since this little project need to teach us how to keygen/reverse the RSA rutines, iv decided to put this one here insted of the crypto forum.

i know some (as well me) dont know much about cryptosystem, but really well want to know and study it.

i have found a small Crackme uses RSA-24 (as the author says).

the task is to keygen it!.
but also to post messages about how it work,how to use the prime,and rsa parameters,what the crackme do and finally how to keygen and share sources.

there are pretty much well documented information about how RSA is being used and how to use it.

here is the RSA crackme:

http://lkubaski.free.fr/reverse/crackme/RSAcrkme10.zip

some docs can be found at crackz's site,and of course google.

ttl
Ben

Pretty interesting

Signed,
-- FoxThree

========================
* Possible StringData Ref from Data Obj ->"9901"
|
:004029CD 68DC004200 push 004200DC
:004029D2 8D8C24E4000000 lea ecx, dword ptr [esp+000000E4]
:004029D9 E852E7FFFF call 00401130

* Possible StringData Ref from Data Obj ->"12790891"
|
:004029DE 68D0004200 push 004200D0
:004029E3 8D4C241C lea ecx, dword ptr [esp+1C]
:004029E7 C784246406000000000000 mov dword ptr [esp+00000664], 00000000
:004029F2 E839E7FFFF call 00401130

* Possible StringData Ref from Data Obj ->"8483678"
|
:004029F7 68C8004200 push 004200C8
:004029FC 8D8C2474020000 lea ecx, dword ptr [esp+00000274]
:00402A03 C684246406000001 mov byte ptr [esp+00000664], 01
:00402A0B E820E7FFFF call 00401130

* Possible StringData Ref from Data Obj ->"5666933"
|
:00402A10 68C0004200 push 004200C0
========================

i guess the first parameter is e, but for the others i am trying to see which ones from the number parameter it could be.

Yeah, I too think so. Till now what I've found is that the serial must be 14 chars long. Since it is RSA 24, the modulus must be 24 bits which means 3 bytes == 6 Hex digits. Damn, I'm unable to find anything that is 6 hex digits that can be used as the modulus

Shit what does these numbers mean: 12790891, 8483678, 5666933...

Signed,
-- FoxThree

Hi Bengaly, foxthree!!!

nice project Bengaly

difficult to say what these values are but there is an interesting call in the check routine at 402ADB.
this call is called 2 times; it takes some params as input and returns a value.
the first returned value is compared with 8483678 and the second with 5666933

i have take a quick (time to go to bed ) look at the call (call 402310) and i have found some nice informations in this call.
there are some numbers involved in this call:
- 7 chars from the serial
- 9901
- 12790891

there are also some operations:
call 401EB0: mod operation
call 401770: * operation

look carefully at 4023BD/4024CA cycle!!!
i suggest you to step this call using custom numbers; for example change 9901 to 5 and use the serial 00000020000003; that could help you to understand.

that's all for now...I hope not to have made errors!

'night.
ZaiRoN

from what iv checked in this:

serial -> 14 chars long
24bit RSA Encrypto

parameters:
---------------
9901 ; possible E
12790891
8483678
5666933
---------------

there are 2 functions which will compute 2 diff numbers for each 7 chars of the serial:

example: 12345678901234
##################

function 1:
---------------
00402AB7 |. 8D5424 18 LEA EDX,[DWORD SS:ESP+18] ; edx = 12790891
00402ABB |. 8D8424 E000000>LEA EAX,[DWORD SS:ESP+E0] ; eax = 9901
00402AC2 |. 52 PUSH EDX ; /push 12790891
00402AC3 |. 8D8C24 0404000>LEA ECX,[DWORD SS:ESP+404] ; |
00402ACA |. 50 PUSH EAX ; |push 9901
00402ACB |. 51 PUSH ECX ; |Arg1
00402ACC |. 8D8C24 9C05000>LEA ECX,[DWORD SS:ESP+59C] ; |ecx = first 7 chars (1234567)
00402AD3 |. C68424 6C06000>MOV [BYTE SS:ESP+66C],4 ; |
00402ADB |. E8 30F8FFFF CALL crackme.00402310 ; \compute number
-------------------------------------------------------

