lordor
January 7th, 2004, 05:12
This is very simple crackme,use some cryptography arihmetic.I hope you can learn something from this crackme.If you register succeeded,you will see a picture.
lordor
1.7
lordor
1.7
View Full Version : Crypto crackme: Rijndael
ZaiRoN
January 8th, 2004, 15:54
Hi lordor,
nice to see another crackme from you, thx :-)
The crackme wants a code/serial combination to be registered. The code box is already filled with a value obtained by this simple operation:
(Volume_Serial_Number xor 0xABCDE123) / 4
The serial box is not filled and it's another story...
I don't have solved it yet but, stepping a little through the program I notice that Rijndael algo is used. You can found a lot of informations about this block cipher at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/
There are also some threads in this forum speaking about Rijndael, a simple search will lead you to this threads.
Back to the crackme. The code and the serial are both read at the beginning of the protection routine; after that there is a suspicious call:
This call fills the buffer pointed by 40E304 with 16 bytes. The call encrypts the serial using Rijndael algo with 128 bit Key equals to:
0x01 0x03 0x05 0x07 0x09 0x01 0x02 0x06 0x07 0x08 0x09 0x00 0x07 0x03 0x07 0x08
How can I understand this fact? Well, there is not a specific rule to understand which algo is used but there are some facts that can guide you through the identification process. I.e. the initial xor between the key and the serial that produces 4 dword, the fact that these dword are used and changed in the next 9 rounds cycle, the 128 bit return value and so on...; little things all together.
Obviously, to be sure about the use of the rijndael algo I have tested the serial/key with my own rijndael simulation program, trying to verify my idea. If you are too lazy to write some lines in c (or in your preferred language) you can use a nice tool called CrypTool available from http://www.cryptool.com/
It does contains the implementations of the most common algos and it might help you in these cases.
After this algo and before the final check there is another call:
Even this call seems to be another Rijndael algo; the call is *very* similar to the previous one and the key should be:
0x53 0xDD 0xFA 0x1A 0x2B 0x11 0xC5 0x75 0x38 0xC1 0xAE 0x8D 0xA5 0x0D 0x58 0x11
Unfortunately, this is not true or (maybe) I drown in a inch of water...
Is there someone that is working on this crackme that can help me?
ciao,
ZaiRoN
nice to see another crackme from you, thx :-)
The crackme wants a code/serial combination to be registered. The code box is already filled with a value obtained by this simple operation:
(Volume_Serial_Number xor 0xABCDE123) / 4
The serial box is not filled and it's another story...
I don't have solved it yet but, stepping a little through the program I notice that Rijndael algo is used. You can found a lot of informations about this block cipher at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/
There are also some threads in this forum speaking about Rijndael, a simple search will lead you to this threads.
Back to the crackme. The code and the serial are both read at the beginning of the protection routine; after that there is a suspicious call:
Code:
00401286 PUSH crackme.0040E304 ; Arg2 = 0040E304 -> empty buffer
0040128B PUSH crackme.0040E374 ; Arg1 = 0040E374 -> the serial you have typed
00401290 LEA ECX,DWORD PTR SS:[ESP+24]
00401294 CALL crackme.004023B0
This call fills the buffer pointed by 40E304 with 16 bytes. The call encrypts the serial using Rijndael algo with 128 bit Key equals to:
0x01 0x03 0x05 0x07 0x09 0x01 0x02 0x06 0x07 0x08 0x09 0x00 0x07 0x03 0x07 0x08
How can I understand this fact? Well, there is not a specific rule to understand which algo is used but there are some facts that can guide you through the identification process. I.e. the initial xor between the key and the serial that produces 4 dword, the fact that these dword are used and changed in the next 9 rounds cycle, the 128 bit return value and so on...; little things all together.
Obviously, to be sure about the use of the rijndael algo I have tested the serial/key with my own rijndael simulation program, trying to verify my idea. If you are too lazy to write some lines in c (or in your preferred language) you can use a nice tool called CrypTool available from http://www.cryptool.com/
It does contains the implementations of the most common algos and it might help you in these cases.
After this algo and before the final check there is another call:
Code:
004012B9 PUSH crackme.0040E374 ; 40E374 points to an empty buffer
004012BE PUSH crackme.0040E304 ; 40E304 points to a string obtained from the mix
; of the serial and the rijndael returned bytes
004012C3 LEA ECX,DWORD PTR SS:[ESP+24]
004012C7 STOS WORD PTR ES:[EDI]
004012C9 CALL crackme.004026B0
Even this call seems to be another Rijndael algo; the call is *very* similar to the previous one and the key should be:
0x53 0xDD 0xFA 0x1A 0x2B 0x11 0xC5 0x75 0x38 0xC1 0xAE 0x8D 0xA5 0x0D 0x58 0x11
Unfortunately, this is not true or (maybe) I drown in a inch of water...
Is there someone that is working on this crackme that can help me?
ciao,
ZaiRoN
NeO
January 12th, 2004, 09:41
All what you found out is right as alwasy...:P
The crypto calls are the same only the key is different.
