AES Finder
==========
Utility to find AES keys in running process memory. Works for 128, 192 and 256-bit keys.
Usage
-----
Open `aes-finder.sln` solution in Visual Studio 2013 to compile source. Alternatively use gcc/clang:
g++ -O3 -march=native -fomit-frame-pointer aes-finder.cpp -o aes-finder
To search for keys in process with id = 123, execute following:
aes-finder.exe -123
To search for keys in any process with name chrome.exe, execute following:
aes-finder.exe chrome.exe
Now you can see what kind of AES keys are used in your favorite application!
### Putty
C:\>aes-finder.exe putty.exe
Searching PID 2180 ...
[0016C904] Found AES-256 encryption key: 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
[0016C9F4] Found AES-256 decryption key: 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
[00AA4540] Found AES-256 encryption key: e2855dae921dba978ffd713e89540101144de13f468fd5da8623608255387dbc
[00AA4720] Found AES-256 decryption key: e2855dae921dba978ffd713e89540101144de13f468fd5da8623608255387dbc
[00AA5458] Found AES-256 encryption key: 892372c26c5601a28e5dd20a64976faa219907c6c9a33a9d1ff3376609bd53f7
[00AA5638] Found AES-256 decryption key: 892372c26c5601a28e5dd20a64976faa219907c6c9a33a9d1ff3376609bd53f7
Done!
### Dropbox
C:\>aes-finder.exe dropbox.exe
Searching PID 2204 ...
[00F5DDE8] Found AES-128 encryption key: e73c856f10e56d8ded0510e964e71b33
... many identical keys
[0363A708] Found AES-128 encryption key: e73c856f10e56d8ded0510e964e71b33
[03710A24] Found AES-128 encryption key: 0e7484bb0230b137eb582bae6ea17e09
[03710C40] Found AES-128 encryption key: 0e7484bb0230b137eb582bae6ea17e09
[03716388] Found AES-128 encryption key: e73c856f10e56d8ded0510e964e71b33
... many identical keys
[03747888] Found AES-128 encryption key: e73c856f10e56d8ded0510e964e71b33
[038721A8] Found AES-256 encryption key: 90e804d380d6c279de1d0373a24010ffcbccb8a177f4fffaaa007fa2b07bbe35
[03872318] Found AES-256 decryption key: 69d292fb3bc5edb2008e2687b40321f01ce1077c0570819ef666f5079b233064
[0388480C] Found AES-128 encryption key: 0e7484bb0230b137eb582bae6ea17e09
[03884A28] Found AES-128 encryption key: 0e7484bb0230b137eb582bae6ea17e09
[03892330] Found AES-256 encryption key: 8843f5b83b0bc88ffefcdc4a6fb1dbec2a2216001d23ef714e3fcad2b106fa4a
[038E6F88] Found AES-256 decryption key: 845e5cd8a07200ed53df003b4524872e5a1b8faa931c285602ef4b091c80a8f6
[038FD6E0] Found AES-128 encryption key: 6108ca5991b2d070ba9109ca92895f5d
[03918310] Found AES-256 encryption key: 55a832a0756807b89d26bfeb2fd0c20affec0444ccc5f8826f1e4c0097bc4961
[0391DD68] Found AES-256 encryption key: 0495d0bc9b05b893ada8eb36c5fbbfefab3cccd4566accbf18c1a078faae970d
[0391DF00] Found AES-256 decryption key: fd4c481f479f9a66677adc42060689d1bb95529b217265fec7664e0fd0e990b2
[0393AB48] Found AES-256 decryption key: 471c720862d7d1329d0a1320a5eaea4ce7a8693ac75e9c732a0c4392aeb3d21e
[039480A0] Found AES-128 encryption key: 6108ca5991b2d070ba9109ca92895f5d
[0394B508] Found AES-128 encryption key: 6108ca5991b2d070ba9109ca92895f5d
[03950418] Found AES-256 encryption key: bbc3ede28857b90389452846e4b80ca5e262ef57ce918ce17c89b6598993faa4
[039E1A24] Found AES-128 encryption key: afde7f5a3184111f877f0e8b61f85ad8
[039E1C40] Found AES-128 encryption key: afde7f5a3184111f877f0e8b61f85ad8
[039F5668] Found AES-256 encryption key: b48ac86c598e3051e1e00f17cb47256c0e6735a694ab3c1282ee9086d38d2647
[039F5870] Found AES-256 decryption key: 9e12c27da800ada221a60112171ac32b7b2c4781a7d45407fc6aaff2800b67d9
[03A0BD18] Found AES-128 encryption key: 6108ca5991b2d070ba9109ca92895f5d
[03A0EA7C] Found AES-256 encryption key: 28ad3cba4b91556825a3f301358901416eb16253b0bc7e43be0303caa53a001e
[03A0EB6C] Found AES-256 decryption key: 28ad3cba4b91556825a3f301358901416eb16253b0bc7e43be0303caa53a001e
[071868B0] Found AES-256 decryption key: 7a1d726b3b7c81a65887e12296d3102ead96a3a71a100fd4c48ccbc421f3d570
Done!