after this function the value computed is:
5041268

function 2:
-----------------------------------------------------
00402AF4 |. E8 37E6FFFF CALL crackme.00401130 ; edx=8901234
00402AF9 |. 8D4424 18 LEA EAX,[DWORD SS:ESP+18] ; eax=12790891
00402AFD |. 8D8C24 E000000>LEA ECX,[DWORD SS:ESP+E0] ; ecx=9901
00402B04 |. 50 PUSH EAX ; /push eax
00402B05 |. 8D9424 CC04000>LEA EDX,[DWORD SS:ESP+4CC] ; |
00402B0C |. 51 PUSH ECX ; |push ecx
00402B0D |. 52 PUSH EDX ; |Arg1
00402B0E |. 8D8C24 4403000>LEA ECX,[DWORD SS:ESP+344] ; |ecx=8901234
00402B15 |. C68424 6C06000>MOV [BYTE SS:ESP+66C],6 ; |
00402B1D |. E8 EEF7FFFF CALL crackme.00402310 ; \compute number 2
-----------------------------------------------------

after this function, computed number is:
8483678

some final checks:
--------------------------
00402B4E |. 8D8C24 CC04000>LEA ECX,[DWORD SS:ESP+4CC] ; ecx=5041268
00402B55 |. E8 66F2FFFF CALL crackme.00401DC0 ; test serial
00402B5A |. 85C0 TEST EAX,EAX ; eax=1 ? -> bad
00402B5C |. 0F84 A3000000 JE crackme.00402C05 ; bad_boy
------------------------------------------------------------

i still can't figure out which numbers are:
N
P
Q
e could be 9901, but i may be wrong
D

comeone crypto freaks do some help!
Ben

like Bengaly has said there are tons of paper about the rsa cryptosystem but for those who they are lazy (like me ) here is some notes from rsalabs that could help you:
http://www.rsasecurity.com/rsalabs/faq/3-1-1.html

moreover, three interesting tutorials:
http://www.woodmann.net/crackz/Tutorials/Rsa.htm
http://www.woodmann.net/crackz/Tutorials/Rsalu48.htm
http://www.woodmann.net/fravia/goatass_rsa_tut.htm

and finally, the link for the last (!?!) tE!'s rsatool:
http://www.woodmann.net/forum/attachment.php?postid=18043

you should have all the necessary...

regards,
ZaiRoN

Hello,

i wrote a tutorial about this crackme almost 3 years ago now (under my old nick acid burn)

h**p://www.woodmann.net/IDArchive/ID-RIP/database/essays/acid/rsa.txt

Yet it was not very very detailed, but i guess it could help
This crackme can't ben keygenned, since it doesn't work on the name IIRC.

Regards,

tHE ANALYST

Hi the_analyst,
i have read this tutorial right now and i have found that is incomplete
nothing serious
the tutorial is very good but the serial is not the only one you have pointed out: there are three valid serials ...

regards,
ZaiRoN

Hello,

The tutorial is old, i wasn't very experienced anyway hehe
Actually, there are WAY more than this ;-P

so, if one part is correct the serial is validated ;P
ie :

71676221234567 works
71676220031337 works
71676221122334 works
71676229874124 works etc..

but :

12345673196885 works
31337003196885 works etc..

Just my lil addon ;-)

Regards,

tHE ANALYST

yeah!

(7 Random nums)+Decrypted

or

Decrypted+(7 Random nums)

or

Decrypted+Decrypted


upto the second

oh yeah!
my *three serials* were referred to the different patterns explained by Bengaly.
my mistake

regards,
ZaiRoN