The error was reported and corrected weeks later. But the solution not convinced me at all and was only encrypt the variable that was causing problems. That does not solve the cause of the error itself but its operation more difficult.
Since then the challenge was proposed cryptographic SCU. If we could Find out how to put the code of the students could continue to access information from any of them. Recently we started this and we succeeded.
superficially In this post I will explain the analysis that led us to solve the encryption SCU.
Well as you know the codes of the students consist of 8 digits can be grouped as follows: The first 2 represent the year of entry, the following 3 are the source of the power to which it belongs and the last 3 used as sequential serial number.
Furthermore encrypted codes are 16 digits, eg "A55E33BE219A8420" corresponding to "08200090" . Furthermore, in the characters used, see numbers and letters as "A" , "B" and "E" . Which suggests a hexadecimal representation. So we can make a correspondence between each digit of the code with a couple of digits of the encrypted code. But this correspondence varies with position, ie we are talking about some sort of multiple substitution cipher.
Another interesting observation is that if encryption code grouped in pairs, the first digit of each pair never varies. Example:
08200090 -> A 5 E 5 3 3 B E 2 1 8 9 A 4 2 1
07202013 - > A 5 1 5 3 3 B E 2 3 8 9 A C 2 2
06114132 -> A 5 5 3 0 0 B 2 F 5 B 8 9 E 2 3
Moreover, it appears, each pair is independent of the other and must have its own board replacement. I say that if you look, the first digit "0" sample code is always represented by "A5" or also the third digit "2" of the first two codes is always represented by "33" .
Well, knowing this and the last three pairs should be under the corresponding order number given to me to try replacing the last digit with values \u200b\u200bfrom 0 to F. I got the following substitution table: DIGIT CODED
0 21
January 1920 February 1923 March 1922
April 1925 May 1924 June 1927
July 1926 August 1929 September 1928
is incredibly simple. They just did an exchange of positions two to two
xD Then I tried with the penultimate digit in the same way and got the replacement table: DIGIT CODED
0 8C 8D
1 2 3 8E 8F
April 1989 May 1988
6 7 8A 8B
August 1985 September 1984
Here also observed a pattern of exchange but a little trickier. This is obtained as:
0 1 -> 1 5 -> 5 D
1 0 -> 0 4 -> 4 C
2 3 -> 3 7 ; -> 7 F
3 2 -> 2 6 -> 6 ; E
4 5 -> 5 1 -> 1 9
5 4 -> 4 0 -> 0 8
6 7 -> 7 3 -> 3 B
6 7 -> 6 2 -> 2 A
8 9 -> 9 D -> D ; 5
8 9 -> 8 C -> C 4
A B -> B E -> E 7
B A -> A F -> F 6
C D -> D 9 -> 9 1
C D -> C 8 -> 8 0
E F -> F B -> B 3
F E -> E A -> A 2
Here are 3 exchanges. First is exchanged every two to two digits. Then groups of four, swapping two and two groups. Finally, group of eight digits and is exchanged.
Well, I think until now we have a pretty good idea of \u200b\u200bwhat is being done. For each digit of the code there is a different number of grouping exchanges in different ways and that's it.
There must also say that encrypt exchanges by two to two and grouping by powers of 2 leads to reflection on encryption, that is, if a digit "X" is coded as "Y" , then "Y" is coded as "X" . This property was very useful to collect more data.
The procedure, then, for each digit was to get some maps, then apply reflection to duplicate the information and finally infer the exchanges and groupings should be made for that digit.
Finally I will leave a script that I programmed in Java that calculates the encryption of code that is passed as parameter. Public class
SCUCrypt {private static final String [] [] = {
crack_table {"A5", "A4", "A7", "A6", "A1", "A0", "A3" "A2", "AD", "AC"}, {
"56", "57", "54", "55", "52", "53", "50", "51", "5E" , "5F"}, {
"31", "30", "33", "32", "35", "34", "37", "36", "39", "38"},
{"BE", "BF", "BC", "BD", "BA", "BB", "B8", "B9", "B6" "B7"}, {
"21", "20 "," 23 " "22", "25", "24", "27", "26", "29", "28"},
{"9A", "9B", "98", "99", "9E", "9F", "9C", "9D", "92", "93"},
{"8D", "8C", "8F", "8E", "89", "88", "8B", "8A", "85", "84"},
{"21", "20", "23", "22", "25", "24", "27", "26", "29", "28"}
};
public static String hashcode(String code) throws IllegalArgumentException {
if (code.length() > 8) {
throw new IllegalArgumentException();
} else {
String hashcode = "";
for (int i = 0; i < code.length(); i++) {
try {
int index = Integer.parseInt(code.substring(i, i + 1));
hashcode += crack_table[i][index];
} catch (Exception e) {
throw new IllegalArgumentException();
}
}
return hashcode;
}
}
public static void main(String[] args) {
if (args.length < 1) {
System.out.println("SCUCrypt 1.0 ( http://alguienenlafisi.blogspot.com ) ");
System.out.println (" Author: One ");
System.out.println (" Usage: java SCUCrypt {code1 [code2 [code3 ...]]}");
System. out.println ("Example: java SCUCrypt 03200254);
System.out.println (" Enjoy! }:]");
} else {for (String code: args) {try {
String hashcode = hashcode (code);
("[+] System.out.println "+ code +" -> "+ hashcode);
} catch (Exception e) {System.out.println ("[-]
ERROR. "+ Code +" is not a valid code. ");
}} System.out.println
("[+] Done.");
}}}
A greeting.
Update: I leave
capture showing how to compile and use the script.
 |
| Fig. 1 - Using SCUCrypt. |
0 comments:
Post a Comment