PDA

View Full Version : New iPod checksum reversed


disavowed
September 17th, 2007, 12:26
Congrats to wtbw, one of our forum members, on getting Slashdotted: http://hardware.slashdot.org/hardware/07/09/17/135205.shtml

JMI
September 17th, 2007, 13:00
Maybe he'll post something here about his efforts and success.

Anyway, congrats wtbw.

Regards,

wtbw
September 17th, 2007, 15:20
Hey guys, thanks for the congrats, but it was a team effort

It turned out to be standard HMAC SHA-1, with a complicated key generation based on the FireWireGUID (unique for each iPod).. perhaps that's some standard function too (involving LCM and a couple of lookup tables to expand to 16 bytes and then SHA-1ing) but it wasn't something I recognized.

There was a lot of arithmetic obfuscation in it too; ollydbg traces logs were very helpful (and probably faster than coding a proper deobfuscator, though less reusable if they change it all...).

Just a fun weekend...

Woodmann
September 17th, 2007, 20:02
wtbw kicks ass .

JMI
September 17th, 2007, 20:07
Even better, he "kicks MATH"!

Regards,

LLXX
September 17th, 2007, 21:13
...and as usual, Slashdot is filled with Apple/anti-Apple arguments...

wtbw, you do know the iPod Nano 2nd-generation firmware is encrypted, right?

There's your next "challenge"