Fencry is a Experimental Iterative Hash based Encryption Algorithm

F-Encry is a simple Iteration symetrics Hash based Encryption algorithm, where is the Decryption key are using Encrypted value itself. Idea behind is inspired by Money Heist, Mr. Robot, & Women Entropy.

Zuhri

December 7, 2025 | 6 min reads

Introduction #

F-Encry is a simple Iteration symetrics Hash based Encryption algorithm, where is the Decryption key are using Encrypted value itself. These Keys are not part of seclists or other gigantic wordlist, its generate by value itself.

F-Encry inspired by Money Heist, Mr. Robots, and Women Entropy. You can try it by yourself on github repo.

   _____     _____
  |   __|___|   __|___ ___ ___ _ _
  |   __|___|   __|   |  _|  _| | |
  |___\ v0.1|_____|_|_|___|__\\_  |
                        /_________|
  infosec [at] zphr.xyz
  [Iteration Hash based Encryption]

Base Evidence #

Lets say you own locked door and 5 key, but there is just one key valid! to open this door you need to “bruteforce” or guess it using 5 key, then you trying with 1key/second! the worst scenario is you need 5 second because the valid key is the last one. It is too easy if we pretend as a badguy perspective, but what if we give it additional terms to make it harder. To make these key usable we need to open this key using the other key, but this key generate by key itself.

Back to the our locked door, lets say we need 5 second to open the door using 5 key, but now (term applied)! to open the door we need to use 5 “other” key to make 5 key before are usable, because the other keys are generated by key itself. Now we’re not just bruteforcing the door, but we need to bruteforcing these keys using key itself. So, worst scenario is we need to open these key within 25 second for keys + 5 second for our locked door to successfully open the door!

Its a 5 key, but can you imagine what if the key is 10, 100? 1.000? 10.000.000? or even infinity? (utopia ofcourse) that inventions. Then what if one of those key got damaged? if one or more of those keys are damaged, there is no plan B because these key are generate by itself, because it generated by itself they need each other (interconnecting).

F-Encry Demo #

How to Encrypt #

graph LR;
    startEncryption-->inputValue;
    inputValue-->computeHash;
    computeHash-->check;
    check--yes-->increment;
    check--not-->maxIteration;
    increment-->computeHash;
    maxIteration-->outEncrypted;
    outEncrypted-->ended;

$ val=".";time for i in {1..1001}; do val=$(printf "%s" "$val" | md5sum | awk '{print $1}'); echo "$val"; done | tee wlt.txt | sort -r | head -n 1 | base64 | tee key.txt

Its called one liner of code, this code will generates a hash value from val variable, and passthrough the value into loop process for x times, but in cases we use 1001 times. Then the 1001 hash lists will generates by val variable, and then these list (keys) are use to convert its own key to become or reverse to default val variable.

val value contain just . (dot).
time to calculate how many times is it to generate whole keys.
for loop, the iteration of this algorithm.
awk to delimited the output.
tee to passthrough the output into file.
sort to reverse sorting, and grep the last line.
head capture just 1 lines.

ZmZmYTQ4Yjc4ODcyZjg5Mzk1MzQ0YmUyYzBmMjMxNGYK

real	0m14.110s
user	0m9.291s
sys	0m15.464s

$ ls wlt.txt key.txt -lah
-rw-r--r-- 1 root root  45 Dec  8 17:34 key.txt
-rw-r--r-- 1 root root 33K Dec  8 17:34 wlt.txt

$ wc -l wlt.txt
1001 wlt.txt

key.txt is ZmZmYTQ4Yjc4ODcyZjg5Mzk1MzQ0YmUyYzBmMjMxNGYK, generate by base64 encode that encoding the last hash.
wlt.txt list of output, that contain fully of key are need by the value.

And then lets see our key that have generate by itself.

┌[ user@lnxs: f-encry ]
└$ cat wlt.txt | sort -r | head -n10
fffa48b78872f89395344be2c0f2314f
ffd9053c6820e66c28c90d666f9a3f88
ff62a592e555cd64e4b11f72385f21b4
ff44494ba6aa2e40a6f98f98ad4cb55d
fee83d5d4302aa5ef18f50d5d936fcd8
fe9577bbd8164167564ed45fa45c7145
fe8e3dd4031e67f358e3f87e7dc52e01
fd824fb5813833b0b54450f34a7d6969
fd482a4828879f1493522adee37bb056
fd2d506e82809676288701f6a5813aa6
┌[ user@lnxs: f-encry ]
└$ cat key.txt
ZmZmYTQ4Yjc4ODcyZjg5Mzk1MzQ0YmUyYzBmMjMxNGYK
┌[ user@lnxs: f-encry ]
└$ grep -r `cat key.txt | base64 -d`
wlt.txt:fffa48b78872f89395344be2c0f2314f

