Is this RSA algorithm? - Page 2

bridgeic · #16 08-07-2014, 17:34

Quote:

Originally Posted by Storm Shadow

the script searches for the public rsa key header in certicates as shown here.

http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.html

Dear Storm,

I'm inspired with the document your gave "OpenSSL 1024 bit RSA Private Key Breakdown". I see the public key before when do dynamic debug with edb(as the attached picture shows), but I don't understand it, after read the document, I fully understand it.

I still don't know how to make the rsa signature files, but with your help I have found and understand the public key, and have verify my understanding is right with BigCal. Here I should say many thanks to you for your warm help and guide.

I may still have some questions related, hope you can still give help, thanks again.

Git · #17 08-07-2014, 17:49

Have you read the instructions in your IDA/Flair/readme.txt ?

Git

bridgeic · #18 08-07-2014, 20:28

Quote:

Originally Posted by Git

Have you read the instructions in your IDA/Flair/readme.txt ?

Git

Hi Git,

I mean I don't know which files of OpenSSL should be used as input of Flair/pelf, I have ever used flair on flexlm lib signature generation before, so know the basic usage.

2048bit RSA, any suggestion to crack to get private key? Or have to give up?

Git · #19 08-08-2014, 17:11

If the key is properly generated then it is close to impossible. To create the correct .lib you must compile OpenSSL with the same compiler used to create the exe you are reversing, and for the same target (linux, win32, etc)

Git

Storm Shadow · #20 08-08-2014, 19:23

Yes would almost be inpossible to Brutecrack 2048bit RSA, if not impossible.
Youre only hope is to bypass(patch) the intire check for the RSA part.

However
There was some scientist that i read about last year that broke Rsa with sound gear, and cracked a 4096-bit RSA key

Read about it here http://www.tau.ac.il/~tromer/acoustic/

bridgeic · #21 08-09-2014, 08:40

Quote:

Originally Posted by Storm Shadow

the ida scope plugin does a very nice jobb checking crypto.I did a fix for ida 6.1 here http://techbliss.org/threads/idascope-v1-1-yara-scanning-fixed-for-ida-6-1-python-2-7.484/#post-1509

Dear Storm,

Why when using IDAscope, I have no this part that highlight with red colour below? Would you help have a look? (Attachment is my view when using IDAscope)

[/] setting up widgets...
[|] loading FunctionInspectionWidget
[|] loading WinApiWidget
[|] loading CryptoIdentificationWidget
[|] loading YaraScannerWidget
[\] this took 0.20 seconds.

Using FLIRT signature: Microsoft VisualC 2-10/net runtime
loading rules from file: C:\yara\apt.yar (72)
loading rules from file: C:\yara\APT_NGO_wuaclt.yar (1)
loading rules from file: C:\yara\APT_NGO_wuaclt_PDF.yar (1)
loading rules from file: C:\yara\avdetect.yar (1)
[!] Could not load yara rules from file: C:\yara\cve.yar
loading rules from file: C:\yara\dbgdetect.yar (3)
loading rules from file: C:\yara\GeorBotBinary.yara (1)
loading rules from file: C:\yara\GeorBotMemory.yara (1)
loading rules from file: C:\yara\hangover.yar (16)
[!] Could not load yara rules from file: C:\yara\index.yar
loading rules from file: C:\yara\sandboxdetect.yar (1)
loading rules from file: C:\yara\vmdetect.yar (1)
loading rules from file: C:\yara\xplug.yar (2)

[!] Performing YARA scan...

Storm Shadow · #22 08-09-2014, 09:37

you need to DL the yara sigs https://github.com/zerklabs/yarasigs
unpack all to lets say c:\yara . Then edit the
C:\Users\yourfolder\Downloads\ida\ida\plugins\IDAscope\idascope\config.py

line

Code:

 "inspection": {
        "default_semantics": "win-ring3"
        },
    "yara": {
        "yara_sigs": ["C:\\yara"]
        }
}

but Yara are for Malware sigs , the crypto search engine is in you picture also .

there are two options to perform crypto search.

