Home/ Questions/Q 8038147
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T03:08:19+00:00

I have a file with encrypted credentials with RC4, The piece of code in

  • 0

I have a file with encrypted credentials with RC4,
The piece of code in charge to write such credentials to the file is the following:

sub dummyFunction() {
    # Useless stuff for the scope of the problem
    # ...
    my $dbHost = "localhost";
    my $passphrase = "123"; # For example purposes, logic is different.
    my $cipher = Crypt::RC4->new($passphrase);
    return unpack('H*',$cipher->RC4($dbHost));
}

So that piece of code would return something like: 3F9FDCE3891C6B8851
but if I try the following:

sub anotherDummyFunction() {
    my $ciphered_text = &dummyFunction();
    my $passphrase = "123";
    my $cipher = Crypt::RC4->new($passphrase);
    print $cipher->RC4(pack('H*',$ciphered_text));
}

I am expecting to see localhost but instead, I get a bunch of bytes, so how would I get back the original text?

I already checked with a RC4 decryptor online, with my passphrase and my hex encoded string and the RC4 decryptor online does return localhost so I am sure that the encrypted string is right.

Thanks!

P.S.: The above example works in an isolated environment, but when it comes to my script it doesn’t. I cannot get back the original string.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If anyone encounters this again:

    If you have something like:

    TEST.PL

     #!/usr/bin/perl
 use strict;
 use warnings;
 use Crypt::RC4;

 my $cipher = Crypt::RC4->new("passphrase123");
 print unpack('H*',$cipher->RC4("encrypt-me"))."\n";
 print unpack('H*',$cipher->RC4("encrypt-me"))."\n";

    You will notice that you’ll end up with two different encoded strings:

     ./test.pl
 25d2aa557cccc3951074
 1e87a5db7830a0b1cabd

    In order to avoid this behavior I did:

    undef $cipher

    Right before trying to encrypt another string, and then instantiated the object again.

    If you try this:

     my $cipher = Crypt::RC4->new("passphrase123");
 print unpack('H*',$cipher->RC4("encrypt-me"))."\n";
 undef($cipher);
 $cipher = Crypt::RC4->new("passphrase123");
 print unpack('H*',$cipher->RC4("encrypt-me"))."\n";

    You’ll get the same string:

    ./test.pl
25d2aa557cccc3951074
25d2aa557cccc3951074

    this can also be wrapped in subprocedure, to avoid defining and undefining the object over and over.

    sub encryptString()
{
    my ($string,$passphrase) = @_;
    my $cipher = Crypt::RC4->new($passphrase);
    return unpack('H*',$cipher->RC4($string));
}
    • 0