charlie
November 30th, 2012, 10:03
When we are reversing a malware, a binary file or a config file many experienced quickly say what its encrypted with , for example usually its 'RC4' encryption algorithm. Is this something which comes with experience or is it based on the pattern of the op code/bytes or is there a tool find the algorithm. How can we tell the encryption algorithm ? I know that certain standard encryption algorithms like blowfish, aes etc leave markers and typical signs , the one i'm usually wondering about is 'RC4' , how to find them. Can anyone share their knowledge about this ?
Thanks
Charlie
Thanks
Charlie