PDA

View Full Version : New project: RSA-65 analysis on GetDataBack for NTFS


Lbolt99
July 26th, 2002, 14:43
This next project, I will be doing in a similar style as the CacheX project: Basically, there is already a keygen (by Ivanopolus of DAMN) for GetDataBack for FAT, but none for the NTFS version. They are both at the 2.x revision releases.

So I will be ripping apart GetDataBack for FAT, and the keygen, to understand the cryptography involved and see how it was done, then look at the NTFS version and try to keygen based on the knowledge obtained from the FAT version and keygen analysis.

There's no other info in the NFO file as to how it was cracked. I picked this target because a) want to learn a different crypto system b) small bit-count (any relevence?) c) keygen exists for "sister" software, like with CacheX.

Based on other info, I think a weak prime number generator might have been involved, but we'll see.

foxthree
July 26th, 2002, 16:44
Just a tip: I believe AdamA posted somewhere here about GetDataBack. It is RSA-65, if I recall correctly (too lazy to search )

All the best and hoping to see your work

Signed,
-- FoxThree

<Edited>

Shit Lbolt! Sorry! Forgot to pay attention to your subject line. [To Self: Hmm... I'm really getting old]. Sorry once again.

GodsJiva
July 29th, 2002, 00:51
DAMN released a keygen for NTFS GetDataBack 2.0 in May, at the same time as the FAT version. And it works :-)

AdamA
July 29th, 2002, 11:35
Hi,

I looked at the version 1.05, they did not change the registration keys in 2.0.
GetDataBack uses RSA like the most RSA based schemes.
The Decryption-Result is a checksum of your name and some constant bytes, so nothing special at all.

happy analysing,
AdamA

foxthree
July 29th, 2002, 14:03
It is quite simple to crack and patch tho'.. packed with ASPack and nothing great

Signed,
-- FoxThree

Lbolt99
July 29th, 2002, 19:30
Yeah I figured DAMN probably had a keygen out for it. Hoping they didn't though, oh well. But that's irrelevant, since the object of this project is to learn RSA-65 and determine how it was keygenned, and try to reproduce their results.

Unless anyone knows of any other RSA-65 protections that haven't been keygenned by DAMN, CORE or TMG yet

It'll probably be a week or so before I'll be able to start on it though, real lifes cropped up again

mambox
August 1st, 2002, 14:48
yep would be interesting to understand!