I use it to search for s-boxes and other , on Powerpc targets so defently work with linux targets also.

bridgeic · #23 08-09-2014, 10:08

Quote:

Originally Posted by Storm Shadow

you need to DL the yara sigs https://github.com/zerklabs/yarasigs
unpack all to lets say c:\yara . Then edit the
C:\Users\yourfolder\Downloads\ida\ida\plugins\IDAscope\idascope\config.py

line

Code:

 "inspection": {
        "default_semantics": "win-ring3"
        },
    "yara": {
        "yara_sigs": ["C:\\yara"]
        }
}

Below is my setting as reference yours.
configuration = {
"config_path_sep": "\\",
"plugin_only": False,
"paths": {
# "idascope_root_dir": "E:\\Program Files\\ida61\\plugins",
"idascope_root_dir": "",
"semantics_file": "idascope\\data\\semantics.json",
"semantics_folder": "idascope\\data\\semantics",
"winapi_keywords_file": "idascope\\data\\winapi_keywords.json",
"winapi_rootdir": "C:\\WinAPI\\"
},
"winapi": {
"search_hotkey": "ctrl+y",
"load_keyword_database": True,
"online_enabled": True
},
"inspection": {
"default_semantics": "win-ring3"
},
"yara": {
"yara_sigs": ["C:\\yara"]
}
}

And I have put yara sigs under c:\yara.

Quote:

Originally Posted by Storm Shadow

but Yara are for Malware sigs.

Below message will be shown in IDA automatically after "file->script file->IDAScope.py", or I should do something else?

Storm Shadow · #24 08-09-2014, 10:27

if you do a yara scan
you will quickly see if the scanner is set proberly.

you will see the yara rules load after push button peform yara scan

Code:

loading rules from file: C:\yara\cve.yar (3)
loading rules from file: C:\yara\index.yar (0)
loading rules from file: C:\yara\xplug.yar (2)
loading rules from file: C:\yara\AlienVault\apt.yar (72)
loading rules from file: C:\yara\AlienVault\avdetect.yar (1)
loading rules from file: C:\yara\AlienVault\dbgdetect.yar (3)
loading rules from file: C:\yara\AlienVault\hangover.yar (16)
loading rules from file: C:\yara\AlienVault\sandboxdetect.yar (1)
loading rules from file: C:\yara\AlienVault\vmdetect.yar (1)
loading rules from file: C:\yara\AlienVault\APT_NGO_wuaclt\yara\APT_NGO_wuaclt.yar (1)
loading rules from file: C:\yara\AlienVault\APT_NGO_wuaclt\yara\APT_NGO_wuaclt_PDF.yar (1)
loading rules from file: C:\yara\AlienVault\Georbot\GeorBotBinary.yara (1)
loading rules from file: C:\yara\AlienVault\Georbot\GeorBotMemory.yara (1)
[!] Performing YARA scan...

Also you can add you own sigs to yara
read this post https://hacking.ventures/rsa-keys-in-heartbleed-memory/

he adds the RSA headers to the scanner

Code:

rules = yara.compile(sources = {  
  'x509' : 'rule x509 {strings: $a = {30 82 ?? ?? 30 82 ?? ??} condition: $a}',
  'pkcs' : 'rule pkcs {strings: $a = {30 82 ?? ?? 02 01 00} condition: $a}',
  })

bridgeic · #25 08-09-2014, 14:07

Quote:

Originally Posted by Storm Shadow

if you do a yara scan
you will quickly see if the scanner is set proberly.

you will see the yara rules load after push button peform yara scan
RL]

I'm sorry I didn't notice there is a push button, yes, I see the yara rules loaded when push the button, thank you so much.

Quote:

Originally Posted by Storm Shadow

he adds the RSA headers to the scanner

Code:

rules = yara.compile(sources = {  
  'x509' : 'rule x509 {strings: $a = {30 82 ?? ?? 30 82 ?? ??} condition: $a}',
  'pkcs' : 'rule pkcs {strings: $a = {30 82 ?? ?? 02 01 00} condition: $a}',
  })

Which file I should put this rule into? I try name a new rule file as rsa.yar, but seems failed to load.

