Results 1 to 7 of 7

Thread: New project: RSA-65 analysis on GetDataBack for NTFS

  1. #1
    Lbolt99
    Guest

    New project: RSA-65 analysis on GetDataBack for NTFS

    This next project, I will be doing in a similar style as the CacheX project: Basically, there is already a keygen (by Ivanopolus of DAMN) for GetDataBack for FAT, but none for the NTFS version. They are both at the 2.x revision releases.

    So I will be ripping apart GetDataBack for FAT, and the keygen, to understand the cryptography involved and see how it was done, then look at the NTFS version and try to keygen based on the knowledge obtained from the FAT version and keygen analysis.

    There's no other info in the NFO file as to how it was cracked. I picked this target because a) want to learn a different crypto system b) small bit-count (any relevence?) c) keygen exists for "sister" software, like with CacheX.

    Based on other info, I think a weak prime number generator might have been involved, but we'll see.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    foxthree
    Guest

    RSA-65???

    Just a tip: I believe AdamA posted somewhere here about GetDataBack. It is RSA-65, if I recall correctly (too lazy to search )

    All the best and hoping to see your work

    Signed,
    -- FoxThree

    <Edited>

    Shit Lbolt! Sorry! Forgot to pay attention to your subject line. [To Self: Hmm... I'm really getting old]. Sorry once again.
    Last edited by foxthree; July 26th, 2002 at 16:47.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    GodsJiva
    Guest
    DAMN released a keygen for NTFS GetDataBack 2.0 in May, at the same time as the FAT version. And it works :-)
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    AdamA
    Guest
    Hi,

    I looked at the version 1.05, they did not change the registration keys in 2.0.
    GetDataBack uses RSA like the most RSA based schemes.
    The Decryption-Result is a checksum of your name and some constant bytes, so nothing special at all.

    happy analysing,
    AdamA
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    foxthree
    Guest

    Simple enough to crack, tho'

    It is quite simple to crack and patch tho'.. packed with ASPack and nothing great

    Signed,
    -- FoxThree
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    Lbolt99
    Guest
    Yeah I figured DAMN probably had a keygen out for it. Hoping they didn't though, oh well. But that's irrelevant, since the object of this project is to learn RSA-65 and determine how it was keygenned, and try to reproduce their results.

    Unless anyone knows of any other RSA-65 protections that haven't been keygenned by DAMN, CORE or TMG yet

    It'll probably be a week or so before I'll be able to start on it though, real lifes cropped up again
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    yep would be interesting to understand!

Similar Threads

  1. NTFS MFT Internals
    By WaxfordSqueers in forum Advanced Reversing and Programming
    Replies: 153
    Last Post: March 26th, 2014, 15:03
  2. NTFS reversing
    By WaxfordSqueers in forum The Newbie Forum
    Replies: 21
    Last Post: April 28th, 2013, 00:56
  3. MBR analysis
    By charlie in forum Malware Analysis and Unpacking Forum
    Replies: 7
    Last Post: October 19th, 2010, 19:42
  4. problem with NTFS file encryption
    By Hero in forum The Newbie Forum
    Replies: 10
    Last Post: October 22nd, 2004, 03:49
  5. Write to NTFS
    By tentakkel in forum Malware Analysis and Unpacking Forum
    Replies: 7
    Last Post: October 8th, 2001, 17:18

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •