Blip
09-20-2006, 09:28 PM
Hey there,
I suspect that this message may be in the wrong place, so please feel free to move it, or tell me where it ought to be instead...
In short, I'm looking for someone with Windows reversing experience to help take apart a proprietary program so I can interoperate with it. While I'm sure it would be great fun to become an RE wizard and do it myself, I don't have the time required, so I'm looking for someone who could help me.
Briefly, there's a program that pretends to do ordinary, standard MD5 Digest authentication with its server, but it actually seems to be inserting something funky into the MD5 hash before it sends it, because the results it's getting for a given password aren't the ones the standards say you ought to get. What I want to find out is what it's passing into the hash routine, so I can replicate it for myself and write my own client to talk to that server. For someone with the appropriate experience, I shouldn't expect it to take more than a few hours' work, if the problem is what I think it is.
Although it's fun stuff, and once it's done I would be happy to share the love and make the results public, this is for a commercial project (hence the time constraints), and as such I would be willing to pay market rates for assistance.
Is there anyone out there who could help?
I suspect that this message may be in the wrong place, so please feel free to move it, or tell me where it ought to be instead...
In short, I'm looking for someone with Windows reversing experience to help take apart a proprietary program so I can interoperate with it. While I'm sure it would be great fun to become an RE wizard and do it myself, I don't have the time required, so I'm looking for someone who could help me.
Briefly, there's a program that pretends to do ordinary, standard MD5 Digest authentication with its server, but it actually seems to be inserting something funky into the MD5 hash before it sends it, because the results it's getting for a given password aren't the ones the standards say you ought to get. What I want to find out is what it's passing into the hash routine, so I can replicate it for myself and write my own client to talk to that server. For someone with the appropriate experience, I shouldn't expect it to take more than a few hours' work, if the problem is what I think it is.
Although it's fun stuff, and once it's done I would be happy to share the love and make the results public, this is for a commercial project (hence the time constraints), and as such I would be willing to pay market rates for assistance.
Is there anyone out there who could help?