Kerlingen · #26 08-09-2014, 17:05

A RSA modulus has no special format and cannot be found by looking for some signature, since there is none. It is just a block of random looking bytes and the only way to know it is a modulus would be either finding a reference to it as an RSA parameter or by trying to factorize it (including all possible memory encodings) and not finding any factors after some minutes.

Did you yet find out if RSA is even used in your software and not just included as part of the library? It's a bit pointless to search for something which is not there, isn't it?

Storm Shadow · #27 08-09-2014, 17:36

make a file called Rsa.yar
remember to add it to the index file

Code:

rule Rsa
{
	strings:
		$a = {30 82 ?? ?? 30 82 ?? ??} // x509 OpenSSL 1024 Cert public key
		$b = {30 82 ?? ?? 02 01 00} // pkcs OpenSSL 1024 bit RSA Private Key

	condition:
		$a or $b
}

it is fully possible to find rsa signatures from memory http://www.trapkit.de/research/sslke...0_20060205.pdf

Bridge found the public rsa key that way in post 16
http://forum.exetools.com/showpost.p...7&postcount=16

but offcause it could be ofuscated and embedded in other files these days, and very hard to find

https://b161268c3bf5a87bc67309e7c870...ARA-Manual.pdf

Yara is almost a own script langueg by itself.

Kerlingen · #28 08-09-2014, 18:42

Quote:

Originally Posted by Storm Shadow

it is fully possible to find rsa signatures from memory

No, it is not. It is possible to find SSL signatures from memory, since SSL certificates have a known layout.

If you find a SSL certificate, you know where to look for the RSA modulus. But since SSL certificates are - like the name suggests - used for HTTPS connections over SSL/TLS, you will never use one for keygenning or software protection.

In software protection or keygenning you might use RSA, but then you will only use RSA, never SSL, therefore you will never have any SSL certificates involved, so it's not possible to find them by some signature matching algorithm.

Storm Shadow · #29 08-09-2014, 18:50

Yes but now i have been talking about SSL Cert all along, and since he found the public signatures i asume he is looking for cetificates.
Bridge must answer for this, not me.Im only trying to help the dude.

as i stated in a previus post it would be impossible to break anyway.

bridgeic · #30 08-09-2014, 21:08

@Kerlingen & Storm
I see the public key similar as below(but for my case, it's 2048bit), so whether means it's SSL Cert? If yes, whether have chance to break? Thanks.

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHikastc8+I81zCg/qWW8dMr8m
qvXQ3qbPAmu0RjxoZVI47tvskYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vck
NaW2R6U5QTdQ5Rq5u+uV3pMk7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffB
By0IGO0zc128IshYcwIDAQAB
-----END PUBLIC KEY-----

Quote:

Originally Posted by Kerlingen

Did you yet find out if RSA is even used in your software and not just included as part of the library? It's a bit pointless to search for something which is not there, isn't it?

Dear Kelingen,

Sorry, I missed this post. Yes, I found the public key when did dynamic debug(thanks Storm's help).

It's 2048bit RSA, I have verified the public key with manual caculation by bigcal tool for (m^e)mod(n), the public key is right.

If use openssl RSA, not sure whether have chance to get the private key?

From Storm: it is fully possible to find rsa signatures from memory http://www.trapkit.de/research/sslkeyfinder/keyfinder_v1.0_20060205.pdf , maybe have chance.

Quote:

Originally Posted by Storm Shadow

Im only trying to help the dude.

Dear Storm,

You have helped me a lots, in fact, the breakthrough comes from the article you recommended, thank you so much. :-)

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Find the Algorithm	mcr4ck	General Discussion	3	05-26-2020 18:19
Find the Algorithm	mcr4ck	General Discussion	18	02-06-2020 15:43

The Following User Gave Reputation+1 to bridgeic For This Useful Post:
Storm Shadow (08-07-2014)

The Following User Gave Reputation+1 to Git For This Useful Post:
Storm Shadow (08-08-2014)

The Following 2 Users Gave Reputation+1 to Kerlingen For This Useful Post:
bridgeic (08-15-2014), Storm Shadow (08-09-2014)