Log in

View Full Version : Tutorials about cryptogrphy used in shareware programs


draX
February 27th, 2001, 08:37
maybe someone of you can help me. i'm looking for tutorials on how to attack programs protected by RSA, DES, DSA, Elgamal or other encryption methods. i found two tutorials about RSA but they don'T help me much, i also got some keygensources by tE! and duelist, but its hard to understand what they are doing without any comments. the book applied cryptography doesn't help me either cause it's to much theoretical, i'm looking for some practise with programs out ther, if someone could help me, that would be great
thx
draX

goatass
February 27th, 2001, 09:53
Umm..what program are you working on ?
tE!'s keygens are excellent and if you don't understand them without comments you won't have much luck with cryptography, also the Applied Cryptography book is the theory of crypto like you said and that's why you need to read it and it's very important. Did you read my RSA paper ? it should help you out in locating the protection and identifying it..I have another ElGamal paper in the works but I'm home for break so I can't work on it. The method I suggest is to first locate the place where the check is located, then look around for any string refs of numbers that could be used in encryption, then try to figure out how the program verifies the key, if you know the formula it uses to verify then you can figure out what crypto algo it uses. Most likey it will use a signature (public/private key) algorithm when dealing with serial numbers, once again I don't know what program you are working on so I can't give you more details. Also check to see if there is some kind of Hashing happening to your username and company/e-mail or whatever (I'm assuming you are dealing with a serial number routine) check if there is a number that is used alot in calls it is most likely the modulus or prime see if that number is incremented or decremented by one (1) that should help also to isolate the other calls related to the algorithm.

Hope that helped
goatass

draX
February 27th, 2001, 12:00
thx for your reply goatass, i'm not working on a special program, i was just looking for some papers that get me started in crypto reversing. as i said, the keygens didnt help me much, cause tE! and duelist doen't describe how they reversed the app. i'm not interested in the result, i want to see how it is done, if you get my point(my english is not that good). where can i get your paper? and when will your paper about elgamal be finished(i hope soon )


greetings draX

goatass
February 27th, 2001, 14:14
You can get my paper from tsehp.cjb.net and zencrack2.cjb.net it describes alot of the basics on locating the crypto related functions. I do suggest you read the Applied Crypto book all the number theories are very important to understanding how it all works. tE! keygen for SecureCRT is very good because it has code to solve DLP and reduce the group a generator is in which is very helpful anf if you understand the theory you will have no problem understanding his source codes.

goatass

draX
February 27th, 2001, 15:28
do you know if there are any tutorials about how to crack crypto protected programs? i mean not only the keygen sources. some sort of explanation would be of big help for me.

goatass
February 27th, 2001, 16:53
No not really I had the same problem when I started working with crypto that's why you have to read the Crypto books and learn it yourself from scratch.

goatass

draX
February 28th, 2001, 02:18
ok, i'll get as much info about crypto theory as i can(and try to understand them ) but can you make any suggestions on what to start first? are there any program that are good to practise on?

draX
February 28th, 2001, 02:18
ok, i'll get as much info about crypto theory as i can(and try to understand it ) but can you make any suggestions on what to start first? are there any program that are good to practise on?

draX
February 28th, 2001, 02:20
sorry for posting the above twice, i had some problem with my browser.

goatass
February 28th, 2001, 19:47
yeah read the theory it's very important. I don't really know any programs that are easy to reverse when it comes to crypto. I do suggest you check out TMG's Keygenme #2 the one I wrote my paper on since it is very easy to spot the protection therefore you can focus on understanding it and if you get stuck there is my paper to help you. Once you do that get Duelist's keygen sources and go download the programs he has keygen sources for so you can use the sources as a guide.

feel free to ask for help if you get stuck.

goatass

Kilby!
March 1st, 2001, 05:57
This is a little bit of a side issue.

A good way of getting a good basic knowledge of cyphers is "The Code Book" by Simon Singh (it's out in paperback).

It had reasionable info in RSA & DES, and the challenges (at the back of the book) are pretty good for learning the principles of decryption.

It's amazing how many shareware packages use the simplest of algorithms which could be broken by hand (if anybody was bored enough to bother, BTW KIATerm was one of them)

Unfortunitely the 10,000 UK pounds prize has been won.

Kilby...

draX
March 1st, 2001, 06:47
thx for all your help goatass, i'm sure i'll have alot of questions when starting the real work, but its good to know that someone is there who tries to help you. thanks