### Chrome
C:\>aes-finder.exe chrome.exe
Searching PID 1792 ...
[08D8302C] Found AES-256 decryption key: c73159441a23df68b292a666a082418048a844813dfe8636126e875204813291
[08D8326C] Found AES-256 encryption key: a85f43b1515c848bcb99a94f8b3ff815bcab2ff37b67954d21231c9744651f80
[08D834AC] Found AES-256 decryption key: 22715913a08a86472a85c711fe7674180c07cc19cc0683e95dd9f0c7526387c6
[08D8446C] Found AES-256 decryption key: 2c7d5043ae8d2800cef6b5fe82776eaaa13a1911f97f15d34172aaf4e0cf1d74
... lot of random keys
[0907326C] Found AES-256 decryption key: 28e941c0801544a85c1832510e935d44a3ae096397bbdeb5eb8608d2b1fcc18f
[090734AC] Found AES-256 encryption key: 4ffc20368848fdc739bb3420cbd5d8333ab6f478ba601309e2bab7db0427047b
[0907392C] Found AES-256 encryption key: f857325597da770d3a4589b5a585671d33221c108aab002c30a181b79c3c99ed
[09073B6C] Found AES-128 decryption key: d5f782a86d7f1e3c403cbe349c2844c1
[09073DAC] Found AES-128 encryption key: cdfb40a1b13d7cfd0f7fd2687848d3de
[09073FEC] Found AES-128 decryption key: ce3be55b440620be4aa73e33c325456f
[0907422C] Found AES-128 encryption key: 1954a522cf12287a245d66786d78bba5
[0907446C] Found AES-128 decryption key: 7972ca8c29805c44bacc6a70691a606d
[090746AC] Found AES-128 encryption key: 266ffef00c92cd372d8dce1436a124d7
[090748EC] Found AES-128 decryption key: 1afa9ef367fe19278cdd7d060b397813
[09074B2C] Found AES-128 encryption key: b7fcd6a9915be8d562f376f8e30b34a3
[09074D6C] Found AES-128 decryption key: 4e150e928eb9f4366c93d7d664b53587
[090F702C] Found AES-128 encryption key: 6f3701e7a085102e9b69ffa1c5a7d52d
[090F726C] Found AES-128 decryption key: 71a46909719d714ebe29e1fb13ba3bc1
[090F74AC] Found AES-128 encryption key: 526d886eaa03c0a7e36918eb741ba4a9
Searching PID 2744 ...
Searching PID 3592 ...
Done!
### Python + PyCrypto
C:\>start python -c "from Crypto.Cipher import AES; a=AES.new('\x42'*24, AES.MODE_ECB); input()"
C:\>aes-finder.exe python.exe
Searching PID 264 ...
[00B84074] Found AES-192 encryption key: 424242424242424242424242424242424242424242424242
[00B84164] Found AES-192 decryption key: 424242424242424242424242424242424242424242424242
Done!
### sshd on Linux
$ sudo ./aes-finder sshd
Searching PID 3307 ...
Searching PID 10428 ...
Searching PID 10430 ...
