Results 1 to 8 of 8

Thread: crypto thought crackme #3

  1. #1
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491

    crypto thought crackme #3

    You want to generate serial numbers for an app.
    The serial check goes like this:

    Code:
    Check signature on MD5 of serial number (gotten from the
    author).  If it fails, return false.
    
    word i;
    qword state;
    
    usernamelen = length of username from the textbox
    srand(CRC32(username));
    state=(rand()<<48) + (rand()<<32) + (rand()<<16) + rand();
    for (i=1; i<4096; i++)
    {
        op=username[i mod usernamelen]&7;
        switch (op)
        {
            case 0: state += rand(); break;
            case 1: state >>= 1; break;
            case 2: state -= rand(); break;
            case 3: state <<= 1; break;
            case 4: state += (1<<31) ; break;
            case 5: state >>>= 37; break;
            case 6: state <<<= 23; break;
            case 7: state += (1<<63); break;
        }
        state ^=(rand()<<48) + (rand()<<32) + (rand()<<16) + rand();
    }
    
    if (serial = state) return true;
    else return false;
    <<< is left rotate, BTW. You're willing to buy one signature. What's your attack plan?

    (Remember, if you have the answer, rot13 it before posting, but you're free to post ideas in cleartext)
    Last edited by mike; January 13th, 2003 at 21:09.

  2. #2
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491
    Here's my first hint:

    Gur svefg cneg bs guvf, gur fvtarq ZQ5 bs gur frevny, vf haoernxnoyr (hayrff arbcebwrpg gnxrf penpxvat ZQ5 ba vafgrnq bs gelvat sbe na EFN xrl--V guvax gung jbhyq or ernyyl pbby)

    Gung zrnaf lbh'ir tbg bar frevny ahzore gb jbex jvgu. Gur frevny ahzore vf ragveryl qrgrezvarq ol gur hfreanzr. Jung cebcregvrf fubhyq gur hfreanzr unir?

  3. #3
    FoolFox
    Guest
    Uryyb,

    Nf sne nf v Xabj...

    Gur ZQ5 nytb gnxr na vachg zrffntr bs na neovgenel yratgu naq cebqhpr nf bhgchg n
    zrffntr qvtrfg (svatrecevag) bs svkrq yratgu bs 128ovgf. Lbh pna'g cebqhpr gjb
    qvssrerag zrffntrf hfvat gur fnzr svatrecevag.

    Nf lbh fnvq, ZQ5 nytb vf n bar-jnl shapgvba. Pna'g or erirefrq.

    Fb, gur Hfreanzr zhfg or havdhr sbe rnpu yvprapr, evtug ?

    Vs jr tbg gur hfreanzr, jr pna evc gur vavgvnyvfngvba cunfr sebz gur nccyvpngvba
    (nccraq cnqqvat ovgf, nccraq yratgu, rgp.. nf qrfpevorq va gur rkpryyrag Mnveba'f
    cncre nobhg gung) gb frr jvgu jvpu inyhrf vg qrnyf. Bapr jr tbg gur inyhrf, jr fubhyq
    or noyr gb pbzchgr n pbeerpg frevny sbe nal hfreanzr.

    Ertneqf
    SbbySbk
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491
    I decided this comment was worth sharing...
    Hello,

    As far as i Know...

    The MD5 algo take an input message of an arbitrary length and produce as output a message digest (fingerprint) of fixed length of 128bits. You can't produce two different messages using the same fingerprint.

    As you said, MD5 algo is a one-way function. Can't be reversed.

    So, the Username must be unique for each licence, right ?
    Note that only the hash of the serial is signed, not the serial itself or the username. Can you prove that there's a one-to-one relationship between a username and serial? If so, can you break the system? If not, does one username generate many serial numbers, or are there many usernames that give one serial?
    If we got the username, we can rip the initialisation phase from the application (append padding bits, append length, etc.. as described in the excellent Zairon's paper about that) to see with wich values it deals. Once we got the values, we should
    be able to compute a correct serial for any username.

    Regards
    FoolFox
    You don't need to do anything with MD5 to find out the correct serial for the username; it's the algorithm I gave.
    Last edited by mike; January 15th, 2003 at 03:09.

  5. #5
    FoolFox
    Guest
    Ok, thanks for pointing my misunderstanding on this one..

    mmm...

    will have to think again about it....

    Regards
    FoolFox
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    : Code Injector : nikolatesla20's Avatar
    Join Date
    Apr 2002
    Location
    :ether:
    Posts
    815

    guesses

    Whfg n pbhcyr fznyy thrffrf:

    Svefg, gurer vf PEP32 ba gur hfreanzr. Guvf pbhyq or creuncf hfrq gb trarengr n qvssrerag hfreanzr sbe n tvira frevny....

    Nyfb, enaq() vf hfrq n ybg urer. Vs vg'f n jrnx enaq vg znl or na nggnpx cbvag.

    -nt20

  7. #7
    Vz tbvat gb iragher n thrff gung svaqvat n frevny vfa'g ernyyl
    bhe gnfx. Jung jr ernyyl jnag gb qb vf trarengr hfreanzrf gung
    jvyy perngr gur frevny jr unq fvtarq. Nf zragvbarq va bar bs
    gur rneyvre ceboyrzf, bapr lbh xabj gur qrfverq inyhr bs gur
    PEP, lbh pna nyzbfg vafgnagyl trg gur erdhverq qngn inyhrf gb
    znxr gung PEP. Gur gevpx gb guvf jbhyq or znxvat fher gur arj
    hfreanzr unq gur fnzr ybjre 3 ovgf va rnpu punenpgre nf gur
    bevtvany. Bar jnl nebhaq guvf jbhyq or gb znxr gur hfreanzr 4096 punef ybat (vs cbffvoyr). Gung jnl nyy lbh unir gb qb vf nccraq gur pbeerpg punenpgref gb gur raq gb svk gur PEP naq lbhyy unir
    n inyvq frevny.

  8. #8
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491
    Kythen got it again! Avoid translating his post if you want to solve it yourself. nt20--flesh out your first suggestion and see what you come up with.
    Last edited by mike; January 15th, 2003 at 15:35.

Similar Threads

  1. crypto thought crackme #6
    By mike in forum Mini Project Area
    Replies: 18
    Last Post: May 29th, 2006, 00:40
  2. crypto thought crackme #5
    By mike in forum Mini Project Area
    Replies: 12
    Last Post: January 22nd, 2003, 17:52
  3. crypto thought crackme #4
    By mike in forum Mini Project Area
    Replies: 4
    Last Post: January 18th, 2003, 02:58
  4. crypto thought crackme #2
    By mike in forum Mini Project Area
    Replies: 9
    Last Post: January 13th, 2003, 19:25
  5. crypto crackme thought experiment
    By mike in forum Mini Project Area
    Replies: 12
    Last Post: January 8th, 2003, 22:43

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •