From Collaborative RCE Tool Library
Crypto Tools
| Tool name: | SnD Reverser Tool |
| ||
|---|---|---|---|---|
| Author: | Loki & PuNkDuDe | |||
| Website: | http://www.tuts4you.com/forum/index.php?showtopic=13596 | |||
| Current version: | 1.4 (beta 2) | |||
| Last updated: | March 2008 | |||
| Direct D/L link: | N/A | |||
| License type: | Freeware | |||
| Description: | A crypto utility tool, with many features. Hashes include: + Adler32 + Crc16, Crc32, Crc32b + GOST + Panama + MD2, MD4, MD5 + SHA0, SHA1,SHA256, SHA384, SHA512 + RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320 + Tiger + Whirlpool + HAVAL 128/160/192/240/256 with 3/4/5 rounds Encryptions: + Blowfish + Twofish + RC2, RC4, RC5, RC6 + TEA, xTEA, xxTEA + UUCode & XXCode + AES/Rijndael + Cast128, Cast256 + DES, Triple DES, DESNew + Mars + Skipjack Base Conversions include: + Base2(Binary) + Base10(Decimal) + Base16(Hexadecimal) + Base32 + Base64 + hex input to Base32 + hex input to Base64 Other Functions: + URLEncode and URLDecode + Reverse String + Uppercase + Lowercase + String ROT + String XOR + Caesar Bruteforce Misc Tools: + PE File Crypto Scanner + Disabled Control + Flexible Hash Bruteforcer + Memo Tool (to keep track of current workings) + 512bit Calculator + Hash modification for hashes with dword sized initialisation vectors. History: -------- 14.03.08 : SND Reverser Tool 1.4beta2 : Public Release New Functions: + Panama Hash (Thanks UFO-Pu55y) + GOST Hash (Thanks UFO-Pu55y) Fixes * thanks to syk071c who reported and then fixed a bug in the Blowfish encryption. * fixed crash with UUDecode when entering a single byte (thanks UFO-Pu55y for the report). * fixed crash in 512bit calculator when trying to bswap an empty input. 18.01.08 : SND Reverser Tool 1.3 : Public Release Fixes: * minor bug fixes for the public build. 17.01.2008 : SND Reverser Tool 1.2.2 : Private Release New Tools: + Improved Flexible Hash Bruteforcer + Added basic hash modification code for hashes with dword sized initialisation vectors. Others may follow later if we get requests to include them. 11.01.2008 : SND Reverser Tool 1.2.1 : Private Release New Tools: + Flexible Hash Bruteforcer 20.09.2007 : SND Reverser Tool 1.2 : Public Release New Tools: + Memo Tool (to keep track of current workings) + 512bit Calculator 06.09.2007 : SND Reverser Tool 1.1 : Public Release Fixes: * Removed alpha blend option to enable the tool on Win98 29.08.2007 : SND Reverser Tool 1.0 : Public Release + minimise to tray option + minor GUI changes and fixes | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | SnD Crypto Scanner (Olly/Immunity Plugin) |
| ||
|---|---|---|---|---|
| Author: | Loki | |||
| Website: | http://www.tuts4you.com/forum/index.php?showtopic=15447 | |||
| Current version: | 0.5 (beta) | |||
| Last updated: | March 2008 | |||
| Direct D/L link: | N/A | |||
| License type: | Freeware | |||
| Description: | A scanner for crypto signatures as an Olly/Immunity Plugin: (Following text from the forum thread) Been coding this for a while and now kinda got bored with it so releasing it as a beta. Sure I'll go back to it again later... just need to do something else now. Hopefully you will find this useful - the advantage of having it as a plugin means that breakpoints can easily be set where required, and signatures can be located quickly. Setting Breakpoints: The buttons try and use a little bit (not much :P) intelligence when setting breakpoints. In the data section, "hardware on access" or "memory access" breakpoints are set on the specific VA referenced. In the code section, a 'hardware on execution' breakpoint is set at the beginning of the disassembled line the referenced dword is on. Hope that makes a little sense :) Limitations: Signatures are either made up of dwords or byte sequences. This gives 2 main weaknesses: - some algorithms use similar dwords, distinguishing between them is not always simple. - the algorithm finds the first instance of a given dword in a signature. If you have code which has multiple algorithms which use some of the same dwords, the referenced VA will always point to the first instance in the file. Without doing some in depth analysis, its impossible to determine which algorithm uses a specific instance of a dword. This tool is therefore only going to make analysis a little easier, not do it for you. Future Development: Currently the plugin uses the plugin API to get the current file name and then reads it into allocated memory. It does not read memory inside Olly. This means packed files will need to be unpacked and the unpacked instance debugged. In future I plan to give an option to either scan the file or memory (perhaps even a specified memory range). If you have an idea for development, want to add signatures or just want to tell me how crap this is, please go for it :) | |||
| Also listed in: | OllyDbg Extensions | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
