Results 1 to 12 of 12

Thread: Crypto crackme: Rijndael

  1. #1
    lordor
    Guest

    a simple cryptography crackme

    This is very simple crackme,use some cryptography arihmetic.I hope you can learn something from this crackme.If you register succeeded,you will see a picture.


    lordor
    1.7
    Attached Files Attached Files
    Last edited by lordor; May 14th, 2004 at 22:22.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    Hi lordor,
    nice to see another crackme from you, thx :-)

    The crackme wants a code/serial combination to be registered. The code box is already filled with a value obtained by this simple operation:
    (Volume_Serial_Number xor 0xABCDE123) / 4

    The serial box is not filled and it's another story...
    I don't have solved it yet but, stepping a little through the program I notice that Rijndael algo is used. You can found a lot of informations about this block cipher at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/
    There are also some threads in this forum speaking about Rijndael, a simple search will lead you to this threads.

    Back to the crackme. The code and the serial are both read at the beginning of the protection routine; after that there is a suspicious call:
    Code:
    00401286 PUSH crackme.0040E304         ; Arg2 = 0040E304 -> empty buffer
    0040128B PUSH crackme.0040E374         ; Arg1 = 0040E374 -> the serial you have typed
    00401290 LEA ECX,DWORD PTR SS:[ESP+24]
    00401294 CALL crackme.004023B0
    This call fills the buffer pointed by 40E304 with 16 bytes. The call encrypts the serial using Rijndael algo with 128 bit Key equals to:
    0x01 0x03 0x05 0x07 0x09 0x01 0x02 0x06 0x07 0x08 0x09 0x00 0x07 0x03 0x07 0x08
    How can I understand this fact? Well, there is not a specific rule to understand which algo is used but there are some facts that can guide you through the identification process. I.e. the initial xor between the key and the serial that produces 4 dword, the fact that these dword are used and changed in the next 9 rounds cycle, the 128 bit return value and so on...; little things all together.
    Obviously, to be sure about the use of the rijndael algo I have tested the serial/key with my own rijndael simulation program, trying to verify my idea. If you are too lazy to write some lines in c (or in your preferred language) you can use a nice tool called CrypTool available from http://www.cryptool.com/
    It does contains the implementations of the most common algos and it might help you in these cases.

    After this algo and before the final check there is another call:
    Code:
    004012B9 PUSH crackme.0040E374   ; 40E374 points to an empty buffer
    004012BE PUSH crackme.0040E304   ; 40E304 points to a string obtained from the mix 
                                     ; of the serial and the rijndael returned bytes
    004012C3 LEA ECX,DWORD PTR SS:[ESP+24]
    004012C7 STOS WORD PTR ES:[EDI]
    004012C9 CALL crackme.004026B0
    Even this call seems to be another Rijndael algo; the call is *very* similar to the previous one and the key should be:
    0x53 0xDD 0xFA 0x1A 0x2B 0x11 0xC5 0x75 0x38 0xC1 0xAE 0x8D 0xA5 0x0D 0x58 0x11
    Unfortunately, this is not true or (maybe) I drown in a inch of water...

    Is there someone that is working on this crackme that can help me?

    ciao,
    ZaiRoN

  3. #3
    NeO
    Guest
    All what you found out is right as alwasy...:P
    The crypto calls are the same only the key is different.



    But the main problem is how to get pass this :

    .text:004012DB jnz short loc_4012D6
    .text:004012DD mov cl, byte_40E374
    .text:004012E3 sub eax, edx
    .text:004012E5 cmp cl, 30h
    .text:004012E8 jnz loc_4013B1
    .text:004012EE cmp byte_40E373[eax], 3Dh
    .text:004012F5 jnz loc_4013B1
    .text:004012FB cmp eax, 10h
    .text:004012FE jnz loc_4013B1
    .text:00401304 mov edx, dword_40E379


    bye NeO
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    Hi NeO,
    Quote Originally Posted by NeO
    The crypto calls are the same only the key is different.
    Ok, you are right but it's not totally true. The call implements Rijndael algo but this time it decrypts the text using the same key used in the previous Rijndael call.
    This is the structure of the main protection routine:
    Code:
    key = 0x01 0x03 0x05 0x07 0x09 0x01 0x02 0x06 0x07 0x08 0x09 0x00 0x07 0x03 0x07 0x08
    
