Quote:
Originally Posted by Kerlingen
It's not RSA, it's ElGamal.
|
I don't think it is ElGamal.
The Elgamal Encrypt/Decrypt procedures from the FGInt library do not use the 3 padding bits "111" as in the RSA.
Also I have keygened a few applications that use almost the same version of the FGInt library so I could easily identify the decryption routine and confirmed it with a compare.
Furthermore the Elgamal procedures use for conversions "only" the procedure "FGIntToBase256String" whereas the RSA En/Decrypt procedures use "Base2StringToFGInt", FGIntToBase2String, "convertBase256to2"
The program is very old and the original homepage is no more available.
I have therefore attached it here, if you want to try your hands on it.
The main application is compressed with Aspack, so it should not be a problem for a pro like you to unpack it.
By the way it uses BlowFish to save the entered UserName and RegCode in an app_name.fdb file and the RegData are checked on application restart.
My observation is that Kanal plugin in PEID is not able to detect older implementations of the FGIntRSA routines, especially when the RSA values are not in plain ASCII texts.
Using the RE-SIGS v0.18 PUBLIC by dihuxx in IDA to create MAP-file helped to resolve some of the FGIntRSA procedures.
Regards,
TemPoMat