Mega.nz Decryption Key Generator

If you are here to crack Maga's confirmation link challenge, you should know that it will cost more in energy usage than what they will pay you. Since they only gave that link so that they could say 'see no one can crack this'. **IF** it is even remotely crackable it is a sentence or at least eight random words. My guess is it is output from /dev/urandom or someone smacking the keyboard for a minute.

MegaCracker v0.2a multi threaded and fixed a few bugs. Don't use the long parameter name with an equal sign. There's an off by one bug --input=asdf looks for a file named '=asdf'. Also --hash=... will process the hash wrong and won't crack it. On a i7-2600 I get 4820 c/s (single hash and 100 hashes) without precomputed data and 4.59 Mc/s (single hash) and 317 Kc/s (100 hashes) with precomputed data.

MegaHash List I precomputed some passwords so you can crack these faster.

Generate/Analyze

Email:
Password:

What's new in IE Password Decryptor 11. Run decryptSTOPDjvu. Cryp1 files encrypted by virus for free. Pgp encryption, decryption tool, online, free, simple PGP Online Encrypt and Decrypt. Nz premium link generator, mega. MegaFS, a FUSE filesystem wrapper for Mega. Decrypt tool Encrypts a string using various. Mega.nz Decryption Key Generator - domebrown domebrown780.weebly.com. The creator of the tool, an easily installed. Mega.nz Decryption Key Generator Download. Your data is encrypted by you before upload to our system and therefore.

Password key:N/A
Master key:N/A
Confirmation Link Hash:N/A
Confirmation Link Hash (for MegaCracker):N/A
Login Hash:N/A

Confirmation Link:
Password (optional):

Hex:N/A
Master key:N/A
Encrypted master key:N/A
Password hash:N/A
Unknown:N/A
Email:N/A
Spacer:N/A
Name:N/A
Unknown:N/A

Info

There is your password, password key, master key, confirmation link hash, and login hash. To derive your password key you do (65536 * (passwordLength + 15) / 16) rounds of AES128 encryption. The master key is generated randomly and is AES128 encrypted with your password key and stored at Mega. The hash found in the confirmation link is 64 bits of random data and 64 bits of zeros AES128 encrypted with your password key. The login hash is your email address compressed with xor, encrypted 16,384 times with your password key, and truncated to 64 bits.

'str_to_a32()' is not Unicode safe. This is used to convert your password into an array of 32 bit numbers. This limits the key space since Unicode character values larger than 255 leak over. So passwords 'bĀ' and 'cĀ' are equivalent (Ā is U+0100). Not as bad as $2x$ but still not good.


The confirmation link hashes are salted, but they are salted after key stretching which means it's really fast when you look at many users.
Attacking the confirmation links:

Generator
UsersProperly SaltedMegaDifference
165,53765,537Same
10655,37065,54610.0x
1006,553,70065,63699.8x
1,00065,537,00066,536985x
10,000655,370,00075,5368,680x
100,0006,553,700,000165,53639,600x
1,000,00065,537,000,0001,065,53661,500x

Note that 'properly salted' and 'Mega' columns are number of rounds of AES128. Note you can sort of compare PBKDF2 to Mega's KDF by looking at the 'difference' column. If you were to tuned PBKDF2 to take the same amount of time as Mega's KDF. Although there are speed differences depending on the platform of the cracking rig.


Good news is that the login hashes are salted in the middle of key stretching.
Attacking the login hashes (assuming they don't do any server side hashing):

UsersProperly SaltedMegaDifference
181,92081,920Same
10819,200229,3763.57x
1008,192,0001,703,9364.81x
1,00081,920,00016,449,5364.98x
10,000819,200,000163,905,5365.00x
100,0008,192,000,0001,638,465,5365.00x
1,000,00081,920,000,00016,384,065,5365.00x

Bad news is the login hashes are much harder than checking a file.
Attacking the files:

UsersProperly SaltedMegaDifference
165,53765,539Same
10655,37065,56610.0x
1006,553,70065,83699.5x
1,00065,537,00068,536956x
10,000655,370,00095,5366,860x
100,0006,553,700,000365,53617,900x
1,000,00065,537,000,0003,065,53621,400x

Hey it could be worse they could be like LastPass¹:

UsersProperly SaltedMegaLastPass
1xx1
1010*x10+x10
100100*x100+x100
1,0001,000*x1,000+x1,000
10,00010,000*x10,000+x10,000
100,000100,000*x100,000+x100,000
1,000,0001,000,000*x1,000,000+x1,000,000

¹ LastPass can throw an error that tells the client to send a salted double SHA256 of your password. 'SHA256(SHA256_lower_case_hex(email + password) + password)' to be exact.
² 'x' is the hardness of the key stretching.
³ Mega uses AES and LastPass uses SHA256. On CPUs, 1x AES is 8.7x faster than 3x SHA256 (benchmarked with Q9300). With less than 8,500 users LastPass is weaker otherwise Mega is weaker. On GPUs 1x AES is roughly 1.5x faster than 3x SHA256. With less than roughly 100,000 users LastPass is weaker otherwise Mega is weaker.

RSA(Rivest-Shamir-Adleman) is an Asymmetric encryption technique that uses two different keys as public and private keys to perform the encryption and decryption. With RSA, you can encrypt sensitive information with a public key and a matching private key is used to decrypt the encrypted message. Asymmetric encryption is mostly used when there are 2 different endpoints are involved such as VPN client and server, SSH, etc.

Below is an online tool to perform RSA encryption and decryption as a RSA calculator.

For Java implementation of RSA, you can follow this article.

First, we require public and private keys for RSA encryption and decryption. Hence, below is the tool to generate RSA key online. It generates RSA public key as well as the private key of size 512 bit, 1024 bit, 2048 bit, 3072 bit and 4096 bit with Base64 encoded.

By default, the private key is generated in PKCS#8 format and the public key is generated in X.509 format.

Generate RSA Key Online

Public Key

RSA Encryption and Decryption Online

Below is the tool for encryption and decryption. Either you can use the public/private keys generated above or supply your own public/private keys.

Any private or public key value that you enter or we generate is not stored on this site, this tool is provided via an HTTPS URL to ensure that private keys cannot be stolen.

This tool provides flexibility for RSA encrypt with public key as well as private key along with RSA decrypt with public or private key.

If You Appreciate What We Do Here On Devglan, You Can Consider:

  • Like us at: or follow us at
  • Share this article on social media or with your teammates.
  • We are thankful for your never ending support.

Usage Guide - RSA Encryption and Decryption Online

In the first section of this tool, you can generate public or private keys. To do so, select the RSA key size among 515, 1024, 2048 and 4096 bit click on the button. This will generate the keys for you.

For encryption and decryption, enter the plain text and supply the key. As the encryption can be done using both the keys, you need to tell the tool about the key type that you have supplied with the help of radio button. By default, public key is selected. Then, you can use the cipher type to be used for the encryption. The different cipger options are RSA, RSA/ECB/PKCS1Padding and RSA/ECB/OAEPWithSHA-1AndMGF1Padding. Now, once you click the encrypt button the encrypted result will be shown in the textarea just below the button.

Decryption Error Mega

Remember, the encrypted result is by default base64 encoded.

Similarly, for decryption the process is same. Here, you need to enter the RSA encrypted text and the result will be a plain-text. You have both options to decrypt the encryption with public and private keys.

  • References

Mega.nz Decryption Key Generator Activation

Mega.nz Decryption Key Generator

Enter Decryption Key

Please enable JavaScript to view the comments powered by Disqus.

Mega.nz Decryption Key Generator Tool

Other Free Tools