But the main problem is how to get pass this :
.text:004012DB jnz short loc_4012D6
.text:004012DD mov cl, byte_40E374
.text:004012E3 sub eax, edx
.text:004012E5 cmp cl, 30h
.text:004012E8 jnz loc_4013B1
.text:004012EE cmp byte_40E373[eax], 3Dh
.text:004012F5 jnz loc_4013B1
.text:004012FB cmp eax, 10h
.text:004012FE jnz loc_4013B1
.text:00401304 mov edx, dword_40E379
bye NeO
The crypto calls are the same only the key is different.
But the main problem is how to get pass this :
.text:004012DB jnz short loc_4012D6
.text:004012DD mov cl, byte_40E374
.text:004012E3 sub eax, edx
.text:004012E5 cmp cl, 30h
.text:004012E8 jnz loc_4013B1
.text:004012EE cmp byte_40E373[eax], 3Dh
.text:004012F5 jnz loc_4013B1
.text:004012FB cmp eax, 10h
.text:004012FE jnz loc_4013B1
.text:00401304 mov edx, dword_40E379
bye NeO
ZaiRoN
January 13th, 2004, 06:55
Hi NeO,
Ok, you are right but it's not totally true. The call implements Rijndael algo but this time it decrypts the text using the same key used in the previous Rijndael call.
This is the structure of the main protection routine:
Part of the final check was posted by Ne0; as you can see the first byte of r2 must be 0x30 and the last byte (the 16°) must be 0x03D. r2 has to satisfy another rule:
That's all! Who wants to write the keygen? ;-)
ZaiRoN
Quote:
| [Originally Posted by NeO]The crypto calls are the same only the key is different. |
This is the structure of the main protection routine:
Code:
key = 0x01 0x03 0x05 0x07 0x09 0x01 0x02 0x06 0x07 0x08 0x09 0x00 0x07 0x03 0x07 0x08
Rijndael_encrypt(serial, key) = r1
r1 and serial are mixed using the call at 4012A3; rm1 is the result
Rijndael_decrypt(rm1, key) = r2
final_check...
Code:
00401304 MOV EDX,DWORD PTR DS:[40E379] <-- edx takes char number 6,7,8 and 9 from r2
...
00401325 MOV DWORD PTR DS:[40E308],EDX <-- move them
0040132B MOV DL,BYTE PTR DS:[40E340] <-- dl = the first char of the code in hex format
...
00401336 CMP DL,BYTE PTR DS:[40E308] <-- char number 6 from r2 must be equal to dl
...
00401350 JNZ SHORT crackme.004013B1 <-- jump to error if not equals, otherwise: registered
That's all! Who wants to write the keygen? ;-)
ZaiRoN
NeO
January 13th, 2004, 18:15
Hello all ..
I think you need to write bruter for this...if there is any other way let me know :P
Hint:use serial_lenght 16 bytes(32letters)
Bye NeO
I think you need to write bruter for this...if there is any other way let me know :P
Hint:use serial_lenght 16 bytes(32letters)
Bye NeO
ZaiRoN
January 14th, 2004, 18:08
Hi Ne0,
you should be right, at the moment I can only see the brute force approach.
For those whom wants to try, here is one of the many implementations that I found on the net:
ftp://ftp.compapp.dcu.ie/pub/crypto/rijndael.c
In order to use it, you only need to modify the 'main' procedure, in particular to apply Rijndael you need to call these functions:
and then one of:
Good luck!
ZaiRoN
you should be right, at the moment I can only see the brute force approach.
For those whom wants to try, here is one of the many implementations that I found on the net:
ftp://ftp.compapp.dcu.ie/pub/crypto/rijndael.c
In order to use it, you only need to modify the 'main' procedure, in particular to apply Rijndael you need to call these functions:
Code:
gentables(); // No params...
gkey(int,int,char *); // For Rijndael 128bit you have to pass 4 and 4 as
// for the first 2 params; the 3° param is the key
and then one of:
Code:
encrypt(char *); // Encrypts text passed as (char *)
decrypt(char *); // Decrypts text passed as (char *)
Good luck!
ZaiRoN
yaa
May 14th, 2004, 17:23
Has anyone still got this crackme. The link points nowhere.
yaa
yaa
klier
May 15th, 2004, 10:17
link works for me
Regards,
Regards,
lordor
May 16th, 2004, 23:09
I have update the attaching file
schar
May 17th, 2004, 00:05
Quote:
| [Originally Posted by lordor]I have update the attaching file |
Code: 299068997
Key:9610BE12D6E4132827705794F435CF8C
pop up a box but no pics.
lordor
May 17th, 2004, 00:15
Quote:
| [Originally Posted by schar]Code: 299068997 Key:9610BE12D6E4132827705794F435CF8C pop up a box but no pics. |
please see the showing pics's code again
or bpm the reg code,that will take some byte to cmp
schar
May 17th, 2004, 00:39
Quote:
| [Originally Posted by lordor]please see the showing pics's code again or bpm the reg code,that will take some byte to cmp |
this one works:
Code: 299068997
Key: 10F8C2C958F2076FD2C46F67D89FB319
lots of milk
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.