Dear Storm,

I'm inspired with the document your gave "OpenSSL 1024 bit RSA Private Key Breakdown". I see the public key before when do dynamic debug with edb(as the attached picture shows), but I don't understand it, after read the document, I fully understand it.

I still don't know how to make the rsa signature files, but with your help I have found and understand the public key, and have verify my understanding is right with BigCal. Here I should say many thanks to you for your warm help and guide.

I may still have some questions related, hope you can still give help, thanks again.

Have you read the instructions in your IDA/Flair/readme.txt ?

Git

Hi Git,

I mean I don't know which files of OpenSSL should be used as input of Flair/pelf, I have ever used flair on flexlm lib signature generation before, so know the basic usage.

2048bit RSA, any suggestion to crack to get private key? Or have to give up?

If the key is properly generated then it is close to impossible. To create the correct .lib you must compile OpenSSL with the same compiler used to create the exe you are reversing, and for the same target (linux, win32, etc)

Git

Yes would almost be inpossible to Brutecrack 2048bit RSA, if not impossible.
Youre only hope is to bypass(patch) the intire check for the RSA part.

However
There was some scientist that i read about last year that broke Rsa with sound gear, and cracked a 4096-bit RSA key

Read about it here http://www.tau.ac.il/~tromer/acoustic/

Dear Storm,

Why when using IDAscope, I have no this part that highlight with red colour below? Would you help have a look? (Attachment is my view when using IDAscope)

[/] setting up widgets...
[|] loading FunctionInspectionWidget
[|] loading WinApiWidget
[|] loading CryptoIdentificationWidget
[|] loading YaraScannerWidget
[\] this took 0.20 seconds.

Using FLIRT signature: Microsoft VisualC 2-10/net runtime
loading rules from file: C:\yara\apt.yar (72)
loading rules from file: C:\yara\APT_NGO_wuaclt.yar (1)
loading rules from file: C:\yara\APT_NGO_wuaclt_PDF.yar (1)
loading rules from file: C:\yara\avdetect.yar (1)
[!] Could not load yara rules from file: C:\yara\cve.yar
loading rules from file: C:\yara\dbgdetect.yar (3)
loading rules from file: C:\yara\GeorBotBinary.yara (1)
loading rules from file: C:\yara\GeorBotMemory.yara (1)
loading rules from file: C:\yara\hangover.yar (16)
[!] Could not load yara rules from file: C:\yara\index.yar
loading rules from file: C:\yara\sandboxdetect.yar (1)
loading rules from file: C:\yara\vmdetect.yar (1)
loading rules from file: C:\yara\xplug.yar (2)


[!] Performing YARA scan...

you need to DL the yara sigs https://github.com/zerklabs/yarasigs
unpack all to lets say c:\yara . Then edit the
C:\Users\yourfolder\Downloads\ida\ida\plugins\IDAscope\idascope\config.py

line
but Yara are for Malware sigs , the crypto search engine is in you picture also .

there are two options to perform crypto search.

I use it to search for s-boxes and other , on Powerpc targets so defently work with linux targets also.

Below is my setting as reference yours.
configuration = {
"config_path_sep": "\\",
"plugin_only": False,
"paths": {
# "idascope_root_dir": "E:\\Program Files\\ida61\\plugins",
"idascope_root_dir": "",
"semantics_file": "idascope\\data\\semantics.json",
"semantics_folder": "idascope\\data\\semantics",
"winapi_keywords_file": "idascope\\data\\winapi_keywords.json",
"winapi_rootdir": "C:\\WinAPI\\"
},
"winapi": {
"search_hotkey": "ctrl+y",
"load_keyword_database": True,
"online_enabled": True
},
"inspection": {
"default_semantics": "win-ring3"
},
"yara": {
"yara_sigs": ["C:\\yara"]
}
}

And I have put yara sigs under c:\yara.



Below message will be shown in IDA automatically after "file->script file->IDAScope.py", or I should do something else?

if you do a yara scan
you will quickly see if the scanner is set proberly.

you will see the yara rules load after push button peform yara scan

Also you can add you own sigs to yara
read this post https://hacking.ventures/rsa-keys-in-heartbleed-memory/


he adds the RSA headers to the scanner

I'm sorry I didn't notice there is a push button, yes, I see the yara rules loaded when push the button, thank you so much.

Which file I should put this rule into? I try name a new rule file as rsa.yar, but seems failed to load.

A RSA modulus has no special format and cannot be found by looking for some signature, since there is none. It is just a block of random looking bytes and the only way to know it is a modulus would be either finding a reference to it as an RSA parameter or by trying to factorize it (including all possible memory encodings) and not finding any factors after some minutes.

Did you yet find out if RSA is even used in your software and not just included as part of the library? It's a bit pointless to search for something which is not there, isn't it?

make a file called Rsa.yar
remember to add it to the index file


it is fully possible to find rsa signatures from memory http://www.trapkit.de/research/sslke...0_20060205.pdf

Bridge found the public rsa key that way in post 16
http://forum.exetools.com/showpost.p...7&postcount=16

but offcause it could be ofuscated and embedded in other files these days, and very hard to find

https://b161268c3bf5a87bc67309e7c870...ARA-Manual.pdf

Yara is almost a own script langueg by itself.

No, it is not. It is possible to find SSL signatures from memory, since SSL certificates have a known layout.

If you find a SSL certificate, you know where to look for the RSA modulus. But since SSL certificates are - like the name suggests - used for HTTPS connections over SSL/TLS, you will never use one for keygenning or software protection.

In software protection or keygenning you might use RSA, but then you will only use RSA, never SSL, therefore you will never have any SSL certificates involved, so it's not possible to find them by some signature matching algorithm.

Yes but now i have been talking about SSL Cert all along, and since he found the public signatures i asume he is looking for cetificates.
Bridge must answer for this, not me.Im only trying to help the dude.

as i stated in a previus post it would be impossible to break anyway.

@Kerlingen & Storm
I see the public key similar as below(but for my case, it's 2048bit), so whether means it's SSL Cert? If yes, whether have chance to break? Thanks.

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHikastc8+I81zCg/qWW8dMr8m
qvXQ3qbPAmu0RjxoZVI47tvskYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vck
NaW2R6U5QTdQ5Rq5u+uV3pMk7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffB
By0IGO0zc128IshYcwIDAQAB
-----END PUBLIC KEY-----

Dear Kelingen,

Sorry, I missed this post. Yes, I found the public key when did dynamic debug(thanks Storm's help).

It's 2048bit RSA, I have verified the public key with manual caculation by bigcal tool for (m^e)mod(n), the public key is right.

If use openssl RSA, not sure whether have chance to get the private key?

From Storm: it is fully possible to find rsa signatures from memory http://www.trapkit.de/research/sslkeyfinder/keyfinder_v1.0_20060205.pdf , maybe have chance.

Dear Storm,

You have helped me a lots, in fact, the breakthrough comes from the article you recommended, thank you so much. :-)