WikiLeaks Posts Mysterious 'Insurance' File

Originally posted by Ahmose

Originally posted by DEATHHAWK008
hello, i know this may be off topic but i downloaded the file but when i try to open it to see if i can possibly do anything against it (probly not but its worth a shot) i get a message " Windows cant open this file: insurance.aes256 to open this file, windows needs to know what program you want to use to open it. windows can go online to look it up automatically, or you can manually select from a list of programs that are installed on your computer." but when i look online i dont find anything, any help or ideas?

You're probably not going to wanna use window$ for that.
a Linux distro. is what youd want.

but, if you didnt already know that,
chances are, even if you had Linux,
the farthest you would get is fed up.

even people who do have some idea can still get nowhere,
the attempts are futile, mate. lol

let's just hope it is really 'juicy'
and the alphabet agencies of the united snakes back off.

if they back off,
the file did what i think it was meant to.
and that is all We need.

so bassicaly even if the password came out because i have windows im still wasting my time?

Originally posted by DEATHHAWK008

Originally posted by Ahmose

Originally posted by DEATHHAWK008
hello, i know this may be off topic but i downloaded the file but when i try to open it to see if i can possibly do anything against it (probly not but its worth a shot) i get a message " Windows cant open this file: insurance.aes256 to open this file, windows needs to know what program you want to use to open it. windows can go online to look it up automatically, or you can manually select from a list of programs that are installed on your computer." but when i look online i dont find anything, any help or ideas?

You're probably not going to wanna use window$ for that.
a Linux distro. is what youd want.

but, if you didnt already know that,
chances are, even if you had Linux,
the farthest you would get is fed up.

even people who do have some idea can still get nowhere,
the attempts are futile, mate. lol

let's just hope it is really 'juicy'
and the alphabet agencies of the united snakes back off.

if they back off,
the file did what i think it was meant to.
and that is all We need.

so bassicaly even if the password came out because i have windows im still wasting my time?

pretty much... As I said in my post, if you don't already know what you are doing just wait for someone else to figure it out. If/when the key comes out just download the decrypted data or follow instructions on how to do it yourself (If someone happens to create such for windows users)


[edit on 2-8-2010 by CommandoJoe]

Originally posted by JBA2848
The key in file is in plain sight.
Salted__Þsïó^9ÚúHS[mÂ?4b /
That is a hidden sector they recorded the key and its encryption in just like on a cd drm sector.
[edit on 2-8-2010 by JBA2848]

Not at all, and you can verify it on your own. So create a file:

echo -n 'Plain text' > in

Encrypt it:

openssl enc -e -aes256 -in in -out enc -pass pass:123

Hexdump the encrypted file:

00000000 53 61 6c 74 65 64 5f 5f 5c 4a 18 9e 30 7a c1 4b |Salted__\J..0z.K|
00000010 76 81 b4 29 8f 99 c6 48 c5 80 ad 29 52 3d 33 b4 |v..)...H...)R=3.|
00000020

ask openssl to dump key/iv and salt, the password you choose is not important for the salt dump:

openssl enc -d -aes256 -P -in enc -pass pass:abc
salt=5C4A189E307AC14B

That was MY salt, keep your somewhere to remeber for later and repeat every step with the same passwords, look at the new salt, it's different.

00000000 53 61 6c 74 65 64 5f 5f ec f9 2e 74 ab ba ae 7a |Salted__...t...z|
00000010 26 d0 f9 32 11 87 40 b8 ea 59 91 14 7d e7 15 b1 |[email protected]..]...|
00000020

The new salt:

salt=ECF92E74ABBAAE7A

Bob and Alice want to know if the cat got shot or not?

second line.

thats a bummer, but i guess i will have to wait untill some figures it out and releases the documents which is hopefully soon. i know im itching to know and im sure everyone else is too. I almost think its nothing serious, like if it was something big than why wouldnt have they just realsed it with the rest of the the stuff and still has his insurance policy posted (with nothing important in it) as a scare tactic, just to make sure they dont take action, unless he knows he will be killed over it.

This is the problem with the encryption and how the key maker in the software is a problem. The key maker is set to one standard and not random or the program would never know how to open it again. The encrpytion of the file is random based on the key that is not random.

The author of a keygen typically uses a disassembler to look at the raw assembly code of the targeted program, checking either the software itself or the installer. Once access has been obtained to the program's code, the location of the subroutine(s) responsible for verifying that the key entered is valid are found. Using this knowledge, the algorithm may be reverse engineered to generate valid keys, which is then incorporated into the keygen.

en.wikipedia.org...

reply to post by DEATHHAWK008


yeah man, pretty much.
I know there are tools you can use in windoze to decrypt files..
but it wont be worth the effort, for sure.

Originally posted by hadriana
Bob and Alice want to know if the cat got shot or not?

Obscure computer science reference much?

Edit to add: Did someone forget to raise their flag??

[edit on 2-8-2010 by misinformational]

Originally posted by misinformational

Originally posted by hadriana
Bob and Alice want to know if the cat got shot or not?

