- The default password for encrypting the HTTP Basic Auth credentials is
#SEFE3ws%1sp2
- SS3 files (spider state files) are encrypted with AES in CBC mode using a key derived from
Application Data\Spider\entropy
- The default salt is
Sp1dERs@alt
, this appears to be reused widely - The default IV is
@deH12NN&1t5D,fF
(or is it@deH12NN&1t5D,fF
?) this is reused everywhere an IV is used - The underlying contents of an SS3 file is an SQLite database
- The password to the SQLite database is approximately (pseudocode, nb: PasswordDeriveBytes provides pbkdf1):
seed = sha1(entropy_file) algorithm = sha1 iterations = 8 key_size = 128 raw_key = PasswordDeriveBytes(seed, salt, algorithm, iterations) key = raw_key[:16]
Last active
April 9, 2019 18:15
-
-
Save maxrp/10a84fb6b9155b1a3d8ef13a4f9bfa13 to your computer and use it in GitHub Desktop.
Things I've learned about CUSpider
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment