Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

keygen for the ESET challenge at BlackHat

By: a guest on Jul 27th, 2012  |  syntax: Python  |  size: 13.93 KB  |  hits: 1,029  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. import sys
  2. from random import SystemRandom
  3. from base64 import b64encode
  4. try :
  5.   from whirlpool import Whirlpool
  6. except :
  7.   print "To work this keygen need the Whirpool implementation located here : http://www.bjrn.se/code/whirlpoolpy.txt"
  8.   sys.exit(0)
  9.  
  10. sec_rnd = SystemRandom()
  11. SOLUTION = None
  12.  
  13. print "name :"
  14. name = sys.stdin.readline().rstrip("\r\n")
  15. hash_name = [ord(c) for c in Whirlpool(name+"ESETNOD32@ESETNOD32@ESETNOD32@ESETNOD32@ESETNOD32@ESETNOD32@ESETNOD32@ESETNOD32@"[len(name):]).digest()]
  16.  
  17.  
  18. def print_cipher(k) :
  19.     r = ""
  20.     for i in xrange(len(k)) :
  21.       if i % 8 == 0 :
  22.         r += "\n"
  23.       v = k[i]
  24.       if v is None :
  25.         v = "00"
  26.       else :
  27.         v = "%02X"%v
  28.       r += v + " "
  29.     print r
  30.  
  31.  
  32. def step1(k, i, j, to_set, to_keep) :
  33.   global SOLUTION
  34.   global FINAL_TABLE
  35.   if i > 63 :
  36.     if not to_set :
  37.       for i, v in FINAL_TABLE :
  38.         assert(k[i] == v)
  39.       SOLUTION = k
  40.       return True
  41.     return False
  42.   if to_set :
  43.     to_set_cpy = list(to_set)
  44.     sec_rnd.shuffle(to_set_cpy)
  45.     for choice, (idx, v) in enumerate(to_set_cpy) :
  46.       # try to set the index idx to the value v
  47.       if k[i] == v :
  48.         if step2a(idx, k, i, j, to_set_cpy[:choice] + to_set_cpy[choice+1:] , to_keep) :
  49.           return True
  50.       elif k[i] is None :
  51.         k[i] = v
  52.         if step2a(idx, k, i, j, to_set_cpy[:choice] + to_set_cpy[choice+1:] , to_keep) :
  53.           return True
  54.         k[i] = None
  55.  
  56.   if step2b(k, i, j, to_set, to_keep) :
  57.     return True
  58.   return False
  59.  
  60.  
  61. def step2a(idx, k, i, j, to_set, to_keep) :
  62.   """try to find a cool value for k[c]"""
  63.   c = k[i] % 80
  64.   kc = k[c]
  65.   if kc is None :
  66.     if (idx - j)%80 in to_keep :
  67.       return False
  68.     kc = (idx - j)%80
  69.     while kc < 0x100 :
  70.       k[c] = kc
  71.       if step3a(k, i, idx, to_set, to_keep) :
  72.         return True
  73.       kc += 80
  74.     k[c] = None
  75.   elif (kc + j)%80 == idx :
  76.     return step3a(k, i, idx, to_set, to_keep)
  77.   else :
  78.     return False
  79.  
  80. def step3a(k, i, j, to_set, to_keep) :
  81.   """exchange the values and step into :)"""
  82.   assert(j not in to_keep)
  83.   k[i], k[j] = k[j], k[i]
  84.   to_keep.add(j)
  85.   if step1(k, i+1, j, to_set, to_keep) :
  86.     SOLUTION[i], SOLUTION[j] = SOLUTION[j], SOLUTION[i]
  87.     return True
  88.   to_keep.remove(j)
  89.   k[i], k[j] = k[j], k[i]
  90.  
  91. def step2b(k, i, j, to_set, to_keep) :
  92.   """try to not break everything"""
  93.   c = k[i]
  94.   if c is None :
  95.     vals = [c for c in xrange(0x100) if k[c%80] is not None and (k[c%80] + j)%80 not in to_keep]
  96.     sec_rnd.shuffle(vals)
  97.     for c in vals :
  98.       k[i] = c
  99.       if step3b(k, i, (k[c%80] + j)%80, to_set, to_keep) :
  100.         return True
  101.  
  102.     vals = [c for c in xrange(0x100) if k[c%80] is None]
  103.     sec_rnd.shuffle(vals)
  104.     for c in vals :
  105.       k[i] = c
  106.       c = c % 80
  107.       vals2 = [kc for kc in xrange(0x100) if (kc + j)%80 not in to_keep]
  108.       sec_rnd.shuffle(vals2)
  109.       for kc in vals2 :
  110.         k[c] = kc
  111.         if step3b(k, i, (kc + j)%80, to_set, to_keep) :
  112.           return True
  113.       k[c] = None
  114.     k[i] = None
  115.   else :
  116.     c %= 80
  117.     kc = k[c]
  118.     if kc is None :
  119.       vals = [kc for kc in xrange(0x100) if (kc + j)%80 not in to_keep]
  120.       sec_rnd.shuffle(vals)
  121.       for kc in vals :
  122.         k[c] = kc
  123.         if step3b(k, i, (kc + j)%80, to_set, to_keep) :
  124.           return True
  125.       k[c] = None
  126.     elif (kc + j)%80 not in to_keep :
  127.       return step3b(k, i, (kc + j)%80, to_set, to_keep)
  128.   return False
  129.  
  130.  
  131.  
  132. def step3b(k, i, j, to_set, to_keep) :
  133.   """exchange the values and step into :)"""
  134.   assert(j not in to_keep)
  135.   k[i], k[j] = k[j], k[i]
  136.   if step1(k, i+1, j, to_set, to_keep) :
  137.     SOLUTION[i], SOLUTION[j] = SOLUTION[j], SOLUTION[i]
  138.     return True
  139.   k[i], k[j] = k[j], k[i]
  140.  
  141. def cipher(k) :
  142.   j = 0
  143.   for i in xrange(64) :
  144.     c = k[i]%80
  145.     j = (k[c%80] + j)%80
  146.     k[j], k[i] = k[i], k[j]
  147.  
  148. # the egg part is not necessary, it's just for the fun :)
  149. # you can replace egg by whatever you want, it makes the generation a little more complicated but serials are much more 1337 with it :)
  150. egg = "ElV++ESET++=".decode("base64")
  151. padd = 64 - len(egg)
  152. egg = [hash_name[padd+i]^hash_name[::-1][padd+i]^ord(c) for i,c in enumerate(egg)]
  153.  
  154. k = [None]*padd+egg+[0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x17, 0x40, 0x00]
  155.  
  156. to_set = [(0x44, 0xA), (0x45, 0xB), (0x46, 0xC), (0x47, 0xD), (0x4C, 0x20)]
  157. to_keep = set((0x4D, 0x4E, 0x4F))
  158.  
  159. FINAL_TABLE = list(to_set) + [(i, v) for i, v in enumerate(k) if i in to_keep]
  160.  
  161. step1(k, 0, 0, to_set, to_keep)
  162.  
  163. for i in xrange(len(SOLUTION)) :
  164.   if SOLUTION[i] is None :
  165.     SOLUTION[i] = sec_rnd.randint(0, 0xFF)
  166.  
  167. print "serial 1 :"
  168. serial = ("".join(chr(i) for i in hash_name[::-1])+"".join(chr(hash_name[i]^hash_name[-i-1]^SOLUTION[i]) for i in xrange(0x40))).encode("base64").replace("\n","")
  169. # python encode the last "+" by a "8", this is a valid encoding bu I want a "+" :)
  170. serial = serial[:-2]+"+="
  171. print serial
  172.  