Obscure computer science reference much?

Is that a quantum computer reference?

I don't get it - and the overmind even finds it obscure and did not tell me.

Plz enlighten!

reply to post by TruthMagnet


Be enlightened: books.google.com...

Edit to add: The fun begins in Chapter 1 Section 2

[edit on 2-8-2010 by misinformational]

Originally posted by JBA2848
This is the problem with the encryption and how the key maker in the software is a problem. The key maker is set to one standard and not random or the program would never know how to open it again. The encrpytion of the file is random based on the key that is not random.

The author of a keygen typically uses a disassembler to look at the raw assembly code of the targeted program, checking either the software itself or the installer. Once access has been obtained to the program's code, the location of the subroutine(s) responsible for verifying that the key entered is valid are found. Using this knowledge, the algorithm may be reverse engineered to generate valid keys, which is then incorporated into the keygen.

en.wikipedia.org...

This is not the same as a keygen used to hack your warez... Again, see my previous post, read it again, and just stop, because if you really knew anything about encryption you wouldn't be going off on this tangent... If it was that easy, the government wouldn't use it to encrypt their data.



[edit on 2-8-2010 by CommandoJoe]

Originally posted by spacedonk
I am sure this thread will continue to be about the cracking of the file. But:

1. This cannot be human race changing news otherwise they would have to have released it if you believe their rhetoric.

2. This file claimed as insurance is either:

a. A bluff and contains nothing
b. Seriously incriminating evidence of a threat against life: video and telephone calls at the very least.

bingo, i completely agree. What would be the point of releasing groundbreaking leaks if he dies? I'm willing to bet it is video and audio files (accounts for the size) of death threats so that if he does die it will be released and there will be no question about who killed him. This in itself could create a storm.

reply to post by CommandoJoe

If it was that easy, the government wouldn't use it to encrypt their data.

Exactly!

This isn't your everyday encryption. They use it to protect classified data.

Try guessing a password like: ‘ ^-¼[íñ╜║A“••z↔0■5I - times 40+ more characters long.

reply to post by CommandoJoe


If it wasn't that easy you wouldn't have cracked wares. You wouldn't have copied cds or dvds. You wouldn't have piracy on the internet. Nobody cares when its just a cd, video game or some over priced software. But now the government is coming down on them and those same ones who were ignored are now a problem. The science behind what those crackers were doing is now being turned on the government.

Originally posted by JBA2848
This is the problem with the encryption and how the key maker in the software is a problem. The key maker is set to one standard and not random or the program would never know how to open it again. The encrpytion of the file is random based on the key that is not random.

The author of a keygen typically uses a disassembler to look at the raw assembly code of the targeted program, checking either the software itself or the installer. Once access has been obtained to the program's code, the location of the subroutine(s) responsible for verifying that the key entered is valid are found. Using this knowledge, the algorithm may be reverse engineered to generate valid keys, which is then incorporated into the keygen.

en.wikipedia.org...

Keygenning and gamecopy protections are another matter: due to ATS terms that TheBorg correctly pointed out i'm not going to give you more evidence than to re-read my last sentence.
I know of what you are speaking about.
And its not that.

reply to post by JBA2848


lulz

No I don't think you understand the difference between a game hack, registration hack or a script kiddie backdoor and military grade encryption.
Totally not the same thing and no amount of "hacking" is gonna cut through it.

reply to post by Smack


Aes is used to encrypt everything. Aes was adopted as the standard for encryption. So when windows gets hacked or google gets hacked how do you think they did it. When China hacked Google they hacked the secret recording devices that run all the time. Google only opens them if there is a judges order given. That software was built deep inside googles software with aes encryption. But the Chinese hacked it in a very short time after google showed up with in China. They used the NSAs own secret spying software against them.

Originally posted by Frakkerface

bingo, i completely agree. What would be the point of releasing groundbreaking leaks if he dies? I'm willing to bet it is video and audio files (accounts for the size) of death threats so that if he does die it will be released and there will be no question about who killed him. This in itself could create a storm.

maybe, they did take that dudes cellphones and I don't think ever gave them back. I can't remember the dudes name but he was detained here a few days ago.

reply to post by JBA2848


Please provide a source that claims to have cracked AES 256. I don't believe you.

[edit on 2-8-2010 by Smack]

> Better yet: freedommusic - Could you supply the text of your initial message to WL?

Here is the entire response email w/ my original email quoted.

--------
Hang in the (my name), you almost got it!

Best ones

WikiLeaks

On Sun, Aug 01, 2010 at 11:12:16PM +0100, (my name) wrote:
> > Am I getting closer?
> >
> > --------
> > #AES PASSWORD == ONION
> > $ openssl enc -d -aes256 -in insurance.aes256 > out_ONION_AES.dec
> >
> > #BF PASSWORD == ROUTER
> > $ openssl enc -d -bf -in insurance.aes256 > out_ROUTER_BF.dec
> >
> > #BF PASSWORD == ONION
> > $ openssl enc -d -bf -in insurance.aes256 > out_ONION_BF.dec
> > --------
--------