On Wed, 16 Aug 1995, Sean A. Walberg wrote:
I'm a crypto newbie here, but does anybody know how Trumpet Winsock and/or Eudora encrypt the passwords in their .ini files? I am trying to write a front end for a client and would rather it set up automatically rather than the program ask.
It's not xor. It's wrap-around addition. Not much better than rot-13 :) I broke it for my friend just a couple of days back, but it seems like he has deleted the source I wrote at his place (crytoanalysis and writing the 4-line c-source took about 20 minutes, total). Besides the key (the one used in encryption of the password) may be different in different versions and licences of these programs. Here's what you'll have to do to get the built-in key: 1. set password to 00000000, for example, and see what it encrypts into. 2. now substract 0x30 (ascii 0) from every character of the encrypted password. congratulations, you have the key! :) Now you can pretty much figure out how to decrypt any password. Note: Encrypted characters are in the range 32..127. First perform a logical and with 0x7f. If the result is smaller than 32, add 32. - mark