Dashboard Articles Playground Discussions More
Follow

Help to decrypt HTML1.1 LOGS

Punkachu
6 years ago | edited 6 years ago

0

I have report containing logs on website I need to decrypt them , do you have any clue ?
And yeah the connection is crypted.
Thanks a lot in advance !

4replies
2voices
1,124views
dloser
6 years ago

0

Yeah.. what you are saying doesn’t really make any sense. I don’t think “HTML1.1 LOGS” are a things. I guess you mean HTTP 1.1 and with logs you probably mean you have captured some packets? And with “crypted” you mean the connection was over SSL/TLS?

Assuming all that, then I guess I have to say that the idea of encrypting stuff is so that others cannot decrypt it. Do you have any reason to believe that it is possible to decrypt it? Are you doing a challenge or were you just snooping on someone?

Punkachu
6 years ago

0

AHAHA ! Dloser you are so clever x )

Yeah ! This is that, I got logs over ssl and I have to found which sensitive datas has been stollen.
I am doing some forensics challege on rootme.
I don’t want the answer I want help one more time.

I guess there must have solution, I know ssl provide a great security but I think I can break this, it is in this form :

192.168.1.23 - - [18/Jun/2015:12:12:54 +0200] “GET /admin/?action=membres&order=QVNDLChzZWxlY3QgKGNhc2UgZmllbGQoY29uY2F0KHN1YnN0cmluZyhiaW4oYXNjaWkoc3Vic3RyaW5nKHBhc3N3b3JkLDEsMSkpKSwxLDEpLHN1YnN0cmluZyhiaW4oYXNjaWkoc3Vic3RyaW5nKHBhc3N3b3JkLDEsMSkpKSwyLDEpKSxjb25jYXQoY2hhcig0OCksY2hhcig0OCkpLGNvbmNhdChjaGFyKDQ4KSxjaGFyKDQ5KSksY29uY2F0KGNoYXIoNDkpLGNoYXIoNDgpKSxjb25jYXQoY2hhcig0OSksY2hhcig0OSkpKXdoZW4gMSB0aGVuIFRSVUUgd2hlbiAyIHRoZW4gc2xlZXAoMikgd2hlbiAzIHRoZW4gc2xlZXAoNCkgd2hlbiA0IHRoZW4gc2xlZXAoNikgZW5kKSBmcm9tIG1lbWJyZXMgd2hlcmUgaWQ9MSk%3D HTTP/1.1” 200 1005 “-” “-”
192.168.1.23 - - [18/Jun/2015:12:13:00 +0200] “GET /admin/?action=membres&order=QVNDLChzZWxlY3QgKGNhc2UgZmllbGQoY29uY2F0KHN1YnN0cmluZyhiaW4oYXNjaWkoc3Vic3RyaW5nKHBhc3N3b3JkLDEsMSkpKSwzLDEpLHN1YnN0cmluZyhiaW4oYXNjaWkoc3Vic3RyaW5nKHBhc3N3b3JkLDEsMSkpKSw0LDEpKSxjb25jYXQoY2hhcig0OCksY2hhcig0OCkpLGNvbmNhdChjaGFyKDQ4KSxjaGFyKDQ5KSksY29uY2F0KGNoYXIoNDkpLGNoYXIoNDgpKSxjb25jYXQoY2hhcig0OSksY2hhcig0OSkpKXdoZW4gMSB0aGVuIFRSVUUgd2hlbiAyIHRoZW4gc2xlZXAoMikgd2hlbiAzIHRoZW4gc2xlZXAoNCkgd2hlbiA0IHRoZW4gc2xlZXAoNikgZW5kKSBmcm9tIG1lbWJyZXMgd2hlcmUgaWQ9MSk%3D HTTP/1.1” 200 1005 “-” “-”

Any clue ?

dloser
6 years ago

0

Well, this is something different entirely. ;)

These are lines from an access log of a web server. There is no SSL (or other encryption) here. It’s an encoding that every hacker should immediately recognise, especially given the last character.

But let’s try to not spoil this challenge in public.

Punkachu
6 years ago

0

ahah !!! Okay I got this !!!!

Thank you so much !!!

You really are the best to make me open my eyes on details x ).

Thanks bro !

Discussion thread has been locked. You can no longer add new posts.
1 of 5

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss