Author | Message | Time |
---|---|---|
warz | You might want to rethink that, and save yourself some time. A method I've recently been playing around with, and have found to work quite nicely, doesn't involve converting their code at all. If you're able to load one of their lockdown files into your app's address space, and are able to create function pointers, then you might want to put two and two together. :P Here's a quick example app, and ida database for one of the lockdown files. Download | May 2, 2007, 1:04 AM |
UserLoser | Taken from my lockdown implementation: http://www.userloser.org/stuff/StandardHashingAlgorithm.cpp http://www.userloser.org/stuff/StandardHashingAlgorithm.h | May 2, 2007, 2:44 AM |
Myndfyr | [quote author=betawarz link=topic=16665.msg168617#msg168617 date=1178067890] You might want to rethink that, and save yourself some time. A method I've recently been playing around with, and have found to work quite nicely, doesn't involve converting their code at all. If you're able to load one of their lockdown files into your app's address space, and are able to create function pointers, then you might want to put two and two together. :P Here's a quick example app, and ida database for one of the lockdown files. Download [/quote] Is lockdown's SHA-1 nonstandard? And whose code are you talking about? | May 2, 2007, 4:25 PM |
bethra | [quote author=MyndFyre[vL] link=topic=16665.msg168640#msg168640 date=1178123100] [quote author=betawarz link=topic=16665.msg168617#msg168617 date=1178067890] You might want to rethink that, and save yourself some time. A method I've recently been playing around with, and have found to work quite nicely, doesn't involve converting their code at all. If you're able to load one of their lockdown files into your app's address space, and are able to create function pointers, then you might want to put two and two together. :P Here's a quick example app, and ida database for one of the lockdown files. Download [/quote] Is lockdown's SHA-1 nonstandard? [/quote]That's what I was wondering too. | May 2, 2007, 4:42 PM |
UserLoser | Did anyone even look at the code I posted or take a hint from the filenames? | May 2, 2007, 5:17 PM |
Myndfyr | [quote author=UserLoser link=topic=16665.msg168643#msg168643 date=1178126245] Did anyone even look at the code I posted or take a hint from the filenames? [/quote] Sorry, I don't know SHA-1 well enough to determine whether the implementation is standard just by taking a look at your code. I mean, if I sat down and spent 15-20 minutes comparing it against the RFC I'm sure I could. But if that's your question, no, I haven't. As to the filenames as "hints" why would you bother posting a standard, well-known algorithm? Hence why I asked. :P | May 2, 2007, 5:50 PM |
UserLoser | [quote author=MyndFyre[vL] link=topic=16665.msg168645#msg168645 date=1178128237] [quote author=UserLoser link=topic=16665.msg168643#msg168643 date=1178126245] Did anyone even look at the code I posted or take a hint from the filenames? [/quote] Sorry, I don't know SHA-1 well enough to determine whether the implementation is standard just by taking a look at your code. I mean, if I sat down and spent 15-20 minutes comparing it against the RFC I'm sure I could. But if that's your question, no, I haven't. As to the filenames as "hints" why would you bother posting a standard, well-known algorithm? Hence why I asked. :P [/quote] The question should be, why is warz wasting his time loading a library, searching for the address of a function, and calling it when he could just get the open source free code off the internet (or write his own). I figured posting it would save everyone the time, stress and effort | May 2, 2007, 6:02 PM |
warz | Could have sworn somewhere down the road I was told it wasn't a standard implementation, so I never spent time looking at it. I just figured whoever told me was correct, because it was from a reliable source, which sort of confuses me. After looking at it though, for a few minutes, it does use all the same constant values, and looks to be a regular sha1. | May 2, 2007, 7:29 PM |
UserLoser | [quote author=betawarz link=topic=16665.msg168654#msg168654 date=1178134161] Could have sworn somewhere down the road I was told it wasn't a standard implementation, so I never spent time looking at it. I just figured whoever told me was correct, because it was from a reliable source, which sort of confuses me. After looking at it though, for a few minutes, it does use all the same constant values, and looks to be a regular sha1. [/quote] Who told you this? | May 2, 2007, 8:23 PM |
Myndfyr | OK, so this has nothing to do with actually implementing Lockdown, just SHA-1 for it? | May 2, 2007, 10:25 PM |
Barabajagal | Most of bnet uses a Broken SHA that LShifts instead of RShifts and uses different values. Lockdown uses the original SHA-1. Apparently, it's in the DLLs, and it's being noted you can call it instead of doing it yourself. Not sure why you'd want to... This reminds me... I can't seem to find a good copy of the Broken SHA-1 function in VB6. The one copy I found on here uses some odd functions that aren't explained. | May 2, 2007, 10:41 PM |
