PDA

View Full Version : Q:Number analysis...


mambox
March 12th, 2005, 08:04
hello,

i'm looking,if it exist,a soft who can analyze a sequence of numbers-letters
well i explain here's a sequence:

SG77GTWHH
SXPVWGLW7
SHXXZPHGY
S6GJNN47X


and determine the combinaison used to generate those seq.

is it possible?

thanks!

naides
March 12th, 2005, 11:06
Try a more thorough explanation:

Each line of 9 char is a series?

Who generated the series?

Is one series derived form the other?

mambox
March 12th, 2005, 14:28
well...its a commercial offering.

each pack give you a code (upper) and i'm trying to know how to find the generation of those without buying thousand of packs

and yes its 9 chars long,starting with S

SHXXZPHGY or
S7WUP6LG4 or
SG77GTWHH or
SXPVWGLW7 or
SHXXZPHGY or
S6GJNN47X or

and so on....

i doubt hundred thousands numbers are generated randomly and checked each time the code is sent,would be way too long to check.

anyway,i'm a bit lost with all my knowledge into this science..

is my question a bit more understandable?

thanks!

JMI
March 12th, 2005, 16:21
Just a thought. Perhaps you are approaching the problem ass-backwards. Maybe, rather than wondering how the numbers are generated, you might simply want to try to find out "where" and "how" the numbers are "validated" by the program. The process may be long and complex or it might not, but eventually, it has to reach some point which results in the equivalent of a "goodboy" or "bad cracker" decision. Maybe you can circumvent the need for the correct number altogether.

Regards,

mambox
March 13th, 2005, 09:13
erm...well its checked online by the server,you only have to give the number and it validate or not the result...so i doubt its not possible then.

was just interested if it was possible to find a tool who analyze the sequences..

thanks for all answers anyway!!

mike
March 13th, 2005, 16:39
Nope. They could give you a completely random string and just keep a list of all the ones they've issued on the server.

What kind of software is it?

SiGiNT
March 13th, 2005, 17:10
I think I know this target, and a couple of keygens have been attempted, my best guess is that the number sequence is kept in a list and then issued randomly from that list, the number would not be valid until it had been issued, so keygenning a number might give you a valid number, but it wouldn't work unless it had been issued already.

At least I think that's how it works.

SiGiNT

naides
March 19th, 2005, 08:32
If the validation is done in the server, then the generation is done in the software, that you have. It is not completely random, You have a few rules (constrains): The S charater in the first position, the length of the key, uppercase alphanumeric space. . .

What about locating the code that generates the keys and reversing it?

Could you PM the name of the software? you got me curious now. . .

JMI
March 19th, 2005, 08:40
"Nobody" remembers what curiosity did to the cat!

Regards,

SiGiNT
March 19th, 2005, 12:18
If this is the same target, (or similar), that I've seen, then there definitely is an algo. in the code, it won't install without a correct serial, the problem is whether or not that serial has been flagged as issued at the server.

SiGiNT

naides
March 19th, 2005, 13:38
Based on the info you provided, Mambox , you are deducing the generation/validation algo from a blackbox. It could be anything, unless you can collect a substantial number of valid, and invalid keys to be able to deduce patterns.

Bilbo started a thread on a tool that could do just that.
Under the current circumstances, a brutal force generator sounds like the only viable option, at least initially.
In fact, as it was stated before, the key space may be indeed random, with no validation rules attached to them except being present in the server/validation database, which makes any 'intelligent" attack useless.

%UNDEFINED%
March 20th, 2005, 11:28
Quote:
[Originally Posted by mambox]well...its a commercial offering.

each pack give you a code (upper) and i'm trying to know how to find the generation of those without buying thousand of packs


I don't think this is software, sounds to me more like a product promotion. Pepsi, 7-UP, Coke, Candy Bars, Trading Cards, Potato Chip, etc... could be anything, sounds to me like that. Where each pack you buy contains a code and you enter that code online and see what its worth, or if you won anything...

Examples:
hxxp://www.dell.com/bigbucks
hxxp://www.apple.com/itunes/pepsi/

Regards,

mambox
March 20th, 2005, 11:29
my coding skill is not enough high to make such bruteforce,if its the way to find.

well thanks for all answers,now i know its much more cryptic than i think