-30 22:36:25 +00:00
2022-04-28 16:01:33 +00:00
< details >
2024-01-16 22:44:28 +00:00
< summary > < strong > Aprenda hacking no AWS do zero ao herói com< / strong > < a href = "https://training.hacktricks.xyz/courses/arte" > < strong > htARTE (HackTricks AWS Red Team Expert)< / strong > < / a > < strong > !< / strong > < / summary >
2022-04-28 16:01:33 +00:00
2024-01-16 22:44:28 +00:00
Outras formas de apoiar o HackTricks:
2022-04-28 16:01:33 +00:00
2024-01-16 22:44:28 +00:00
* Se você quer ver sua **empresa anunciada no HackTricks** ou **baixar o HackTricks em PDF** , confira os [**PLANOS DE ASSINATURA** ](https://github.com/sponsors/carlospolop )!
* Adquira o [**material oficial PEASS & HackTricks** ](https://peass.creator-spring.com )
* Descubra [**A Família PEASS** ](https://opensea.io/collection/the-peass-family ), nossa coleção de [**NFTs** ](https://opensea.io/collection/the-peass-family ) exclusivos
* **Junte-se ao grupo** 💬 [**Discord** ](https://discord.gg/hRep4RUj7f ) ou ao grupo [**telegram** ](https://t.me/peass ) ou **siga-me** no **Twitter** 🐦 [**@carlospolopm** ](https://twitter.com/carlospolopm )**.**
* **Compartilhe suas técnicas de hacking enviando PRs para os repositórios github do** [**HackTricks** ](https://github.com/carlospolop/hacktricks ) e [**HackTricks Cloud** ](https://github.com/carlospolop/hacktricks-cloud ).
2022-04-28 16:01:33 +00:00
< / details >