Results 1 to 14 of 14

Thread: Encryption used in CRT

  1. #1
    Kilby
    Guest

    Encryption used in CRT

    Gentlemen & others,

    In the absence of damn website to ask questions on, I thought this would be the most appropiate pace to ask this question in.

    I use CRT from Van Dyke Technologies , and even have a site licence for it, however I am interested in how their keys work.

    I understand from Ivanopulos .nfo files that they use 64bit ElGamal & modified RIPEMD-160.

    Has anybody here done any research on how these are use together within CRT (and their other products).

    As I know next to nothing about crypto (except a lot of what NOT to do when implementing it) if anybody could give me a helping hand up the learning curve it would be greatly appreciated

    Regards,

    Kilby...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Lbolt99
    Guest
    Do a search on here for 'securecrt', some good messages from goatass will come up.

    I went through the same crash course in crypto about three weeks ago, analyzing the scheme used in CacheX and comparing it to the Keygen by Eclipse for the Opera version.

    I learned a great deal from the documents I found on the web for SHA-1 and Blowfish. I recommend seaching the web for the specifications on the encryption you are reseaching. Makes things easier.

    After I read and understood the documents, it was easy to see what the routines in CacheX were doing. Also how the keygen worked.

    Still no go on CacheX, by the way. Artifex - any luck with that "fake S/N" you came by when running in trial mode? Have been meaning to look at this, but haven't had time.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491
    I understand from Ivanopulos .nfo files that they use 64bit ElGamal & modified RIPEMD-160.
    64 bit ElGamal? More likely 64-byte, or 512-bit.

  4. #4
    Kilby
    Guest
    Mike,

    I thought the same thing, but thats a cut & paste from the damn.nfo file, and I don't know enough about crypto systems to disagree with Ivanopulo.

    Thanks for the tip on securecrt, as I did a search on van dyke and nothing turned up, and I could have sworn that Ivanopulo had posted somthing a while back (but that didn't turn up either).

    I had a quick look in a damn keygen for absoluteftp and found what look like large numbers embedded in the code.

    Though the relationship between the license key and the serial number is interesting enough to watch in the damn keygen.

    Looking at CRT the protection appears to be in License30.dll.

    It looks like an relatively easy patch job to remove the license requirement, this is not the object of the exercise.

    I actually want to learn something about crypto systems, though a simpler target may have been a better choice.

    Regards,

    Kilby...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Artifex
    Guest
    Hi, Lbolt99.

    >Artifex - any luck with that "fake S/N" you came by when >running in trial mode? Have been meaning to look at this, but >haven't had time.

    No result for now. I think that when you have time you will use this clue much better than I can do.

    Artifex
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    MarcElBichon
    Guest

    DAMN Site

    Some parts of DAMN site still work. Look at http://www.damn.to/crypto_list.html and you probably found an answer

    Mike
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    Kilby
    Guest
    Yeah I have had a look aroud the remanants of damns site previously, but not much information on the bits I require.

    I confirmed that all the serial number stuff is in the Licensexx.dll.
    It's a pity that tey seem to use an interesting key routine, yet their .exe files are easily patched (4 bytes).

    I think the best thing I can do is try and find if anybody has a backup of !tEs site, as he had some securecrt information there.

    Infact if anybody has an archive of the site, I may be able to get it hosted <HINT HINT>, as it was always a great resource.

    I noticed some values which look like keys in the unpacked Damn keygen for AbsoluteFTP, so if I can get an earlier damn keygen for the same product, I should be able to see which keys change between versions of Vandyke Products.

    BTW AbsoluteFTP2.0 uses License31.dll, but still requires the same minimal patching to remove nags and time limits.

    Kilby...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    goatass
    Guest
    Killby, I just finished keygening tE!'s Keygenme #3 which uses Elgamal and RipeMD, I'm writing up the tutorial as I write this. I'll be including all my sources so you could use them as refrences if you like.
    they are to solve the DLP and have the Elgamal implementation (in C++).

    goatass
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    Kilby
    Guest
    Goatass,

    That would be greatly appreciated.

