hey guys! I found an encryption algorithm in a website source which is written by PHP code.
Here is it

[php]
function encode($string, $type = 0, $key = '', $expiry = 0) {
    if(is_array($string)) $string = json_encode($string);
    if($type == 1) $string = str_replace('-','+',$string);
    $ckey_length = 4;
    $key = md5($key);
    $keya = md5(substr($key, 0, 16));
    $keyb = md5(substr($key, 16, 16));
    $keyc = $ckey_length ? ($type == 1 ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : '';
    $cryptkey = $keya.md5($keya.$keyc);
    $key_length = strlen($cryptkey);
    $string = $type == 1 ? base64_decode(substr($string, $ckey_length)) :  sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string;
    $string_length = strlen($string);
    $result = '';
    $box = range(0, 255);
    $rndkey = array();
    for($i = 0; $i <= 255; $i++) {
        $rndkey[$i] = ord($cryptkey[$i % $key_length]);  //$key_length = 64
    }
    for($j = $i = 0; $i < 256; $i++) {
        $j = ($j + $box[$i] + $rndkey[$i]) % 256;
        $tmp = $box[$i];
        $box[$i] = $box[$j];
        $box[$j] = $tmp;
    }
    for($a = $j = $i = 0; $i < $string_length; $i++) {
        $a = ($a + 1) % 256;
        $j = ($j + $box[$a]) % 256;
        $tmp = $box[$a];
        $box[$a] = $box[$j];
        $box[$j] = $tmp;
        $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
    }
    if($type == 1) {
        if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)) {
            $result = substr($result, 26);
            $json = json_decode($result,1);
            if(!is_numeric($result) && $json){
                return $json;
            }else{
                return $result;
            }
        }
        return '';
    }
    return str_replace('+', '-', $keyc.str_replace('=', '', base64_encode($result)));[/php]

when $type is '0', it means to encrypt $string with $key,when $type is '1',it means to decrypt $string with $key.The fourth argument is usually 0.

For example

[php]<?php
$string = '2';
$key = 'mjDZLqSNJEzxg9W';
$encrypt = encode($string,0,$key);
echo "$encrypt -> ".$encrypt;
echo '
';
$decrypt = encode($encrypt,1,$key);
echo "$decrypt -> ".$decrypt;
echo '
';
?>[/php]

So I want to know, in the case of knowing plaintext and ciphertext, can i decrypt the key?
Or, can I forge ciphertext that can be decrypted without knowing the key?

I'd be grateful if you could help me solve this problem!!!!

Well, technically speaking all encryption algorithms can be cracked. That's just how it works. Encryption works most of the time not because it's "uncrackable" but because it would take a really long time to crack it.
To answer your question though, I don't think you can somehow find a sweet spot that you can decrypt anything inside that spot -- you gotta bruteforce.

given enough time and resources anything could be cracked just depends if your willing to wait until the end of the universe or not.

however I did a quick read of the code and it does some stuff with md5 which is already know to be easily crackable.

the algorithm you use is md5 which is very easy to break, regarding the implementation (which I think is what your question refers to) I did not analyze it, but I would tell you that I most likely have several bugs, it is always better to use known implementations and with many eyes on it to have more guarantees.

if im not mistaken this looks like RC4 which is known to be broken in a few ways one being if you know the original plaintext i think. md5 being in the mix here doesnt look good either but im not the best with php

Thank you very much for replying to my questions. After reading everyone's replies, I searched for relevant materials. As summarized below, this algorithm is RC4 algorithm, but the key to generate S-box is different from time to time. Therefore, I can only know one set of ciphertext and plaintext at most. The most important point is that the algorithm has been reported weak IV defects, but no specific attack chain is given. I guess it is caused by "==" of “ if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)) ” . Does everyone have any ideas about it?
Because of my poor programming ability, I wrote a program with very low blasting efficiency. And it's been running for three days now with no results. Can you provide a better program or idea to me? thank you !!!!!!!

(July 15, 2022, 08:50 PM)rtoile Wrote: the algorithm you use is md5 which is very easy to break, regarding the implementation (which I think is what your question refers to) I did not analyze it, but I would tell you that I most likely have several bugs, it is always better to use known implementations and with many eyes on it to have more guarantees.

Could you be more specific? I don't know much about encryption algorithms.