How to Decrypt #

graph LR;
    startDecryption;
    startDecryption-->loadValue;
    loadValue-->check;
    check--not-->fail;
    check--yes-->success;
    success-->outDecrypted;
    outDecrypted-->check2;
    check2--not-->loadValue;
    check2--yes-->ended;

Lets try to reverse or crack this algorithm, using hashcat.

┌[ user@lnxs: f-encry ]
└$ cat key.txt | base64 -d | tee last.hash
fffa48b78872f89395344be2c0f2314f
┌[ user@lnxs: f-encry ]
└$ hashcat -a 0 -m 0 last.hash wlt.txt --show
fffa48b78872f89395344be2c0f2314f:4bbe15e9323101d5b14d8a90e3a2c5d2

Lets see how it generated and interconnected by itself.

┌[ user@lnxs: f-encry ]
└$  hashcat -a 0 -m 0 wlt.txt wlt.txt --show | wc -l
1001
┌[ user@lnxs: f-encry ]
└$ cat wlt.txt | md5sum | awk '{print $1}'
674caa962d4312c7210636cca346b459

What about if there is damaged or lost on those key? Lets give it try.

┌[ user@lnxs: f-encry ]
└$ cat wlt.txt | md5sum |awk '{print $1}'; wc -l wlt.txt
86797c6a6f81b5a817520ef10ee6a690
1000 wlt.txt

I make changes into this file, and lets see how the hashcat perform!

┌[ user@lnxs: f-encry ]
└$ hashcat -a 0 -m 0 wlt.txt wlt.txt --left
Hashfile 'wlt.txt' on line 1 (.8dd39384bbc8071086d720db7fe7f523): Token length exception

* Token length exception: 1/1000 hashes
  This error happens if the wrong hash type is specified, if the hashes are
  malformed, or if input is otherwise not as expected (for example, if the
  --username option is used but no username is present)

┌[ user@lnxs: f-encry ]
└$ hashcat -a 0 -m 0 wlt.txt wlt.txt --show | wc -l
1006
┌[ user@lnxs: f-encry ]
└$ wc -l wlt.txt
1000 wlt.txt

As you can see, if there any changes apply into those file there is no will valid anymore. We just have 1000 hash, but it return 1006 and hashcat complaining about line 1 on those list, because it changed and 1 list have removed.

Now, where is the default value?? the . (point/dot). We just remove the first line of key, maybe it a default. Lets regenerate!

┌[ user@lnxs: f-encry ]
└$ val=".";for i in {1..1001}; do val=$(printf "%s" "$val" | md5sum | awk '{print $1}'); echo "$val"; done | tee wlt.txt | sort -r | head -n 1 | base64 | tee key.txt
ZmZmYTQ4Yjc4ODcyZjg5Mzk1MzQ0YmUyYzBmMjMxNGYK
┌[ user@lnxs:f-encry ]
└$ echo . | tee dot.txt
.
┌[ user@lnxs: f-encry ]
└$ cat dot.txt
.
┌[ user@lnxs: f-encry ]
└$ hashcat -a 0 -m 0 wlt.txt dot.txt --potfile-disable --quiet
5058f1af8388633f609cadb75a75dc9d:.
┌[ user@lnxs: f-encry ]
└$ grep "5058f1af8388633f609cadb75a75dc9d" -r
wlt.txt:5058f1af8388633f609cadb75a75dc9d

Its a return 5058f1af8388633f609cadb75a75dc9d:. (dot/point) or the default input value.

If you want to see those keys are generated, you can check over this zphr.xyz URL. Need proof? do it your self!

Conclusion #

	graph LR;
	F-Encry --> wholeKeys;
	wholeKeys --> F-Encry;

Those demos are demonstrated with available key lists, but what if there is no key available? and how many loop they are implement? what if there applying self damages to his own keys?

Thats is F-Encry invented, F-Encry really depends on whole its own keys, if keys got damaged or loss there is no recoverable plan. A simple Iteration symetrics Hash based Encryption algorithm, F-Encry.

←

Performing SAST on Dlink DIR-1253 Firmware (White version)

Human Slavery and Artificial Intelligence Dillema

→