Find out Encryption

[gigaman]

Yes, try KANAL plugin for PEiD.
However, it works differently than you expected. It scans the file for known constants, strings etc. - thus identifying the algorithm. No encryption/decryption takes place.

[bukkake]

There is also "Crypto Searcher" by x3chun, you can find it here hxxp://x3chun.wo.to/

I think there has no such mothed to find out the encryption.
First. there has so many encryptions include user define encryption that you even cann't know.
Second. encryptions just convert a binary stream to another. It has no feathers in it.

Maybe you can get some clue by the binary stream. But it is very difficult and not exactly.

[gigaman]

True, there's an infinite number of encryptions - but the real applications often use "standard" ones, possibly even using common libraries.

If u really want to try out some of the common cryptos,
try it with Cristals Crypto Tool or Cryptool (hxxp://www.cryptool.de/)

[CrackZ]

Hiya,

I recommend to everyone Cryptobench v1.0 as a great tool for testing out encryption methods, especially if you are fishing for which algorithm it might be ;-).

Generally I've found its better to either look up any constants (usually found in an initialisation function) or look up the first 4 chars of any lookup tables used in your mystery algorithm to discover if its a known crypto.

Of course you could also just compile a few examples using Crypto++ or Miracl and have a look at what various methods look like in ASM, bignum code is quite easy to identify once you've seen it a few times.

Regards

CrackZ.