    Rijndael_encrypt(serial, key) = r1
    r1 and serial are mixed using the call at 4012A3; rm1 is the result
    Rijndael_decrypt(rm1, key) = r2
    final_check...
    Part of the final check was posted by Ne0; as you can see the first byte of r2 must be 0x30 and the last byte (the 16) must be 0x03D. r2 has to satisfy another rule:
    Code:
    00401304 MOV EDX,DWORD PTR DS:[40E379] <-- edx takes char number 6,7,8 and 9 from r2
    ...
    00401325 MOV DWORD PTR DS:[40E308],EDX <-- move them
    0040132B MOV DL,BYTE PTR DS:[40E340]   <-- dl = the first char of the code in hex format
    ...
    00401336 CMP DL,BYTE PTR DS:[40E308]   <-- char number 6 from r2 must be equal to dl
    ...
    00401350 JNZ SHORT crackme.004013B1    <-- jump to error if not equals, otherwise: registered
    That's all! Who wants to write the keygen? ;-)

    ZaiRoN

  5. #5
    NeO
    Guest
    Hello all ..


    I think you need to write bruter for this...if there is any other way let me know :P


    Hint:use serial_lenght 16 bytes(32letters)


    Bye NeO
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    Hi Ne0,
    you should be right, at the moment I can only see the brute force approach.

    For those whom wants to try, here is one of the many implementations that I found on the net:
    ftp://ftp.compapp.dcu.ie/pub/crypto/rijndael.c
    In order to use it, you only need to modify the 'main' procedure, in particular to apply Rijndael you need to call these functions:
    Code:
    gentables();		// No params...
    gkey(int,int,char *);	// For Rijndael 128bit you have to pass 4 and 4 as 
    			// for the first 2 params; the 3 param is the key
    and then one of:
    Code:
    encrypt(char *);	// Encrypts text passed as (char *)
    decrypt(char *);	// Decrypts text passed as (char *)
    Good luck!

    ZaiRoN

  7. #7
    Has anyone still got this crackme. The link points nowhere.


    yaa

  8. #8
    link works for me
    Regards,
    Last edited by klier; May 16th, 2004 at 10:16. Reason: lordor reattached

  9. #9
    lordor
    Guest
    I have update the attaching file
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #10
    schar
    Guest
    Quote Originally Posted by lordor
    I have update the attaching file
    Code: 299068997
    Key:9610BE12D6E4132827705794F435CF8C

    pop up a box but no pics.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  11. #11
    lordor
    Guest
    Quote Originally Posted by schar
    Code: 299068997
    Key:9610BE12D6E4132827705794F435CF8C

    pop up a box but no pics.

    please see the showing pics's code again
    or bpm the reg code,that will take some byte to cmp
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  12. #12
    schar
    Guest
    Quote Originally Posted by lordor
    please see the showing pics's code again
    or bpm the reg code,that will take some byte to cmp
    this one works:
    Code: 299068997
    Key: 10F8C2C958F2076FD2C46F67D89FB319

    lots of milk
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Rijndael S-Box? AES... Maybe even XOR? -- Examples
    By ph3wl in forum RCE Cryptographics
    Replies: 0
    Last Post: February 21st, 2011, 12:10
  2. Crypto crackme: MD5 + DES
    By lordor in forum Mini Project Area
    Replies: 13
    Last Post: June 17th, 2004, 15:41
  3. Crypto tool
    By SheepShagger in forum Off Topic
    Replies: 11
    Last Post: May 29th, 2004, 12:17
  4. Crypto Library Help Please!
    By Clandestiny in forum RCE Cryptographics
    Replies: 4
    Last Post: September 29th, 2003, 00:42
  5. Crypto
    By JJ in forum Advanced Reversing and Programming
    Replies: 3
    Last Post: November 8th, 2000, 09:47

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •