• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • FREE webinar: What does a post IR35 reform CV look like? : Wed, Jul 28, 2021 7:15 PM - 8:15 PM BST More details here.

Unencrypting encrypted text

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    #31
    Originally posted by Dark Black View Post
    In fact, Googling each of those encrypted values comes up with (different) dealer websites referencing the correct type of car for matching reg.

    Assumption then is that you're working on car dealer database software or similar?
    Looks like it.

    The assumption then being that there has to be a way to get from the encrypted string used to identify the cars without using the Reg Number, back to the Reg Number.

    At this point Minnie tells us that the bit thats fecked and needs fixing.
    "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.

    Comment


      #32
      Originally posted by minestrone View Post
      4ZRxfz6IfsY=
      Google search produces Used Mitsubishi Lancer Saloon 2.0 Evo Ix Mr Fq-360 4dr in Birmingham, West Midlands | Wynford Specialist Motors Limited

      This is part of the source.
      <ul class="vehicle-data">
      <li class="advert-id">201507175279784</li>
      <li class="year">2007</li>
      <li class="reg">07</li>
      <li class="price">&pound;17,495</li>
      <li class="depositAmount">3499</li>
      <li class="vehicleMileage">58,000</li>
      <li class="vehicleType">Cars</li>
      <li class="make">MITSUBISHI</li>
      <li class="registration">4ZRxfz6IfsY=</li>
      </ul>


      This indicates to me that the decryption algorithm is widely available. Or that they're all using the same bit of software.
      Down with racism. Long live miscegenation!

      Comment


        #33
        Originally posted by NotAllThere View Post
        Google search produces Used Mitsubishi Lancer Saloon 2.0 Evo Ix Mr Fq-360 4dr in Birmingham, West Midlands | Wynford Specialist Motors Limited

        This is part of the source.
        <ul class="vehicle-data">
        <li class="advert-id">201507175279784</li>
        <li class="year">2007</li>
        <li class="reg">07</li>
        <li class="price">&pound;17,495</li>
        <li class="depositAmount">3499</li>
        <li class="vehicleMileage">58,000</li>
        <li class="vehicleType">Cars</li>
        <li class="make">MITSUBISHI</li>
        <li class="registration">4ZRxfz6IfsY=</li>
        </ul>


        This indicates to me that the decryption algorithm is widely available. Or that they're all using the same bit of software.

        The bottom of each page says "Powered by Auto Trader", so it's all the same software.


        Does the OP work for Auto Trader, or are they trying to reverse engineer the AT code?


        ...this might help (haven't read it, but it was one of the first hits when I googled "auto trader source code":
        http://www.mpgh.net/forum/showthread.php?t=605049
        Last edited by WTFH; 18 August 2015, 08:13.
        I'm perfect, in a very specific and limited way.
        Hands... out infractions
        Face... the music
        Space... between the ears

        Comment


          #34
          Originally posted by WTFH View Post
          ...this might help (haven't read it, but it was one of the first hits when I googled "auto trader source code":
          AutoTrader source code - MPGH - MultiPlayer Game Hacking & Cheats
          Code:
          print '$numberOfPotionsIAmOffering:' . $numberOfPotionsIAmOffering . ' $numberOfPotionsBuyerIsOffering:' . $numberOfPotionsBuyerIsOffering . "\n";
             	 if($numberOfPotionsIAmOffering==0 && $numberOfPotionsBuyerIsOffering>=1){
             	  print "\t" . 'I GIVE NO POTION ... YOU GIVE 1+ POTION ... WE GOT A DEAL ... ;-))' . "\n";
             	  $bool_acceptTrade=1;
          Nice try, but...

          I think it's clear that the field is base64 encoded representation of the encrypted car reg:

          Code:
          "DL13 UHU" -->  33 0f b0 da 3e 42 2c 17 --> Mw+w2j5CLBc=
          "AE07 GVD" -->  e1 94 71 7f 3e 88 7e c6 --> 4ZRxfz6IfsY=
          "PJ56 EDU" -->  21 81 37 d4 cf ac c7 91 --> IYE31M+sx5E=
          "YT51 YZM" -->  ab c1 17 76 04 17 a0 e8 --> q8EXdgQXoOg=
          The term 'encrypted' could be use loosely, but I would say it is not a simple obfuscation. So you need to guess the algorithm (e.g. rc2/des/aes/?) and the key and you still don't know if obfuscation was on top. Without any source code for hints it's a pretty tall order.

          Comment

          Working...
          X