Without use of MAC, it’s easy to mess with the IV to change the result of “successfully decrypting” ciphertext.
First, create some plaintext:
echo Give Eve \$500 > plaintext.dat
cat plaintext.dat
Give Eve $500
And examine a hex dump of the file, too:
od -x plaintext.dat
0000000 6947 6576 4520 6576 2420 3035 0a30 0000016
Now, encrypt the file:
openssl enc -aes-128-cbc -iv 00000000000000000000000000000000 -pass pass:hunter2 -in plaintext.dat -out ciphertext.dat
And examine a hex dump of the file:
od -x ciphertext.dat
0000000 6153 746c 6465 5f5f 016e 23d6 26d4 d3eb 0000020 eb89 ff1c cce9 8e02 6597 63a8 84db 1b2e 0000040
Check out the file can be decrypted:
openssl enc -d -aes-128-cbc -iv 00000000000000000000000000000000 -pass pass:hunter2 -in ciphertext.dat
Now, muck around with the IV!
openssl enc -d -aes-128-cbc -iv 00000000000000000000030000000000 -pass pass:hunter2 -in ciphertext.dat
Give Eve $600
openssl enc -d -aes-128-cbc -iv 00000000000719070000030000000000 -pass pass:hunter2 -in ciphertext.dat
Give Bob $600