LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 11-21-2005, 02:26 PM   #1
Y0jiMb0
Member
 
Registered: Jul 2003
Location: Valencia (Spain)
Distribution: slackware 11, FEDORA CORE 4, RHEL3, Gentoo...
Posts: 361

Rep: Reputation: 30
strategy for decrypting


Hi!
Short story
I need some help in a personal programming project. Specifically, I have to decrypt a set of files (about 300) which are "encrypted". They are between 8k and 5M in size. All of them are in the same format.
I have done some basic research browsing the proc file system, modifying the data files, etc,but I'm not able to think in a clever way to attack this format. It is writen in a kind of database format and it is compressed as well.
I have access to clear text files, so I thought to take one of the shortest files and do a frequency attack (looking for patterns repeated the same times in both encrypted and clear texts), or any other kind of brute force procedure, but after doing some estimations, I don't think that the computers I have access to are going to live enough to finish the work (at least if I do it naively)

Anyone has experience with that type of tasks?
Anyone has a constructive advise? (I know this a very difficult work, so, please, abstain of saying that "you're not going to get it" unless you have a decisive argument).

More info...
  • The files are from a kind of library I use regularly. This library comes in a cd which works under Windows . I was able to get it working using wine, but it doesn't work properly (crashes, uncontrolled "wine-preloader" processes, etc). Moreover one needs a dll which is not avaliable unless you have windoze (legally speaking).
  • I asked to the developers. There is no linux version. I asked them about the format: they didn't help me. I asked if I could write a program able to read the files natively in linux: they said I was allowed to write such program, as far as I keep it for me personal use (I hope this excuses this thread from being banned).
  • I remark that wine is not a choice: I'd like to avoid using wine or any other kind of emulator. Specially because I'm doing it for fun, and as a way to learn linux programming.
  • I have searched in google: I didn't find anything directly related.
  • The "file" utility doesn't recognizes a known format. It doesn't seem to be a generic format.

I repeat, any constructive idea is welcome...

Regards

Last edited by Y0jiMb0; 11-21-2005 at 02:27 PM.
 
Old 11-21-2005, 02:55 PM   #2
jim mcnamara
Member
 
Registered: May 2002
Posts: 964

Rep: Reputation: 34
If a dll exists in Windows, then write code on Windows using the dll to put the file in cleartext. Copy the cleartext over to Linux.
 
Old 11-21-2005, 02:59 PM   #3
jim mcnamara
Member
 
Registered: May 2002
Posts: 964

Rep: Reputation: 34
As an aside, if the files are of some defined type - ie.,
Windows uses associations against file-types - the extention.

Assume the files are all *.pdq -

go to www.wotsit.org and see if the pdq file format is fully explained there. If this is a commonly used format then it will be. Even if it is proprietary.

You can then see how to "decrypt" or more correctly convert the files.
 
Old 11-21-2005, 03:16 PM   #4
Y0jiMb0
Member
 
Registered: Jul 2003
Location: Valencia (Spain)
Distribution: slackware 11, FEDORA CORE 4, RHEL3, Gentoo...
Posts: 361

Original Poster
Rep: Reputation: 30
Thanks for the quick reply!
Quote:
If a dll exists in Windows, then write code on Windows using the dll to put the file in cleartext. Copy the cleartext over to Linux.
See above...
Quote:
I have access to clear text files, so I thought to...
Quote:
go to www.wotsit.org and see if the pdq file format is fully explained there. If this is a commonly used format then it will be. Even if it is proprietary.
It is a nice site, indeed.
But I haven't found it (.pub files). It seems to be that they invented some sort of format and they didn't published it (I deduce that from my talk with the developers)

Best regards, and thanks again for the comments.
 
Old 11-21-2005, 05:45 PM   #5
xhi
Senior Member
 
Registered: Mar 2005
Location: USA::Pennsylvania
Distribution: Slackware
Posts: 1,065

Rep: Reputation: 45
sounds like you not only have the plain text, and the cipher, but *also* access to the encryption mechanism. that is a very good start. The next thing to do would be to research and see if they use a real encryption algo, and what type of compression if any. What program is this? Two posts and not a mention of what program, are you a spy or somthing. Rogue agent? This is usually where they come for help with *nix and GNU related questions.

Anyhow, that sounds like it should be quite possible to reverse. Get a disassembler and take the dll apart, see what you see.. It should be possible (but not simple) depending on the encryption.
 
Old 11-21-2005, 06:22 PM   #6
primo
Member
 
Registered: Jun 2005
Posts: 542

Rep: Reputation: 34
Isn't this .pub file a public key? If so, it may be pseudo-random and "decrypting" it may be a waste of time.
 
Old 11-21-2005, 07:03 PM   #7
xhi
Senior Member
 
Registered: Mar 2005
Location: USA::Pennsylvania
Distribution: Slackware
Posts: 1,065

Rep: Reputation: 45
Yeh thats what I thought, but the way it was described it sounds like some other format with same extension.