  173. tt = [[4, 145, 249, 72, 19, 195, 74, 137],
  174.  [524288, 3203225, 14904450, 3526571, 9746473, 6430193, 4276089, 13797784],
  175.  [8, 181, 87, 176, 177, 128, 71, 131],
  176.  [8589934592L,
  177.   780959357171L,
  178.   605514211834L,
  179.   123550849396L,
  180.   155902764614L,
  181.   1038685452221L,
  182.   23217367279L,
  183.   488964238443L],
  184.  [268435456,
  185.   246044729,
  186.   141151211,
  187.   120418067,
  188.   1758819,
  189.   16697095,
  190.   38317992,
  191.   109169490],
  192.  [16, 165, 6, 36, 41, 77, 13, 140],
  193.  [2251799813685248L,
  194.   67747346038874905L,
  195.   23886268180062167L,
  196.   9396231990985375L,
  197.   68532137142766495L,
  198.   63807872584427389L,
  199.   23800194927740896L,
  200.   41484601310842533L],
  201.  [128, 78, 44, 117, 108, 19, 103, 75],
  202.  [256, 93, 224, 95, 5, 236, 103, 111],
  203.  [576460752303423488L,
  204.   84367985493756472L,
  205.   129710776082790095L,
  206.   526929696111760255L,
  207.   149858967171036412L,
  208.   137795571638148946L,
  209.   183795820538198073L,
  210.   388559634300015691L],
  211.  [512, 95, 28, 21, 92, 442, 471, 36],
  212.  [1024, 19, 838, 338, 506, 53, 208, 491],
  213.  [2048, 571, 298, 1744, 384, 1448, 358, 296],
  214.  [549755813888L,
  215.   197536123789L,
  216.   3660215150L,
  217.   317461358145L,
  218.   226895256729L,
  219.   30863752665L,
  220.   84214515345L,
  221.   220738719662L],
  222.  [4096, 3888, 3277, 1575, 3108, 846, 2372, 114],
  223.  [281474976710656L,
  224.   47975026020855872L,
  225.   70044969941024685L,
  226.   63199015621139749L,
  227.   30487442515881545L,
  228.   10873604701451671L,
  229.   33899679975530539L,
  230.   43988635179843952L],
  231.  [8192, 484, 4017, 7395, 7961, 6435, 1461, 7807],
  232.  [16384, 5062, 12605, 8416, 6070, 996, 787, 16341],
  233.  [32768, 3165, 5291, 20255, 20089, 12462, 5128, 15903],
  234.  [9007199254740992L,
  235.   26896528105666545L,
  236.   39761018525978115L,
  237.   22978596567126644L,
  238.   1968445690331772L,
  239.   55745938047887530L,
  240.   21542483397215163L,
  241.   5866771868302037L],
  242.  [65536, 9708575, 4245472, 3579078, 6165090, 10276724, 14691285, 8579247],
  243.  [32, 194, 27, 75, 158, 83, 214, 23],
  244.  [131072, 337395, 3972722, 5263524, 3481937, 12683921, 1672510, 16016555],
  245.  [1048576, 2595074, 4807849, 3058233, 346350, 4854156, 15556462, 925995],
  246.  [2097152, 14022292, 1148674, 1708593, 1373904, 4609506, 13675667, 742321],
  247.  [4194304, 270100, 1504196, 8594937, 9644926, 9438817, 2339784, 8659038],
  248.  [8388608, 163673, 2440463, 4098383, 1424185, 6242117, 1834629, 7805766],
  249.  [9223372036854775808L,
  250.   588729322898309389L,
  251.   570427707368048987L,
  252.   65163599690702956L,
  253.   117154960401106385L,
  254.   1011472020639884863L,
  255.   495374669689021464L,
  256.   432426960667901606L],
  257.  [2, 185, 121, 188, 125, 21, 96, 153],
  258.  [16777216,
  259.   14152756,
  260.   9038652,
  261.   14059262,
  262.   12155891,
  263.   12539486,
  264.   13474866,
  265.   14021020],
  266.  [144115188075855872L,
  267.   60279086046209435L,
  268.   93107320494114163L,
  269.   140257447853975038L,
  270.   25891072070806345L,
  271.   99755441559173713L,
  272.   141815206628077248L,
  273.   83915926772894531L],
  274.  [33554432,
  275.   10549806,
  276.   8266271,
  277.   5980419,
  278.   23322470,
  279.   23178358,
  280.   23494208,
  281.   15327179],
  282.  [70368744177664L,
  283.   46606107038349L,
  284.   43072666177157L,
  285.   14460038578027L,
  286.   49886001337965L,
  287.   21252643388386L,
  288.   15710567156172L,
  289.   37370806153916L],
  290.  [67108864, 9470754, 47356087, 2054551, 7991537, 4976737, 3877244, 5976108],
  291.  [134217728,
  292.   97798356,
  293.   42186614,
  294.   51665433,
  295.   4572261,
  296.   111146354,
  297.   132035429,
  298.   33104206],
  299.  [1073741824,
  300.   422019286,
  301.   637706503,
  302.   332443768,
  303.   96548123,
  304.   742616708,
  305.   210563171,
  306.   177895055],
  307.  [4294967296L,
  308.   207921565846L,
  309.   904131099412L,
  310.   36280627381L,
  311.   937702446552L,
  312.   1075455387878L,
  313.   1059092000586L,
  314.   793704515126L],
  315.  [17179869184L,
  316.   291192531985L,
  317.   659373301985L,
  318.   35284335127L,
  319.   51379225406L,
  320.   551623083596L,
  321.   769742661816L,
  322.   559076105744L],
  323.  [34359738368L,
  324.   989444555559L,
  325.   903002215310L,
  326.   496494956389L,
  327.   97317499603L,
  328.   719828398727L,
  329.   278221739087L,
  330.   165299066502L],
  331.  [68719476736L,
  332.   443138326902L,
  333.   304784015010L,
  334.   425309101036L,
  335.   48520253506L,
  336.   869656503113L,
  337.   693111607465L,
  338.   888063256670L],
  339.  [137438953472L,
  340.   955355066718L,
  341.   609372981016L,
  342.   679521876954L,
  343.   886747819142L,
  344.   60296333614L,
  345.   37325206117L,
  346.   954001457304L],
  347.  [274877906944L,
  348.   267217359417L,
  349.   794567230620L,
  350.   642420519892L,
  351.   240810475090L,
  352.   810312556556L,
  353.   666355158795L,
  354.   2310110764L],
  355.  [1099511627776L,
  356.   957091764084L,
  357.   264476616980L,
  358.   783140714855L,
  359.   759165542287L,
  360.   290964568637L,
  361.   325089600593L,
  362.   509312110205L],
  363.  [2199023255552L,
  364.   406587449994L,
  365.   2152577530141L,
  366.   1205790140784L,
  367.   1714833753976L,
  368.   402342087832L,
  369.   1414598264999L,
  370.   853667975187L],
  371.  [4398046511104L,
  372.   1050439141602L,
  373.   3914084972876L,
  374.   4085074935641L,
  375.   2779407239436L,
  376.   1579407614204L,
  377.   3329065528822L,
  378.   3861124308204L],
  379.  [8796093022208L,
  380.   1930253123424L,
  381.   3205179886489L,
  382.   4505903091846L,
  383.   240232947399L,
  384.   1346925728778L,
  385.   980831353983L,
  386.   1650788518561L],
  387.  [1, 240, 40, 204, 182, 212, 18, 6],
  388.  [17592186044416L,
  389.   13809656708516L,
  390.   16197416332855L,
  391.   11855005400172L,
  392.   7108504557942L,
  393.   17411509768280L,
  394.   8989961311526L,
  395.   14154899131867L],
  396.  [35184372088832L,
  397.   19602969391542L,
  398.   32015465210403L,
  399.   5856699323420L,
  400.   8077258420460L,
  401.   16371871461766L,
  402.   16452401685468L,
  403.   33867822490209L],
  404.  [140737488355328L,
  405.   35247677661896L,
  406.   132516069868782L,
  407.   4871997466641L,
  408.   768623892310L,
  409.   104490275364109L,
  410.   127403596252752L,
  411.   125188934033617L],
  412.  [562949953421312L,
  413.   2554588348179260L,
  414.   50975453923499664L,
  415.   68979519051641155L,
  416.   18272008473957457L,
  417.   40910560193557171L,
  418.   35383384116471808L,
  419.   18136240575808450L],
  420.  [1125899906842624L,
  421.   25564588196849873L,
  422.   23511378143857191L,
  423.   31800675176749093L,
  424.   24971918923048052L,
  425.   22920505095296394L,
  426.   52276809571960214L,
  427.   12186388306008963L],
  428.  [2147483648L,
  429.   1781311950,
  430.   1535172290,
  431.   402390826,
  432.   684140349,
  433.   2020925477,
  434.   245280090,
  435.   623727919],
  436.  [262144, 7374538, 10503499, 10584617, 2317123, 4766434, 592021, 9139214],
  437.  [4503599627370496L,
  438.   27410714698525532L,
  439.   56966287626972810L,
