hello i heard of reverse engineering an encryption so for example u have hash how to do the encryption prosses backwards to crack the password, i have three questions:
1) is it illegal, i heard there something about copyright?
2) second were can i learn about reverse engineering google doesn't say much but i'm still searching?
3) third are there any tools on backtrack that do this?? (didn't see anything on the forums)
in regards to legality, i believe if you are reversing anything with an expressed educational intention than you should be alright, but just to be on the safe side, try reversing open sourced applications so as not to land yourself in a sticky situation.
in terms of tools and tutorials, while the backtrack forums are usually my goto, in this case i'm going to recommend a site called tuts4you, they have a number of tutorials in all aspects of reversing, also some of the old RECON videos in their archives and there are a number of reversing + assembly/programming primers on securitytube, that should be enough to get you started, don't forget to goto the library and check out as many books as they will let you on any of the related subjects. also in terms of encryption, reading through patent applications and the NIST papers wouldn't hurt either. rest assured that you have your work cut out for you.
backtrack specifically has multiple tools ie. "ida" "evans" and "gdb" to help you with your pursuits. just check your backtrack menu.
open source = open minds, human knowledge belongs to the world
The term "reverse engineering" is not usually used in the context of breaking encryption - cryptanalysis is the correct term. You may however, be able to reverse engineer a product that implements encryption, but then you are usually not focused on weaknesses in the cryptography but weaknesses in the way its implemented. Most decent cryptographic algorithms (AES, RSA, etc) are considered to be strong enough that an experienced cryptanalyst would be required, and a lot of them have already been banging away at the major ones ever since they have been made public. I wouldnt expect to make progress there unless you are skilled in that area.
If a hashing algorithm used to create a password hash is even barely competently designed, you wont be able to recover the plaintext from the ciphertext, because hashing algorithms are designed to be irreversible. Arbitrary length input produces fixed length output, which should tell you that the hash does not contain the required information to reconstitute the original input. The only way to "break" a hashing algorithm is via brute force - take a possible input fro a list, run it through the hash algorithm, compare it to the target hash value. If it does not match, repeat with the next value on the list.
1) The copyright thing you have heard is probably related to the Digital Millennium Copyright Act (DCMA), which applies in certain jurisdictions to reverse engineering certain products, of which software is one. IANAL, so Im not going to comment any further on what exactly this says regarding legality of reverse engineering.
2) This is a good resource. Other than that... Google.
3) There are reverse engineering tools in BackTrack, yes. There is a "Reverse Engineering" submenu item in the BackTrack menu... as for tools for cracking password hashes, theres a few of those as well. My favorite is John the Ripper.
Before attempting cryptanalysis, you should have a good hold on math. Especially a good grasp on set theory. I'm not a professional cryptanalysis, but in my mild voyage in the cryptology field, most of my personal experience had me doing a lot of theory and such.
As for reverse engineering, I am currently reading "Reverse Engineering Code with IDA Pro and it's fantastic so far. As for learning assembly, I have been watching the videos on SecurityTube and other NASM tutorials on YouTube concurrently with the book. I like having many explanations. Be advised, the videos on SecurityTube use AT&T syntax which is not that bad to understand, but it gets confusing if you're new.
I guess your success will really depend on the targets you're setting yourself: if you'll forgive my saying so, it's clear you don't have a background in cryptology or in reverse engineering, so it's unlikely that you will have much success in finding a way to break an enciphered message without "taking lots of time and running it through tables". Those techniques are used simply because the design of the particular cryptosystem leaves the cryptanalyst with no other option. There are all kinds of brilliant minds with decades of knowledge and experience in the industry looking for alternatives every day, so I'm sorry to say that I don't believe that you will have any luck without first getting a PHd in Cryptanalysis.
On the other hand, I've seen plenty of cases where a (bad) software developer has "implemented his own encryption" to protect sensitive company information instead of doing what a good developer would do, which is to link in a crypto API like OpenSSL and use an industry recognized crypto algorithm such as AES or SHA or whatever.
This kind of thinking was particularly prevalent a decade or so back when there were laws restricting the export of encryption software, and you still encounter it from time to time in legacy applications.
In some of the "bad developer" and "legacy" cases, I've managed to crack the encryption in a few hours - usually because their "encryption" ends up boiling down to a simple substitution cipher and some XORs. If these are the targets you're setting yourself, then there's a good chance you'll have some success once you've spent the time learning the fundamentals of cryptanalysis.
The important question to ask yourself in this scenario is if you're supposed to be doing what you're trying to do.
Unless you have management approval before you get started, you might find that your employer doesn't react warmly to learning that you're trying to crack the security of company data.
Last edited by whitelisted; 03-30-2010 at 01:14 AM.
Tuts 4 You
if you look around you can find a haxked up ollly called DeFixed Edition has lot of plugins you can mess with
' DeFixed Edition 2.0 (c) by TEAM FOFF '
Fight Only For Freedom _.-Reversing Team-._
OllyDBG 1.10 FOFF's Edition v.2
wow good luck with that, I have no patience for that type of thing, its all consumed by my learning python.. Other than that, I'll stick to eating bananas...