A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


The Adobe Guide to Keyless Decryption - Tim Tomes (BSides Augusta 2014) (Hacking Illustrated Series InfoSec Tutorial Videos)

The Adobe Guide to Keyless Decryption
Tim Tomes

It goes without saying that Adobe has made some mistakes as a software company. Quite possibly their largest was the breach that resulted in 153 million Adobe user credentials being disclosed to the Internet. The good news is that the passwords to the accounts were encrypted. The bad news is that they were encrypted poorly. In this talk, I am going to speak briefly about the fundamental flaws in Adobe's approach to encryption, then dive into the techniques I've used over the past year to crack a large percent of the passwords exposed by Adobe without access to the encryption key. Finally, I'll demonstrate how the result can be leveraged to maximize the effectiveness of data harvested by Recon-ng.

Back to BSides Augusta 2014 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast