Pentest Tools

Published on May 14th, 2016 📆 | 5691 Views ⚑

0

FeatherDuster — Automated Modular Cryptanalysis Tool


https://www.ispeech.org/text.to.speech

Automated Modular Cryptanalysis Tool

 


FeatherDuster is a tool written by Daniel β€œunicornfurnace” Crowley of NCC Group for breaking crypto which tries to make the process of identifying and exploiting weak cryptosystems as easy as possible. Cryptanalib is the moving parts behind FeatherDuster, and can be used independently of FeatherDuster.

Cryptanalib can be used separately of FeatherDuster to make Python-based crypto attack tools. Documentation for cryptanalib functions can be accessed through the Python help() functionΒ The analysis engine in Cryptanalib, used by FeatherDuster, can automatically detect encodings and decode samples. The engine assumes that all samples are generated with the same process (for instance,base64encode(aes_encrypt(datum))), but can handle mixed samples to some degree. Currently, Cryptanalib can detect and decode the following encoding schemes:

Vanilla Base64
ASCII hex-encoding
Zlib compression

 

Cryptanalib’s analysis engine can detect a number of properties in the analysis phase, too:

Low entropy ciphertext (Useful for detecting homebrew ciphers)
Block cipher usage vs Stream cipher usage
ECB mode
CBC mode with fixed IV
Hash algorithm (engine will note that length extension attacks may apply with Merkle-Daamgard based hash algos)
OpenSSL formatted ciphertext
Stream cipher key reuse
RSA keys with private components
Insufficiently large RSA moduli
RSA modulus reuse
Transposition-only cipher

 

This is a beta release of FeatherDuster. Things may be broken.

 

Installation

git clone https://github.com/nccgroup/featherduster.git
cd featherduster
python setup.py install
sudo apt-get install libgmp3-dev

 

Dependencies

Python 2.x
GMPy (which itself depends on GMP)
PyCrypto

[adsense size='1']

FeatherDuster Usage

python featherduster.py [ciphertext file 1] ... [ciphertext file n]

When importing samples through positional arguments, each file will be consumed and treated as its own ciphertext, regardless of the format of the files. FeatherDuster has the ability to automatically recognize and decode common encodings, so it’s okay if these files contain encoded samples.

Invoking FeatherDuster without positional arguments will allow for alternate methods of ciphertext import, specifically the ability to import a file with newline-separated samples where each line will be treated as a distinct sample, like so:

68657920636f6f6c
796f752072656164
74686520726561646d65

and the ability to specify a single ciphertext in FeatherDuster through command-line input. Since this input will terminate on a newline, it is recommended to use some form of encoding in case the sample contains a newline.

 

 

https://github.com/nccgroup/featherduster



Leave a Reply

Your email address will not be published.