[0x7fc39b3132d0] Found AES-128 encryption key: df435cfcd8830df858203c0ad2db51ca
[0x7fc39b313450] Found AES-128 encryption key: 0ad922797aba3078841bc298104bb39a
Done!
### iTunes on Mac OS X
$ sudo ./aes-finder iTunes
Searching PID 40912 ...
[0x7fe073e7dd3c] Found AES-128 encryption key: 743554fb48b78d29ad73fbd231373982
[0x7fe073e7de00] Found AES-128 encryption key: 743554fb48b78d29ad73fbd231373982
[0x7fe0758aaa88] Found AES-128 encryption key: dc4b5af0c373c4b3cf1158fe0a42022f
[0x7fe0758aab78] Found AES-128 decryption key: dc4b5af0c373c4b3cf1158fe0a42022f
[0x7fe0758aac6c] Found AES-128 encryption key: 000102030405060708090a0b0c0d0e0f
[0x7fe0758aad5c] Found AES-128 decryption key: 000102030405060708090a0b0c0d0e0f
Done!
Notes
-----
* does not work on whitebox AES keys
* 32-bit binary can search only in 32-bit processes, 64-bit binary can search in both - 32 and 64-bit ones
* "encryption key" means that this key can be used for encryption or decryption
* "decryption key" means that this key most likely is used only for decryption
* on Linux requires at least v3.2 kernel (process_vm_readv syscall)
License
-------
Public Domain. Do whatever you want!
没有合适的资源?快使用搜索试试~ 我知道了~
aes-finder, 在运行过程中,用于查找AES密钥的实用程序.zip
共10个文件
h:4个
filters:1个
gitignore:1个
5星 · 超过95%的资源 需积分: 44 19 下载量 103 浏览量
2019-09-18
08:11:24
上传
评论
收藏 20KB ZIP 举报
温馨提示
aes-finder, 在运行过程中,用于查找AES密钥的实用程序 AES查找器在运行进程内存中查找AES键的工具。 适用于 128,192和 256-bit 键。用法在 Visual Studio 2013中打开 aes-finder.sln 解决方案以编译源代码。 或者使用 gcc/clang:
资源推荐
资源详情
资源评论
收起资源包目录
aes-finder.zip (10个子文件)
aes-finder-master
.gitignore 83B
msvc2013
aes-finder.vcxproj.filters 431B
aes-finder.vcxproj 8KB
os_linux.h 3KB
aes-finder.sln 1KB
README.md 8KB
os_osx.h 3KB
os_windows.h 3KB
aes-finder.cpp 32KB
aes-finder-test.h 16KB
共 10 条
- 1
资源评论
- 丛乐2023-07-27这个实用程序能够帮助我快速找到AES密钥,节省了我很多时间和精力。
- 艾闻2023-07-27这个实用程序对于查找AES密钥非常有帮助,我强烈推荐给需要的人使用。
- 乐居买房2023-07-27使用这个文件,我成功地找到了我需要的AES密钥,感觉非常满意。
- 天使的梦魇2023-07-27这个程序提供了一个方便而简单的方法来查找AES密钥,非常实用。
- 白羊带你成长2023-07-27使用这个文件,我能轻松查找到我需要的AES密钥,真的很简单易用。
weixin_38744270
- 粉丝: 328
- 资源: 2万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 基于Java语言的Zzyl-Together合作智慧养老项目设计源码
- 基于Thinkphp5框架的Java插件设计源码
- 基于Python、JavaScript和Vue的“大道无形,生育天地”主题网站设计源码
- 基于Netty4与Spring、MyBatis等流行框架的轻量级RESTful HTTP服务器设计源码
- 基于Jupyter Notebook的Python与Shell脚本分享设计源码
- 基于Java的Android平台Ecg绘图设计源码
- 基于中国大学MOOC《机器人操作系统入门》的ROS-Academy-for-Beginners设计源码
- open3d-0.15.2-cp38-cp38-win-amd64.whl
- Open3D-v0.17.0-cuda11.1-msvc2019-win64.zip
- IMG_20241105_235746.jpg
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功