Quarantine | Why not find a version in another language and convert that to *shudder* VB? | May 2, 2007, 10:41 PM |
bethra | I was under the impression that Lockdown had a non-standard implementation of SHA-1, like Blizzard's BrokenSHA-1 because IIRC when I looked at warz's incomplete work it consisted of him converting the file hashing functions from ASM to C++. Heh. But anyways, if it's just the standard SHA-1 algorithm I guess I'll take another crack at lockdown after I finish this goddamn week... finals blow. | May 2, 2007, 11:03 PM |
UserLoser | No, it is standard. The only thing wrong with the "broken" SHA1 is they swapped the values for the bitwise rotations to the left, otherwise it's the same thing--a standard SHA1. To MyndFyre: to implement lockdown you need to use SHA1 :o | May 2, 2007, 11:19 PM |
Barabajagal | [quote author=UserLoser link=topic=16665.msg168668#msg168668 date=1178147985] No, it is standard. The only thing wrong with the "broken" SHA1 is they swapped the values for the bitwise rotations to the left, otherwise it's the same thing--a standard SHA1. [/quote] I'm fairly certain they changed at least one of the four values at the beginning, too... [quote author=Warrior link=topic=16665.msg168663#msg168663 date=1178145711] Why not find a version in another language and convert that to *shudder* VB? [/quote] Cause I haven't found a good copy that doesn't use some other functions. Found a Java copy that used some Packet buffer class that I couldn't find, and all the C++ copies I find use some functions I don't know. | May 2, 2007, 11:33 PM |
warz | [quote author=UserLoser link=topic=16665.msg168656#msg168656 date=1178137390]Who told you this?[/quote] Not sure if he'd want me to say, but his reply was the following... [quote]It is non-standard. Standard SHA1 of "The quick brown fox jumps over the lazy dog" is 2f d4 e1 c6 7a 2d 28 fc ed 84 9e e1 bb 76 e7 39 1b 93 eb 12. Lockdown's is a8 68 fb 6c 0d 95 c4 8d 03 7e 9f 08 ce 6e 42 00 fd 43 5f a4.[/quote] | May 2, 2007, 11:59 PM |
Quarantine | @Reality: Then learn how it works. UL posted SHA1, port it then break it. | May 3, 2007, 12:10 AM |
UserLoser | [quote author=betawarz link=topic=16665.msg168672#msg168672 date=1178150356] [quote author=UserLoser link=topic=16665.msg168656#msg168656 date=1178137390]Who told you this?[/quote] Not sure if he'd want me to say, but his reply was the following... [quote]It is non-standard. Standard SHA1 of "The quick brown fox jumps over the lazy dog" is 2f d4 e1 c6 7a 2d 28 fc ed 84 9e e1 bb 76 e7 39 1b 93 eb 12. Lockdown's is a8 68 fb 6c 0d 95 c4 8d 03 7e 9f 08 ce 6e 42 00 fd 43 5f a4.[/quote] [/quote] I'm gonna guess iago, and how did he come up with lockdown's version there? | May 3, 2007, 12:21 AM |
warz | No, it wasn't iago. Not sure how he's producing those, but I too am producing results that differ from a standard sha1 implementation, using the method i described above. | May 3, 2007, 12:45 AM |
Barabajagal | [quote author=Warrior link=topic=16665.msg168673#msg168673 date=1178151056] @Reality: Then learn how it works. UL posted SHA1, port it then break it. [/quote] The links don't work for me... | May 3, 2007, 1:27 AM |
iago | It's not standard SHA1. | May 3, 2007, 3:51 PM |
bethra | [quote author=iago link=topic=16665.msg168687#msg168687 date=1178207509] It's not standard SHA1. [/quote]... Who to believe >_<; | May 3, 2007, 5:51 PM |
warz | [quote author=Sorc.Polgara link=topic=16665.msg168694#msg168694 date=1178214704] [quote author=iago link=topic=16665.msg168687#msg168687 date=1178207509] It's not standard SHA1. [/quote]... Who to believe >_<; [/quote] It isn't standard. Userloser said he was wrong on bnet yesterday, and that there's a few changes in the SHA1Final routine, apparently. | May 3, 2007, 6:14 PM |
Barabajagal | Still can't nav to UL's links in the second post :( . | May 3, 2007, 6:55 PM |
warz | Anyways, I updated the program linked in the first post (source included). You can modify the code to pass whatever you like through the appropriate hasher. You can see the example "The quick brown fox jumps over the lazy dog" result. | May 3, 2007, 7:47 PM |
rob | The only difference I have found with the lockdown implementation of SHA1 is in the SHA1Final procedure. I have just completed reversing this function. http://www.onlythechosen.com/sha1_ld.zip Enjoy. | May 7, 2007, 9:12 AM |
HdxBmx27 | Just one question, has anyone confermed that the 64-byte buffer in Final stays constant throughout the eintire process? ~Hdx | May 7, 2007, 5:11 PM |
warz | [quote author=Hdx link=topic=16665.msg168792#msg168792 date=1178557916] Just one question, has anyone confermed that the 64-byte buffer in Final stays constant throughout the eintire process? ~Hdx [/quote] im pretty sure it is. look at the above code, and see what rob has done. | May 7, 2007, 6:00 PM |
HeRo | [quote author=rob link=topic=16665.msg168789#msg168789 date=1178529122] The only difference I have found with the lockdown implementation of SHA1 is in the SHA1Final procedure. I have just completed reversing this function. http://www.onlythechosen.com/sha1_ld.zip Enjoy. [/quote] Thank you sir. | May 8, 2007, 7:34 AM |