[23] | 1 | Bletchley provides a variety of tools that make black box |
---|
| 2 | cryptanalysis easier by taking care of some of the more tedious |
---|
| 3 | engineering challenges. Bletchley is maintained by <a href="http://vsecurity.com/">VSR</a>. |
---|
| 4 | Bletchley is currently in the early stages of development, which means |
---|
| 5 | documentation may be lacking. Contributions are welcome. |
---|
| 6 | |
---|
| 7 | *Contents* |
---|
| 8 | <wiki:toc max_depth="2" /> |
---|
| 9 | |
---|
[32] | 10 | = Installation = |
---|
| 11 | See: <a href="http://code.google.com/p/bletchley/source/browse/trunk/INSTALL">INSTALL</a> |
---|
[23] | 12 | |
---|
| 13 | = Command Line Tools = |
---|
| 14 | |
---|
| 15 | == bletchley-analyze == |
---|
| 16 | |
---|
| 17 | Analyzes samples of encrypted data in an attempt to decode samples to |
---|
[24] | 18 | binary and identify patterns useful in cryptanalysis. The purpose of |
---|
| 19 | the tool is to provide an cryptanalyst with a variety of information |
---|
| 20 | that is useful in determining how a token is encoded, encrypted and |
---|
| 21 | formatted. |
---|
| 22 | <br /> |
---|
| 23 | bletchley-analyze currently performs two primary functions: iterative |
---|
| 24 | encoding detection and ciphertext-only block analysis. Encrypted tokens |
---|
| 25 | are processed in multiple rounds. Within each round, the following |
---|
| 26 | occurs: |
---|
| 27 | <ul> |
---|
| 28 | <li>Token length analysis is performed to attempt to determine possible |
---|
| 29 | ciphertext block sizes, where applicable</li> |
---|
| 30 | <li>The tokens are analyzed for blocks of data that are repeated |
---|
| 31 | throughout any of the tokens</li> |
---|
| 32 | <li>A hexadecimal dump and escaped binary/ascii string is printed for |
---|
| 33 | each token with repeated blocks highlighted</li> |
---|
| 34 | <li>The full set of all known and possible data encodings is |
---|
| 35 | determined<sup>1</sup></li> |
---|
| 36 | <li>An educated guess is made as to the most likely encoding is</li> |
---|
| 37 | <li>All tokens are decoded using the most likely encoding, and then the |
---|
| 38 | process is repeated until no further encodings are detected</li> |
---|
| 39 | </ul> |
---|
[23] | 40 | |
---|
[30] | 41 | `bletchley-analyze` can read from stdin or from a file. Tokens are |
---|
[24] | 42 | delimited with newlines. Various options are provided to give the |
---|
| 43 | analyst control over the block sizes and encoding used during analysis. |
---|
| 44 | See the tool's usage statement for more information. |
---|
[23] | 45 | |
---|
[25] | 46 | As an example, several tokens were encrypted using ECB mode and encoded |
---|
[29] | 47 | using base64, and then percent (URL) encoded: |
---|
[25] | 48 | {{{ |
---|
| 49 | zRW5bHxcRYHHqi0nriqOzg%3D%3D |
---|
| 50 | meU8SyxVHE3Hqi0nriqOzg%3D%3D |
---|
| 51 | vTA9eA4hhbFlktsbYI4hIg%3D%3D |
---|
| 52 | meU8SyxVHE1lktsbYI4hIg%3D%3D |
---|
| 53 | }}} |
---|
| 54 | |
---|
[30] | 55 | These tokens were then fed to `bletchley-analyze`: |
---|
[25] | 56 | <img src="http://bletchley.googlecode.com/svn/wiki/images/bletchley-analyze.png" /> |
---|
| 57 | |
---|
[24] | 58 | 1. <i>Bletchley's blobtools module currently supports 33 encoding variants, |
---|
| 59 | including various forms of hexadecimal, base32, base64, and percent |
---|
[30] | 60 | encodings. Try '`-e ?`' to list them.</i> |
---|
[24] | 61 | |
---|
| 62 | |
---|
[23] | 63 | == bletchley-encode == |
---|
[29] | 64 | A simple tool to encode arbitrary data using a specified encoding chain. |
---|
| 65 | See the usage statement for more information. A quick example: |
---|
| 66 | {{{ |
---|
| 67 | $ echo 'Mallory Is My Friend.' | bletchley-encode -e percent/upper-plus,base64/rfc3548 |
---|
| 68 | TWFsbG9yeSBJcyBNeSBGcmllbmQuCg%3D%3D |
---|
| 69 | }}} |
---|
[23] | 70 | |
---|
[29] | 71 | NOTE: The encoding chain is applied from right to left in order to be consistent with other tools. |
---|
| 72 | That is, one can use the same encoding chain ordering for |
---|
[30] | 73 | `bletchley-encode`, `bletchley-decode`, and `bletchley-analyze`. |
---|
[29] | 74 | |
---|
| 75 | |
---|
[23] | 76 | == bletchley-decode == |
---|
[29] | 77 | A simple tool to decode data using a specified encoding chain. See the |
---|
| 78 | usage statement for more information. A quick example: |
---|
| 79 | {{{ |
---|
| 80 | $ echo 'TWFsbG9yeSBJcyBNeSBGcmllbmQuCg%3D%3D' | bletchley-decode -e percent/upper-plus,base64/rfc3548 |
---|
| 81 | Mallory Is My Friend. |
---|
| 82 | }}} |
---|
[23] | 83 | |
---|
| 84 | == bletchley-http2py == |
---|
[29] | 85 | This script parses an HTTP request (provided via stdin or as a text |
---|
| 86 | file) and generates a Python script that sends (approximately) the same |
---|
| 87 | request. This is useful when one wants to repeatedly send variations of |
---|
| 88 | a request that was observed to be sent by an application or web |
---|
| 89 | browser. For more information, see the script's usage statement. |
---|
[23] | 90 | |
---|
| 91 | == bletchley-nextrand == |
---|
[29] | 92 | A simple program which computes the state of a Java Random class |
---|
| 93 | instance given two sequential outputs of |
---|
[31] | 94 | <a href="http://docs.oracle.com/javase/6/docs/api/java/util/Random.html#nextInt()">`nextInt()`</a>. |
---|
[29] | 95 | For more information, see the usage statement. |
---|
[23] | 96 | |
---|
| 97 | |
---|
| 98 | = Libraries = |
---|
| 99 | |
---|
[32] | 100 | Hint: start with '`pydoc bletchley`'? |
---|
[23] | 101 | TODO |
---|
[29] | 102 | |
---|
[32] | 103 | == blobtools == |
---|
| 104 | TODO |
---|
| 105 | |
---|
| 106 | == CBC == |
---|
| 107 | TODO |
---|
| 108 | |
---|
| 109 | |
---|
| 110 | = Support = |
---|
| 111 | |
---|
| 112 | Having trouble? Submit an issue <a href="http://code.google.com/p/bletchley/issues/list">here</a>. |
---|
| 113 | |
---|
| 114 | |
---|
| 115 | = Contributing = |
---|
| 116 | |
---|
| 117 | We welcome any kind of help with the project, from new tools to bug |
---|
| 118 | fixes and documentation. You might want to start with our |
---|
| 119 | <a href="http://code.google.com/p/bletchley/source/browse/trunk/doc/TODO">TODO</a> |
---|
| 120 | list. To submit a patch, just check out a copy of our Subversion |
---|
[33] | 121 | repository, make your changes, and submit the output of `svn diff` to one of the project leaders. |
---|