Results 1 to 5 of 5

Thread: SHA-1 protected program

  1. #1

    SHA-1 protected program

    I am working on program which has interesting reg check.
    It gets name and removes spaces and make uppercase ie Mister Stop -> MISTERSTOP
    Then it takes SHA-1 of it 2014A31489DEB684260C49792266DB575E69E5A4
    then it gets what serial you entered and send MakeAscii procincluded in zip
    Then it takes SHA-1 of this number (E400AA622758FF3B29D0E14546EA48DE31DB8A4E)

    Then it gets first char of SHA-1(Name) divide to 80h and get SHA-1 hash which is in the program.(80h precalculated SHA-1) compare to SHA-1 of mangled serial.

    In order to reverse this one should find 16 chars serial whose SHA-1 is in the program.I think bruteforcing takes a lot time.It is compiled with visual C.If they used any C random algo maybe we can attack here.Also I think they didnt calculated 16 chars at once instead they calculated 4 by 4 or 8 by 8.Any tips are appreciated.I attached predefined 80h SHA-1 hashes,MakeAscii proc
    Attached Files Attached Files
    "There is only one road to human greatness: through the school of hard knocks." Albert Einstein

  2. #2
    Lbolt99
    Guest

    Re: SHA-1 protected program

    I think I've followed what you're saying in the 2nd paragraph:

    So in a nutshell, what it's doing is running SHA-1 on the name, running SHA-1 on the 16 byte serial you entered. Then it reads in the first byte of the SHA-1 code done on the name, divides it by something so that it's a number in the range of 1-80, which would correspond to one of the 80 available SHA-1 codes stored in the program. Then it compares this with the SHA-1 code calculated on the serial?

    Just want to make sure i understand this before thinking on it more
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    yes what you say is mostly correct but there are 80h=128 predefined SHA-1 hash.Thanks for yor response
    "There is only one road to human greatness: through the school of hard knocks." Albert Einstein

  4. #4
    Lbolt99
    Guest
    Sorry for the delay in getting back. I've thought it through, I'm thinking there's no real easy way to keygen this... the main problem is finding out what the 128 different serial numbers are, whos hashes would match up to the hardcoded hashes. The authors probably just made up a bunch of numbers, or maybe generated them, but that's external of the program so there's no real way to find that out. No way I know of to get from here to there

    One thing of interest, in fact I want to look into this myself, is Advanced Disk Cataloger v1.47, which uses MD5 hashes as protection. It was keygenned by DAMN (surprise) and Ivanopolus somehow bruteforced numbers out of it. I want to figure out how that works and how he did that.

    In the NFO file, it states that there are hardcoded hashes in the program, so somehow he got from point A to point B as far as keygenning it. Should be interesting
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Thanks for the info.You are right I guess.Thanks again for your interest.
    "There is only one road to human greatness: through the school of hard knocks." Albert Einstein

Similar Threads

  1. unpacking program which is protected against debuggers
    By numericalMan in forum The Newbie Forum
    Replies: 3
    Last Post: June 10th, 2010, 17:35
  2. How to find the OEP of a Crypkey protected program
    By Praveen in forum OllyDbg Support Forums
    Replies: 2
    Last Post: January 20th, 2005, 03:41
  3. problems with a program protected by aspack + aspr
    By orestes in forum Malware Analysis and Unpacking Forum
    Replies: 3
    Last Post: August 14th, 2004, 13:24
  4. HASP protected program(HELP !)
    By hack3r2k in forum Malware Analysis and Unpacking Forum
    Replies: 11
    Last Post: April 16th, 2003, 01:17
  5. Help needed with UPX protected program
    By yktan in forum Off Topic
    Replies: 28
    Last Post: January 27th, 2003, 08:06

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •