help with simple password encryptor

[Skeleton Man]

Hi,

I came across the basic algorithmfor decrypting WS_FTP Pro 6 passwords as
follows, and I'm trying to reverse it to make an encryption function:

function ws_dec()
{
var str = prompt('Enter encrypted password (including PWD=):','');
var output = '';
passw=str.substring(37,str.length);

for (var i = 0; i<passw.length/2; i++){

var caracter=passw.substring(i*2,i*2+2);
var sal=str.substring(5+i,6+i);
var claro=parseInt("0x"+caracter) -i -1 - ((47+parseInt("0x"+sal))%57);

output = output +String.fromCharCode(claro);
}

document.getElementById('dec').innerHTML = 'Decrypted Password Is: ' +
output;
}


I understand 95% of what is happening in the above code, but this line
puzzles me:
var claro=parseInt("0x"+caracter) -i -1 - ((47+parseInt("0x"+sal))%57);

I realise the parseInt() is just converting a hex value to integer.. but I
don't get why it adds 47 to the number and mods it with 57.. How would I
reverse this line so it took the original ascii code for the character and
encrypted it ?

Regards,
Chris

 

[Lüpher Cypher]

Hi,

I came across the basic algorithmfor decrypting WS_FTP Pro 6 passwords as
follows, and I'm trying to reverse it to make an encryption function:

function ws_dec()
{
var str = prompt('Enter encrypted password (including PWD=):','');
var output = '';
passw=str.substring(37,str.length);

for (var i = 0; i<passw.length/2; i++){

var caracter=passw.substring(i*2,i*2+2);
var sal=str.substring(5+i,6+i);
var claro=parseInt("0x"+caracter) -i -1 - ((47+parseInt("0x"+sal))%57);

output = output +String.fromCharCode(claro);
}

document.getElementById('dec').innerHTML = 'Decrypted Password Is: ' +
output;
}


I understand 95% of what is happening in the above code, but this line
puzzles me:
var claro=parseInt("0x"+caracter) -i -1 - ((47+parseInt("0x"+sal))%57);

I realise the parseInt() is just converting a hex value to integer.. but I
don't get why it adds 47 to the number and mods it with 57.. How would I
reverse this line so it took the original ascii code for the character and
encrypted it ?

For each cleartext character:
Make random 0 < sal < 9
Add it to character
Add counter (1..length of cleartext) to that
Add 47 to that
Save encrypted result and sal


Here's javascript code:

var salStr = '';
var pwd = '';
for (var i=0; i<output.length; i++) {
var sal = Math.floor(Math.random()*9);
salStr = salStr+sal.toString();
sal += 47;
var ch = output.charCodeAt(i)+sal+(i+1);
pwd = pwd+ch.toString(16).toUpperCase();
}

document.write(salStr+'...'+pwd+'<br /><br />');

salStr will have those needed sal numbers (salStr follows "PWD=V"), and
pwd is the encrypted password

 

[Skeleton Man]

For each cleartext character:

Make random 0 < sal < 9
Add it to character
Add counter (1..length of cleartext) to that
Add 47 to that
Save encrypted result and sal

Many thanks.. I tried your JS code, but it doesn't produce the right length
salt.. the salt is always 32 characters, regardless of password length
(excluding PWD=V)..

Take the following encrypted password (hispasec):

PWD=V99728E7229A0B92D08CD74092DAE99BCA1A3ACA59D7DA29C

The salt part is: 99728E7229A0B92D08CD74092DAE99BC

The password part is: A1A3ACA59D7DA29C

Regards,
Chris

 

[Lüpher Cypher]

Many thanks.. I tried your JS code, but it doesn't produce the right length
salt.. the salt is always 32 characters, regardless of password length
(excluding PWD=V)..

Take the following encrypted password (hispasec):

PWD=V99728E7229A0B92D08CD74092DAE99BCA1A3ACA59D7DA29C

The salt part is: 99728E7229A0B92D08CD74092DAE99BC

The password part is: A1A3ACA59D7DA29C

Not true If you look at the script, i goes from 0 to encrypted
password length/2, and since each character of the password is in hex (2
characters), i goes from 0 to clear passwod length. Then, for each i,
sal is 1 character. So, if password length is 8, we'll get 8 sal's, etc.
Basically, the encrypted string should look like

"PWD=V"+{salStr goes here}+{something else goes here}+{encrypted pwd
goes here}


luph

 

[Skeleton Man]

Not true If you look at the script, i goes from 0 to encrypted

password length/2, and since each character of the password is in hex (2
characters), i goes from 0 to clear passwod length. Then, for each i,
sal is 1 character. So, if password length is 8, we'll get 8 sal's, etc.
Basically, the encrypted string should look like

"PWD=V"+{salStr goes here}+{something else goes here}+{encrypted pwd
goes here}

Many thanks, and my appologies, you are indeed correct.. it seems that the
rest is padding to make up the 32 chars.. you can put anything in between
the salt and the password and it still works.. That really is weak
encryption !!

Regards,
Chris