I have an encrypted parameter V coming from a web page like this:
page.php?V=5E5C535C584B40584A4A4E564B5D4503510755020402080C580A015D0D0A5A010206070C0E025C000F005D080E5F5D
V is encrypted like above:
MD5 :
md5("a=login|password") = b90669a351161d0d74bed0e04d7b5eef
XOR :
password= "1234567899999999" encryptedXOR = obj.XOREncryption(password,"login|password|b90669a351161d0d74bed0e04d7b5eef")
which gives something like:
encryptedXOR = 5E5C535C584B48584A4A4E564B5D4503510755020402080C580A015D0D0A5A010206070C0E025C000F005D080E5F5D
what I want here is the function to decrypt this ‘ecryptedXOR‘ using the password, so that I can get the:
login|password|b90669a351161d0d74bed0e04d7b5eef
here’s what I’ve done so far: http://pastebin.com/D9mzx82Q
Advertisement
Answer
You can XOR by the same “password” to get the original string.
Edit :
from Wikipedia:
a string of text can be encrypted by applying the bitwise XOR operator to every character using a given key. To decrypt the output, merely reapplying the key will remove the cipher.
So if your obj.XOREncryption() is doing nothing extra but a simple XOR, by applying the same operation a second time you’ll get the original text :
decryptedXOR = obj.XOREncryption(password, encryptedXOR )