There's no need to over engineer things, go with a simple sha512 or some blowfish hash and you will be ok

(July 15, 2022, 03:04 PM)yuppie Wrote: hey guys! I found an encryption algorithm in a website source which is written by PHP code.
Here is it

[php]
function encode($string, $type = 0, $key = '', $expiry = 0) {
    if(is_array($string)) $string = json_encode($string);
    if($type == 1) $string = str_replace('-','+',$string);
    $ckey_length = 4;
    $key = md5($key);
    $keya = md5(substr($key, 0, 16));
    $keyb = md5(substr($key, 16, 16));
    $keyc = $ckey_length ? ($type == 1 ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : '';
    $cryptkey = $keya.md5($keya.$keyc);
    $key_length = strlen($cryptkey);
    $string = $type == 1 ? base64_decode(substr($string, $ckey_length)) :  sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string;
    $string_length = strlen($string);
    $result = '';
    $box = range(0, 255);
    $rndkey = array();
    for($i = 0; $i <= 255; $i++) {
        $rndkey[$i] = ord($cryptkey[$i % $key_length]);  //$key_length = 64
    }
    for($j = $i = 0; $i < 256; $i++) {
        $j = ($j + $box[$i] + $rndkey[$i]) % 256;
        $tmp = $box[$i];
        $box[$i] = $box[$j];
        $box[$j] = $tmp;
    }
    for($a = $j = $i = 0; $i < $string_length; $i++) {
        $a = ($a + 1) % 256;
        $j = ($j + $box[$a]) % 256;
        $tmp = $box[$a];
        $box[$a] = $box[$j];
        $box[$j] = $tmp;
        $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
    }
    if($type == 1) {
        if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)) {
            $result = substr($result, 26);
            $json = json_decode($result,1);
            if(!is_numeric($result) && $json){
                return $json;
            }else{
                return $result;
            }
        }
        return '';
    }
    return str_replace('+', '-', $keyc.str_replace('=', '', base64_encode($result)));[/php]


when $type is '0', it means to encrypt $string with $key,when $type is '1',it means to decrypt $string with $key.The fourth argument is usually 0.

For example


[php]<?php
$string = '2';
$key = 'mjDZLqSNJEzxg9W';
$encrypt = encode($string,0,$key);
echo "$encrypt -> ".$encrypt;
echo '
';
$decrypt = encode($encrypt,1,$key);
echo "$decrypt -> ".$decrypt;
echo '
';
?>[/php]


So I want to know, in the case of knowing plaintext and ciphertext, can i decrypt the key?
Or, can I forge ciphertext that can be decrypted without knowing the key?

I'd be grateful if you could help me solve this problem!!!!

md5 is cracked but only on paper, the computing power required for this is impractical, unless there is something you can epxloit.

(July 18, 2022, 04:45 PM)jesuslovesu Wrote:

(July 15, 2022, 03:04 PM)yuppie Wrote: hey guys! I found an encryption algorithm in a website source which is written by PHP code.
Here is it

[php]
function encode($string, $type = 0, $key = '', $expiry = 0) {
    if(is_array($string)) $string = json_encode($string);
    if($type == 1) $string = str_replace('-','+',$string);
    $ckey_length = 4;
    $key = md5($key);
    $keya = md5(substr($key, 0, 16));
    $keyb = md5(substr($key, 16, 16));
    $keyc = $ckey_length ? ($type == 1 ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : '';
    $cryptkey = $keya.md5($keya.$keyc);
    $key_length = strlen($cryptkey);
    $string = $type == 1 ? base64_decode(substr($string, $ckey_length)) :  sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string;
    $string_length = strlen($string);
    $result = '';
    $box = range(0, 255);
    $rndkey = array();
    for($i = 0; $i <= 255; $i++) {
        $rndkey[$i] = ord($cryptkey[$i % $key_length]);  //$key_length = 64
    }
    for($j = $i = 0; $i < 256; $i++) {
        $j = ($j + $box[$i] + $rndkey[$i]) % 256;
        $tmp = $box[$i];
        $box[$i] = $box[$j];
        $box[$j] = $tmp;
    }
    for($a = $j = $i = 0; $i < $string_length; $i++) {
        $a = ($a + 1) % 256;
        $j = ($j + $box[$a]) % 256;
        $tmp = $box[$a];
        $box[$a] = $box[$j];
        $box[$j] = $tmp;
        $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
    }
    if($type == 1) {
        if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)) {
            $result = substr($result, 26);
            $json = json_decode($result,1);
            if(!is_numeric($result) && $json){
                return $json;
            }else{
                return $result;
            }
        }
        return '';
    }
    return str_replace('+', '-', $keyc.str_replace('=', '', base64_encode($result)));[/php]


when $type is '0', it means to encrypt $string with $key,when $type is '1',it means to decrypt $string with $key.The fourth argument is usually 0.

For example


[php]<?php
$string = '2';
$key = 'mjDZLqSNJEzxg9W';
$encrypt = encode($string,0,$key);
echo "$encrypt -> ".$encrypt;
echo '
';
$decrypt = encode($encrypt,1,$key);
echo "$decrypt -> ".$decrypt;
echo '
';
?>[/php]


So I want to know, in the case of knowing plaintext and ciphertext, can i decrypt the key?
Or, can I forge ciphertext that can be decrypted without knowing the key?

I'd be grateful if you could help me solve this problem!!!!

md5 is cracked but only on paper, the computing power required for this is impractical, unless there is something you can epxloit.

I don't really agree that it'd be impractical to bruteforce MD5 hashes. Yeah it might not be instant, but it's still extremely fast and definitely doable if it makes any sense to do. I don't know why anyone would use it as there's many better alternatives available (e.g. bcrypt and other "slow hash" functions) and they're just as easy to use.