1. Home
  2. Categories
  3. Coding Help
  4. Break it

Break it

  • dhromed

    There's some encryption mechanism X used by my macro tool, but since the cipher's readily undoable to produce the original string, it can't be that difficult. It's certainly no hash. The docs are silent on the method used, but maybe a little crowdsourcing will help to break it.

    Some input strings and the resultant output:

    lol zort            0732CD5635C756BA5C
    smurfigheden    9F52D325D453DD37EC131BEC18
    h                    F018
    hhh                C870B471
    hurk                A751AA719F

     

    Output digits are always in the range [0-F], and each input character is encoded as two digits, plus an additional two.

    Anyone up for a little crackin'? Hell, for all I know it's ROT-X, with X being the first hex digits, or the value of the previous two hex digits, or whatever. I'm going to hack away at this later.

    0
  • PJH
    Discourse touched me in a no-no place

    Does the same plaintext always produce the same output?

    0
  • dhromed

    Ah, good question.

    (...)

    nope, it does not.

    I suppose the extra two digits are a random seed for something.

    here's "hurk" a few more times:

    96BF59A750

    BD67B04FF9

    658C6E8CB4

    C66E8F6E9A

    0
  • PJH
    Discourse touched me in a no-no place

    How many variations are there for a single character, e.g. 'a'. Ditto for 'b'.

    0
  • dhromed

    Here's a ton of consecutive encodings for "a". It's a lot of clickwork. :) Couple of repeats. Given a single input, it seems that the same digits always follow another set.

    D275
    C265
    57F9
    A447
    2CCC
    D374
    50F0
    B95A
    0325
    8DAF
    F417
    2CCC
    0828
    F013
    F718
    97B9
    56F6
    8DAF
    7292
    092B
    B95A
    B152
    7494
    EC0F
    CF70
    193B
    7292
    7A9A
    46E6
    DE01
    BC5F
    DB7C
    EB0C
    6888
    23C5
    AA4D
    1838
    6B8D
    F619
    1E3E
    E90A
    94B4
    EE11
    50F0
    2CCC
    8DAF
    40E0
    5BFD
    2FD1
    D275
    4CEC
    698B
    1232
    FE21
    7696
    E102
    AA4D
    48E8
    CA6D
    47E9
    6D8F
    7696
    B152
    B85B
    C768
    7799
    0B2D
    FD1E
    4EEE
    1739

    0
  • S

    Can we find / download the tool you are using?

    0
  • dhromed

    Sure. I thought it'd be sliiiightly more fun it that would remain a surprise, but here. Make a new macro, and encrypt the output.

    0
  • S

    @dhromed said:

    Sure. I thought it'd be sliiiightly more fun it that would remain a surprise, but here. Make a new macro, and encrypt the output.

    you are right but today I'm in mood to try my super reversing skills. Also, having the source might help. Thanks!

    0
  • too_many_usernames

    It helps if you sort the data - some patterns are immediately visible by looking at sequential leading bytes.  It's not a straight add or XOR, but there is some obvious behavior:

     

    0325	6888	C265
0828	698B	C768
092B	6B8D	CA6D
0B2D	6D8F	CF70
1232	7292	D275
1739	7292	D275
1838	7494	D374
193B	7696	DB7C
1E3E	7696	DE01
23C5	7799	E102
2CCC	7A9A	E90A
2CCC	8DAF	EB0C
2CCC	8DAF	EC0F
2FD1	8DAF	EE11
40E0	94B4	F013
46E6	97B9	F417
47E9	A447	F619
48E8	AA4D	F718
4CEC	AA4D	FD1E
4EEE	B152	FE21
50F0	B152	
50F0	B85B	
56F6	B95A	
57F9	B95A	
5BFD	BC5F

    We know that 'a' is 0x61, so we have things like:

    n8 <op> 61 = m8
    n9 <op> 61 = mB</op></op>

    Ah, I just noticed: if the first byte is xy where y is even, the new value always ends in that same y; if y is odd, the next byte ends with y+2.

    The high nybble is more tricky. We have things like:
    0 -> 2, 1->3, 2->C, 2->D, 4->E, 5->F, 6->8. So if this is straight math there are carries involved.

    Anyway, this is interesting, but that's about all the time I have for now...

    0
  • Scarlet_Manuka

    @too_many_usernames said:

    Ah, I just noticed: if the first byte is xy where y is even, the new value
    always ends in that same y; if y is odd, the next byte ends with y+2.


    You only looked at the first half or so of the dataset, didn't you? The pattern is different when x is in A-F.

    0
  • F

    @Scarlet Manuka said:

    @too_many_usernames said:

    Ah, I just noticed: if the first byte is xy where y is even, the new value always ends in that same y; if y is odd, the next byte ends with y+2.

    You only looked at the first half or so of the dataset, didn't you? The pattern is different when x is in A-F.
     

    I remember having seen software for boolean expression simplification somewhere ...just give all known values of input and (single) output bits, and let it derive the boolean expressions for that. Perhaps there's some simple pattern, like right shifts and so on.

     

    0
  • fatbull

    @dhromed said:

    I thought it'd be sliiiightly more fun it that would remain a surprise, but here.

    http://allchars.svn.sourceforge.net/viewvc/allchars/trunk/src/Encryp.pas?view=markup#l99
    http://allchars.svn.sourceforge.net/viewvc/allchars/trunk/src/MacrosF.pas?view=markup#l449
    0
Log in to reply