PDA

View Full Version : Crypto Scheme


galgal
August 16th, 2010, 14:41
Hey,

I'm working on some project where I need to modify a binary file for some internal debugging. The binary file is verified before executed and after doing some reversing, I managed to see that the hash is calculated via SHA1, but there's some sort of a signature at the end of the file, which is used to verify the hash.

Unfortunately, FindCrypt (IDA plug-in) and Hash and Crypto Detector couldn't detect the algorithm used. After reversing some of the function, it seems that it some sort of a key building functions using existing keys.

A. Is anybody familiar with this code/see it in other programs?
B. How would you suggest to progress?

Below is an example of one of the functions

Code:

55 push ebp
8B EC mov ebp, esp
53 push ebx
56 push esi
57 push edi
8B 7D 08 mov edi, [ebp+arg_0]
8B 75 0C mov esi, [ebp+arg_4]
8B 5D 10 mov ebx, [ebp+arg_8]
33 C9 xor ecx, ecx
8B 06 mov eax, [esi]
F7 E3 mul ebx
03 C1 add eax, ecx
83 D2 00 adc edx, 0
03 07 add eax, [edi]
83 D2 00 adc edx, 0
89 07 mov [edi], eax
8B CA mov ecx, edx
8B 46 04 mov eax, [esi+4]
F7 E3 mul ebx
03 C1 add eax, ecx
83 D2 00 adc edx, 0
03 47 04 add eax, [edi+4]
83 D2 00 adc edx, 0
89 47 04 mov [edi+4], eax
8B CA mov ecx, edx
8B 46 08 mov eax, [esi+8]
F7 E3 mul ebx
03 C1 add eax, ecx
83 D2 00 adc edx, 0
03 47 08 add eax, [edi+8]
83 D2 00 adc edx, 0
89 47 08 mov [edi+8], eax
8B CA mov ecx, edx
8B 46 0C mov eax, [esi+0Ch]
F7 E3 mul ebx
03 C1 add eax, ecx
83 D2 00 adc edx, 0
03 47 0C add eax, [edi+0Ch]
83 D2 00 adc edx, 0
89 47 0C mov [edi+0Ch], eax
8B CA mov ecx, edx
8B 46 10 mov eax, [esi+10h]
F7 E3 mul ebx
03 C1 add eax, ecx
83 D2 00 adc edx, 0
03 47 10 add eax, [edi+10h]
83 D2 00 adc edx, 0
89 47 10 mov [edi+10h], eax
8B CA mov ecx, edx
8B 46 14 mov eax, [esi+14h]
F7 E3 mul ebx
03 C1 add eax, ecx
83 D2 00 adc edx, 0
03 47 14 add eax, [edi+14h]
83 D2 00 adc edx, 0
89 47 14 mov [edi+14h], eax
8B CA mov ecx, edx
8B 46 18 mov eax, [esi+18h]
F7 E3 mul ebx
03 C1 add eax, ecx
83 D2 00 adc edx, 0
03 47 18 add eax, [edi+18h]
83 D2 00 adc edx, 0
89 47 18 mov [edi+18h], eax
8B CA mov ecx, edx
8B 46 1C mov eax, [esi+1Ch]
F7 E3 mul ebx
03 C1 add eax, ecx
83 D2 00 adc edx, 0
03 47 1C add eax, [edi+1Ch]
83 D2 00 adc edx, 0
89 47 1C mov [edi+1Ch], eax
8B CA mov ecx, edx
8B 46 20 mov eax, [esi+20h]

.....


disavowed
August 16th, 2010, 14:55
Quote:
[Originally Posted by galgal;87550]B. How would you suggest to progress?

Hex-Rays

galgal
August 16th, 2010, 14:58
Quote:
[Originally Posted by disavowed;87552]Hex-Rays


It indeed helps to understand the code, but it doesn't progress me in generating the correct signature after I modified the file. I already wrote my own 'verifier' to better understand the code and the relationship between variables.

sikke
December 20th, 2010, 14:34
Seems like part of a bignum routine (so some arithmetic on large integers like in RSA or DH). Just a first impression.

disavowed
December 25th, 2010, 21:19
Given that you're modifying the binary anyway, why not just patch the hash-validation code instead of trying to overwrite the verification-hash data?

neerm
January 22nd, 2011, 03:54
Not much idea about it. Not able to follow you from the given function. I tried to discuss this issue with my friend who is good in these. But just went on a tour and will be back by next month only. Will write back to you once he is back.
________________
pst repair (http://www.datanumen.com/aor/)

drizz
January 24th, 2011, 11:02
Hi,

Your code looks like:
edi += esi*ebx
edi, esi - bignum
ebx - uint32

Is data at the and of the file a digital signature (right click -> properties -> dig.sig.) ?

Does the verifier program use advapi32 crypto functions like CryptVerifySignature (good crypto analyzers like PEiD/KANAL report this)?

If it's a custom sig then you can patch the keys/constants (like 0x10001 to 0x1) or, as disavowed said, hash-validation code.