PDA

View Full Version : Crypto Scheme

galgal
August 16th, 2010, 14:41
Hey,

I'm working on some project where I need to modify a binary file for some internal debugging. The binary file is verified before executed and after doing some reversing, I managed to see that the hash is calculated via SHA1, but there's some sort of a signature at the end of the file, which is used to verify the hash.

Unfortunately, FindCrypt (IDA plug-in) and Hash and Crypto Detector couldn't detect the algorithm used. After reversing some of the function, it seems that it some sort of a key building functions using existing keys.

A. Is anybody familiar with this code/see it in other programs?
B. How would you suggest to progress?

Below is an example of one of the functions

Code:


55                         push   ebp

8B EC                      mov    ebp, esp

53                         push   ebx

56                         push   esi

57                         push   edi

8B 7D 08                   mov    edi, [ebp+arg_0]

8B 75 0C                   mov    esi, [ebp+arg_4]

8B 5D 10                   mov    ebx, [ebp+arg_8]

33 C9                      xor    ecx, ecx

8B 06                      mov    eax, [esi]

F7 E3                      mul    ebx

03 C1                      add    eax, ecx

83 D2 00                   adc    edx, 0

03 07                      add    eax, [edi]

83 D2 00                   adc    edx, 0

89 07                      mov    [edi], eax

8B CA                      mov    ecx, edx

8B 46 04                   mov    eax, [esi+4]

F7 E3                      mul    ebx

03 C1                      add    eax, ecx

83 D2 00                   adc    edx, 0

03 47 04                   add    eax, [edi+4]

83 D2 00                   adc    edx, 0

89 47 04                   mov    [edi+4], eax

8B CA                      mov    ecx, edx

8B 46 08                   mov    eax, [esi+8]

F7 E3                      mul    ebx

03 C1                      add    eax, ecx

83 D2 00                   adc    edx, 0

03 47 08                   add    eax, [edi+8]

83 D2 00                   adc    edx, 0

89 47 08                   mov    [edi+8], eax

8B CA                      mov    ecx, edx

8B 46 0C                   mov    eax, [esi+0Ch]

F7 E3                      mul    ebx

03 C1                      add    eax, ecx

83 D2 00                   adc    edx, 0

03 47 0C                   add    eax, [edi+0Ch]

83 D2 00                   adc    edx, 0

89 47 0C                   mov    [edi+0Ch], eax

8B CA                      mov    ecx, edx

8B 46 10                   mov    eax, [esi+10h]

F7 E3                      mul    ebx

03 C1                      add    eax, ecx

83 D2 00                   adc    edx, 0

03 47 10                   add    eax, [edi+10h]

83 D2 00                   adc    edx, 0

89 47 10                   mov    [edi+10h], eax

8B CA                      mov    ecx, edx

8B 46 14                   mov    eax, [esi+14h]

F7 E3                      mul    ebx

03 C1                      add    eax, ecx

83 D2 00                   adc    edx, 0

03 47 14                   add    eax, [edi+14h]

83 D2 00                   adc    edx, 0

89 47 14                   mov    [edi+14h], eax

8B CA                      mov    ecx, edx

8B 46 18                   mov    eax, [esi+18h]

F7 E3                      mul    ebx

03 C1                      add    eax, ecx

83 D2 00                   adc    edx, 0

03 47 18                   add    eax, [edi+18h]

83 D2 00                   adc    edx, 0

89 47 18                   mov    [edi+18h], eax

8B CA                      mov    ecx, edx

8B 46 1C                   mov    eax, [esi+1Ch]

F7 E3                      mul    ebx

03 C1                      add    eax, ecx

83 D2 00                   adc    edx, 0

03 47 1C                   add    eax, [edi+1Ch]

83 D2 00                   adc    edx, 0

89 47 1C                   mov    [edi+1Ch], eax

8B CA                      mov    ecx, edx

8B 46 20                   mov    eax, [esi+20h]



.....
disavowed
August 16th, 2010, 14:55
Quote:
[Originally Posted by galgal;87550]B. How would you suggest to progress?

Hex-Rays
galgal
August 16th, 2010, 14:58
Quote:
[Originally Posted by disavowed;87552]Hex-Rays


It indeed helps to understand the code, but it doesn't progress me in generating the correct signature after I modified the file. I already wrote my own 'verifier' to better understand the code and the relationship between variables.
sikke
December 20th, 2010, 14:34
Seems like part of a bignum routine (so some arithmetic on large integers like in RSA or DH). Just a first impression.
disavowed
December 25th, 2010, 21:19
Given that you're modifying the binary anyway, why not just patch the hash-validation code instead of trying to overwrite the verification-hash data?
neerm
January 22nd, 2011, 03:54
Not much idea about it. Not able to follow you from the given function. I tried to discuss this issue with my friend who is good in these. But just went on a tour and will be back by next month only. Will write back to you once he is back.
________________
pst repair (http://www.datanumen.com/aor/)
drizz
January 24th, 2011, 11:02
Hi,

Your code looks like:
edi += esi*ebx
edi, esi - bignum
ebx - uint32

Is data at the and of the file a digital signature (right click -> properties -> dig.sig.) ?

Does the verifier program use advapi32 crypto functions like CryptVerifySignature (good crypto analyzers like PEiD/KANAL report this)?

If it's a custom sig then you can patch the keys/constants (like 0x10001 to 0x1) or, as disavowed said, hash-validation code.