If it is a key.. you are right and it is a waste of time.

but if this is true..
>> It seems to be that they invented some sort of format and they didn't published it

then it is more than likely able to be busted...
 
Old 11-22-2005, 03:54 AM   #8
Y0jiMb0
Member
 
Registered: Jul 2003
Location: Valencia (Spain)
Distribution: slackware 11, FEDORA CORE 4, RHEL3, Gentoo...
Posts: 361

Original Poster
Rep: Reputation: 30
Hi!
Quote:
What program is this? Two posts and not a mention of what program
That is because I don't intend to mention it.
I know, it sounds strange, but after talking with the developers, I have valid reasons for doing it. Moreover, it is a very specialized program unknown for most of the people: even if I mentioned, you would not know it.
Anyway, this is not the point. I don't intend to get free workers (or something similar): it is my personal project, and I'm decided to do the dirty work. Maybe I wasn't clear in the first post but what I'm lust asking for some advice about generic techniques for this task.
Why do you need to know the name of the program? Would that change the facts? I mean, I cannot prove that I have permission from developers to do what I'm doing. If I'd say the name of the program, would this somehow change?
Quote:
are you a spy or somthing. Rogue agent?
I cannot believe you are serious...


About this infamous dll: it is a common windoze dll; I just mentioned to stress that although I can (hardly, but I can) make the program run under wine, I'm not strictly windoze free because I still nedd using this dll which is not freely avaliable (I already searched in M$ site).
So, I mean that this dll is not the corner stone of the program. In fact, I think it is just necessary for installation process.

About the .pub format: it is not public key, that is for sure.

Thanks for the interest and the help.
Any other suggestion?

Regards.

Last edited by Y0jiMb0; 11-22-2005 at 03:55 AM.
 
Old 11-22-2005, 09:40 AM   #9
xhi
Senior Member
 
Registered: Mar 2005
Location: USA::Pennsylvania
Distribution: Slackware
Posts: 1,065

Rep: Reputation: 45
Quote:
That is because I don't intend to mention it.
if you are just looking for general decryption techniques the first thing to be done is research the specifics. without the ability to do any research you cut down on the possibility of constructive advice.

Quote:
I know, it sounds strange
only in the context of looking for specific help for a specific problem on a specific program
Quote:
I cannot believe you are serious...
ok?.?..

Quote:
So, I mean that this dll is not the corner stone of the program. In fact, I think it is just necessary for installation process.
usually there are no dlls that are unique to an installation process. does it not use one of the 3 or so common windows installers?

Quote:
I remark that wine is not a choice: I'd like to avoid using wine or any other kind of emulator.
you are still at the point where you are going to have to reverse it to write it... starting point of reversing is researching..

Anyhow.. there are quite a few posts here in this thread and I now have no idea exactly what type of *help* you are looking for, maybe somthing along the lines of

you need to figure out what it does and then write it for linux

Asking for help and then saying oh I cant tell you that, or no thats a secret, or sorry thats illegal to divulge that informaiton, will not get you a whole lot of constructive advice anywhere.. oh and by the way you did ask for help
Quote:
I need some help in a personal programming project.
 
Old 11-23-2005, 07:14 AM   #10
Y0jiMb0
Member
 
Registered: Jul 2003
Location: Valencia (Spain)
Distribution: slackware 11, FEDORA CORE 4, RHEL3, Gentoo...
Posts: 361

Original Poster
Rep: Reputation: 30
I owe you an apologize, xhi. You were just trying to help me kindly, and my answer was very rude. I'm sorry.

In case you are still interested in knowing why this secret, I'm going to explain it (I didn't do it before to avoid make people read a long story, but I think my explanation was a bit "mystic")
I have a friend who knows one of the developers of the program, so I could have a talk with him. He told me what I know about the program and he explained me that they don't allow, in general, this type of activity. However, after talking to his boss, they allowed me to do it as an exception. They asked me to keep the project for personal usage, and moreover I have to avoid to "talk about it", ie, keep it secret. And I'm decided to respect their requirements.
It could be a difficult work, I know, however I like programming, and I have never worked in a project like this one, so I thought it could be a nice exercise.

So, what I'm asking here is exactly the title of the thread: what is the best starting point in order to begin the attack to this closed format.
Maybe some of you have done a simmilar work before and can offer nice tricks or advices. That's all.

Thank's in advance.

Regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
GnuPG file decrypting rblampain Linux - Security 4 08-11-2005 12:12 AM
decrypting a vim file djgerbavore Linux - Newbie 1 06-07-2005 01:38 PM
WEP encryption not decrypting linuxhippy Slackware 5 04-16-2005 01:48 PM
dvd decrypting in linux holomatrix Linux - Software 6 12-20-2004 07:33 PM
HELP...Problems decrypting DVDs czechknight93 Linux - Software 6 04-09-2004 10:07 AM


All times are GMT -5. The time now is 12:04 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration