View Full Version : Inside a MD5 (?) protected Java prog

August 17th, 2002, 06:23
Hi, fellows.
Here comes attached a decompiled java class which verifies the license serial number, and I hope you will enjoy reading as a thriller.
With the informations that we get from it("MD5", "MODULUS_HASH", "MODULUS_WRAP", "PUBLIC", and BigInteger values), do we need more to keygen the prog ?

Thanks in advance.

August 17th, 2002, 08:58
Yes you forgot the most important thing you need. A motherfucking fast computer to factorize the public key if you want to solve it without replacing the keypair. Without spending more then a few minutes on it a safe bet is that it uses RSA with a pretty high N.
My reasons for saying this is:

public static final BigInteger PUBLIC = BigInteger.valueOf(0x10001L);

This value is a common one for E and the public key itself N is

public static final BigInteger MODULUS_WRAP = new BigInteger("s4c8z8jq19imm4xg0im5aw556gaxksv6jgo2dtdynpnmxkerb86nsetcgnrbmhcmmcix3sisthihf0lrzlo4znqepklqolnm86n4 dgabga8cctyf3dtivp3yp4mdor1xi8z18pu88q1bnkdoze4xsiq2ay0spnb9c4gt4ztfff8j0mpi14kk1e5qwpgb5hf4ej9n65", 36);

which seems to be stored in radix 36 from what the java api documentation says.
Then it does a modpow() operation using these two numbers:
biginteger2 = biginteger2.modPow(PUBLIC, MODULUS_WRAP);

It also uses MD5 but this is really unimportant until you get around this part first.

// CyberHeg

August 17th, 2002, 09:27
Hi, CyberHeg, and many thanks for the explanations.
One more question :
I suppose that the prog needs its private key to decode the serial number, and the private key must be somewhere within the files. Is that correct ?


August 17th, 2002, 09:31
No, thats the beauty of public key encryption. Your public key is public and the private key is private. Assuming this is a private key encryption which have been done then the authors of this license scheme encrypts the licenses with the private key and it gets decrypted with the public key.

Your task is to derive the private key from the public key which (if implemented correctly) should be a task mathmatically so huge that it would take more then a life time.

I suggest you go read some stories about Alice and Bob and publickey cryptography. There is plenty free reading material on the web including full books in html and pdf format.
One of these is Applied Cryptography by Bruce Schneider.

// CyberHeg

August 17th, 2002, 10:37
Hi, CyberHeg, and again many thanks for the explanations.
I have read many pages about public key encryption, I compiled and run many short demo programs in C, Java, Maple etc..., and I still get confused on the most basic principles as those you had to remind me of.
Now I got it clearly, but for how long ? The time to write this, and I already need to read again your explanations and understand what part uses or needs which key.
I know about p, q, n, d and e. Usually each part has is own e and own d. As they share the same p, q and n, one part encodes with the other's e and the other part decodes with his own d. So the d private key must be somewhere (in the other's safe or mind when two people are exchanging informations, or -in the case of a software- in some file).
But in the case of that serial number both sides (the serial number coder and the serial number decoder) have the same e and the same d. The serial has been encoded with d (that we don't know) and is decoded in the program with e = 0x10001. Like in the case of a DSA signature ?

Sorry, if I am still mistaken.

In the case of this prog, we can't find valid SN, but we can rub out all the RSA lines, return "Yes, the SN is correct " and recompile the .java. The guy wrote all the RSA protection for nothing (like in JBuilder, and many others).


August 18th, 2002, 04:27
Yes, that's right. The verifier is for your own protection, so that you know it came from a particular source. It's not to prevent you from doing stuff.

September 4th, 2002, 08:28
one possible scheme is to taking a hashing on user's name, then apply your private key on it, the output will be the registration code. in your program, apply public key to the registration code and compare it with the hashing value of user name.

the good thing is that public key in the program can only verify the registration code, but cannot generate.

September 4th, 2002, 11:29
Hello, jjhsd !

It has been so easy to rub out all the RSA stuff from the license.class, then to recompile it, get the program working and throw it to the trash bin !

Until recently we used to deal with long...long asm routines shifting, multiplying, xoring etc... lines after lines....

Now we have 1024-bit prime products.

But we still arrive to a simple flag : 0 = uncorrect SN, 1 = correct SN.

Nihil novi sub sole.