    Hmmm, this is the 1st time I have called anybody goatass, without being displeased with them

    Regards,

    Kilby...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #10
    Kilby
    Guest
    I had a short chat with a couple of guys (I assume) from tmg, and they where saying that the keygen method has changed in recent vandyke targets.

    I think ECC 1024 (or 512 I can't remember) & blowfish are the current method used.

    I will check this out in the next few days for accuracy, once I clear my current project up a bit and then report back.

    Regards,

    Kilby...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  11. #11
    Lbolt99
    Guest
    Sounds interesting, wonder if their stuff is still able to be keygenned.. beginning to see more and more stuff impossible to keygen, unfortunately. Of course the hard patch on Van Dyke's stuff easy enough.. can't beat keygenning

    Wonder what's up with the guys in DAMN.. the website is still "working", it's not "down".. kinda strange
    Originally posted by Kilby
    I had a short chat with a couple of guys (I assume) from tmg, and they where saying that the keygen method has changed in recent vandyke targets.

    I think ECC 1024 (or 512 I can't remember) & blowfish are the current method used.

    I will check this out in the next few days for accuracy, once I clear my current project up a bit and then report back.

    Regards,

    Kilby...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  12. #12
    Lbolt99
    Guest
    I took a look at SecureCRT 4.0 beta 2, it looks like they send you a different license key, so you're probably right as far as the crypto
    changing. Have you had a chance to take a look at it yet?

    Just tried the DAMN 3.4.1 keygen, doesn't work on 4.0
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  13. #13
    Kilby
    Guest
    I ain't had a chance to look at CRT & friends for a while, as real life has once again hit me with a vengance.

    However this is what I know.

    Every time they go up a full version (rather than a point release), they always changed their keygen, this appears to have been done via the seed values NOT the algo.

    I had a look at the internals of the registration .dll (I think it was) and found what I believe to be the seed values.

    I then had a look at the values within !tE's and Damns keygens and found their values.

    Damn Securecrt 3.3
    9E9350F141FFAC5
    95CC918618D6ED4
    12982884101B67F
    7E61ED4B9ACFD2E

    Damn Secure CRT 3.3.3
    9E9350F141FFAC5
    95CC918618D6ED4
    12982884101B67F
    7E61ED4B9ACFD2E

    Damn SecureCRT 3.2.1
    9E9350F141FFAC5
    95CC918618D6ED4
    12982884101B67F
    7E61ED4B9ACFD2E

    As you can see the values used did not change, therefore this seems to back up only a full version change causes a change in the registration data.


    !te/TMG only apperaed to use 3 large numbers in their keygen

    I believe up to last month that the keygen algo had not changed, but but can't speak for 4.0 ATM

    Hope this helps a bit,

    Kilby...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  14. #14
    Kilby
    Guest
    BTW from what I heard, Damns website supplier landed himself in a coma through drinking some kind of bootleg alcohol.

    I dunno how true it is but thats what I was told.

    If anybody can correct me then please enlighten us as it was one of the best sites for useful info.

    Kilby...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Tiny Encryption Algorythm
    By quake_ger in forum RCE Cryptographics
    Replies: 3
    Last Post: April 7th, 2004, 13:03
  2. Encryption modes
    By stealthFIGHTER in forum RCE Cryptographics
    Replies: 23
    Last Post: September 1st, 2002, 14:52
  3. Alittle bit of Encryption/Decryption fun...
    By Bengaly in forum RCE Cryptographics
    Replies: 0
    Last Post: January 28th, 2002, 05:44
  4. Java Encryption
    By Killerkris in forum Advanced Reversing and Programming
    Replies: 0
    Last Post: January 21st, 2001, 06:53
  5. Encryption Lite
    By hafer in forum Advanced Reversing and Programming
    Replies: 2
    Last Post: January 14th, 2001, 19:11

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •