Sorry for the late reply...
On Sat, 2006-04-15 at 02:47 +0200, Christian Tschabuschnig wrote:
> i want to do a dictionary-attack on a revelation-password-file. do you
> know of any tools that attack a revelation-file directly or another way
> to do an automized attack?
There are no tools for this, but the files can be brute-forced just like
any other encrypted file. Just use this script , and modify it to
loop over your dictionary and check if the decrypted data starts with
<?xml - if so, bingo, you just found the password.
(not sure if this works with the current file format, but I think it should)
> the password consists of substrings of a very few (about ten to twenty)
> known strings. so it should be possible to crack it in a reasonable
> amount of time with a program, right?
If you only have a few hundred possible keys, then yeah, should be
doable in a few minutes.
Remember kids: encryption places all security in the key, so make sure
you pick secure passwords. This information is available to anyone who
bothers to skim through the sourcecode.
Erik Grinaker <[EMAIL PROTECTED]>
"We act as though comfort and luxury were the chief requirements of
life, when all that we need to make us happy is something to be
-- Albert Einstein