Log in

View Full Version : Serials and hashing

fr33ke
October 15th, 2007, 22:38
In a recent target I encountered a hash function in the serial algorithm. It went something like this:
Code:
Code:
checksum_hash(string tmp)

  checksum = 0;

  for each char in tmp

    checksum += char;

  checksum = checksum % 9 + 1;



  do checksum times

    tmp = string(md5(tmp));



  return tmp;

Apparently just hashing it once wasn't enough The funny thing however was that this hashing provided absolutely no security. It was used like this:
Code:
Code:
check_if_regged:

  namehash  = checksum_hash(name);

  producthash = checksum_hash("ProductName";



  for(i = 0; i < 4; i++)

    key[I] = "ABCDEFGHJKLMNPQRSTUVWXY123456789"[

      (namehash[I] + producthash[I]) % 32

    ];



  return checksum_hash(serial1) == checksum_hash(key);

The last line is true when serial is the same as key. We can calculate key when we know both namehash and producthash, and we know those because we know the product name and the name of the user.

The hashing adds no security because if we know something we know its hash too. The strength of a cryptographic hash lies in the reverse: if we know the hash, we don't know which input can make that hash. The only good way to use a hash as the main protection is thus to take the hash of something we don't know, like the serial, and compare it to hardcoded hashes.

P.S. The target had another check on another part of the serial, but it was easily defeated too