View Full Version : Hash algorithm identification

July 31st, 2002, 22:57
Hi there,

I'm quite new to the cryptographic side of keygenning; I keygenned a nice program yesterday called Dogma ( h**p://www2.getafile.com/cgi-bin/merlot/get/pulse/Dogma.exe ) which seems to hash a hell of a lot of constants in.

The main interesting proc is at 427200; the procs which do the work (offshoots from that), which are also the ones with the constants, are at 425630 (done once), 425f20 (done 10h times with two dwords varied each time, but same basic constants), and 425810 (done once). These offshoot procedures have the same type of layout, ill let you see for yourself.

427200 is called once for each 8 letters of the Name, producing 2 dwords each time. If the name is <= 8 chars, skip to the ascii conversion using the 2 dwords for those 8 (or less) chars. If >8 chars, the dwords have some xoring and shifting done to them starting at 4273e1 to result in a final 2 dwords, which are then converted to ascii "%lx%lx" (but with starting 0s if less than 8 chars each). This is then the correct serial for that name.

Anyway, my question is, is this a standard hashing algorithm, or just a stupidly long (for its purpose) custom made algorithm?

August 1st, 2002, 03:16
Sounds like just a lame-ass custom algo. A real hash function like SHA-1 would be much harder to reverse. If implemented properly, they are almost impossible to deal with. Hashes are really simple but can be really effective in keygen prevention

August 1st, 2002, 11:13
Ah, but thats the thing you see, I didn't need to reverse it, just rip a whole load of code out of it. It did all this weird stuff just to the name, then compared the result to the serial. I wouldn't want to even think about reversing all this crap...

There's just soooo many constants in it, I find it slightly hard to believe it was done just for this program.

August 1st, 2002, 11:41
latest safedisc uses a hugh proc(about 6kb .asm file) to
hash/create 128bit keys i'd be interested to know if this is
a well know hash or not since macrovision have and still do
use the freeware TEA encryption heavily.

Does anyone know of any sites where i can get asm/c asm preferred sources of some well know hash systems.

/me does a little wave to godsjiva


August 1st, 2002, 11:50
/me waves back to yates ;-)

Go reverse some keygens

The keygen for dogma ended up being about 1300 masm lines, about 80 of which is GUI...

I should really go look at Safedisc again.

August 8th, 2002, 12:03
i spent my last weekend in reversing the protection scheme of
advanced email extractor v2.60.
this is a shareware app which has some parts (e.g. save file) disabled.

it takes a registration code as input which looks like that:
AEE-nnnnnnn-xxxxxxxxxxxx (n=numbers, x=letters or numbers)

then there's a 128-bit hash generated from the entered serial, which
is compared to each member of a hardcoded array of 5844 valid hashs.

i didn't get any further by now, but i guess after a hash matched with
a hardcoded one, the key to decrypt the code of the full-version-features
is extracted from the entered registration code.

here's the crc routine:

does this look like a secure crc algorithm?
well i think at least i wont be able to recreate the inputs.

August 8th, 2002, 14:11
Yes it is a secure algorithm. I've seen the exact same code in past but I never found out which algorithm it was.

You should notice it uses a round function like many other secure hashes because the same blocks of code is repeated again and again.

Take a look at this code and notice alot similarities:

However the constants doesn't match so it can't be MD5.

Either way I think you chances to recreate the hash values are very very low.

August 8th, 2002, 15:31
in the

look at the first constant
seg000:00420061 lea ecx, [edx+eax-28955B88h]

NOT 28955B88h = D76AA477

first constant in MD functions is D76AA478

Do you feel it

It is same function but different implemantation.In asprotect I guess it was RipeMD160.

August 9th, 2002, 02:16


context->state[0] = 0x67452301;
context->state[1] = 0xefcdab89;
context->state[2] = 0x98badcfe;
context->state[3] = 0x10325476;

hey! thats it! :-) those are the initial values used in safedisc
along with a few other rva related dwords which are ran through
the hash, and compared with hardcoded ones in certain data structures, i'll look more at the constants when i got access to my notes. looks very simular thou.

thanks for that post cyberheg (;

August 9th, 2002, 09:35
This is a common way to initialize hashes. Other hashes which also use the same initialization for context's are RipeMD160 (160 bit) and SHA-1 (also 160 bit).

Take a look here http://libtomcrypt.sunsite.dk
There is a list of hashes implemented and you can watch the source code online.