  440.   10185363114631554L,
  441.   64351691746295958L,
  442.   64055654355911407L,
  443.   20855813507480942L,
  444.   29144773748140152L],
  445.  [18014398509481984L,
  446.   4266181856559116L,
  447.   47229362716701758L,
  448.   8411700419606188L,
  449.   2050936705422011L,
  450.   13090056691422589L,
  451.   12965239627040677L,
  452.   42223764788405328L],
  453.  [64, 6, 179, 128, 31, 14, 130, 23],
  454.  [36028797018963968L,
  455.   1230825843835482L,
  456.   22444243293310201L,
  457.   28558516272902346L,
  458.   18423317266489913L,
  459.   12268121538575645L,
  460.   35413215700929881L,
  461.   7466295371308100L],
  462.  [72057594037927936L,
  463.   32621824481053089L,
  464.   5826747232600426L,
  465.   54617264711750705L,
  466.   65490308092814556L,
  467.   71031381935703069L,
  468.   61304624563968918L,
  469.   63767960212803342L],
  470.  [288230376151711744L,
  471.   23963100072486440L,
  472.   173740446275033734L,
  473.   88839454676391587L,
  474.   7098159032525339L,
  475.   144361173622098866L,
  476.   53590828081370710L,
  477.   144810762533254399L],
  478.  [1152921504606846976L,
  479.   33687948954902003L,
  480.   388888812511833699L,
  481.   181290888556576142L,
  482.   986974118237271724L,
  483.   799197901496304012L,
  484.   459633173888894087L,
  485.   1152878673369206265L],
  486.  [2305843009213693952L,
  487.   411170824244863740L,
  488.   898502631503546552L,
  489.   1182423882296980905L,
  490.   788651903309584453L,
  491.   316790295725583640L,
  492.   133692070398180246L,
  493.   278545664169075356L],
  494.  [536870912,
  495.   250890287,
  496.   3221349,
  497.   446408755,
  498.   266621385,
  499.   104430359,
  500.   374356528,
  501.   312665125],
  502.  [4611686018427387904L,
  503.   1195637156289680119L,
  504.   24621007439812200L,
  505.   43743323218066342L,
  506.   676995634570036126L,
  507.   1203597948695219397L,
  508.   1037036833364889864L,
  509.   130039954294608103L]]
  510.  
  511. check_v = 0x55BDEC8E23A0EF32
  512. init_v = 8828098094971975552
  513.  
  514. try :
  515.   from z3 import *
  516. except :
  517.   print "unable to load Z3, here is a precalculated serial 2 :"
  518.   print "966132348323"
  519.   sys.exit(0)
  520.  
  521. def Xor(a,b) :
  522.   return Or(And(a,Not(b)), And(Not(a), b))
  523.  
  524. bits = []
  525. solver = Solver()
  526.  
  527. for i in xrange(13) :
  528.   bs = []
  529.   for j in xrange(64) :
  530.     bs.append(Bool("b%02d%02d"%(i, j)))
  531.   bits.append(bs)
  532.  
  533. key = []
  534. for i in xrange(12) :
  535.   key.append(Int("k%d"%i))
  536.  
  537. for i in xrange(64) :
  538.   if init_v & (1 << i) :
  539.     solver.append(bits[0][i])
  540.   else :
  541.     solver.append(Not(bits[0][i]))
  542.  
  543. for i in xrange(1, 13) :
  544.   eq = False
  545.   for j, k in enumerate([1, 30, 59, 24, 53, 18, 47, 12, 41, 6, 35, 0, 29, 58, 23, 52]) :
  546.     sub_eq = (key[i-1] == j)
  547.     for l in xrange(63) :
  548.       if l != k :
  549.         sub_eq = And(sub_eq, bits[i][l+1] == bits[i-1][l])
  550.       else :
  551.         sub_eq = And(sub_eq, bits[i][l+1] == Not(bits[i-1][l]))
  552.     sub_sub_eq = False
  553.     for l in xrange(64) :
  554.       if 0x621AC745FB723ED1 & (1 << l) :
  555.         sub_sub_eq = Xor(sub_sub_eq, bits[i][l+1])
  556.     sub_eq = And(sub_eq, bits[i][0] == sub_sub_eq)
  557.     eq = Or(eq, sub_eq)
  558.   solver.append(eq)
  559.  
  560.  
  561.  
  562. for i, t in enumerate(tt) :
  563.   bit = True if check_v & (1 << i) else False
  564.   eq = False
  565.   for v in t :
  566.     has_common_bit = True
  567.     for j in range(64) :
  568.       if v & (1 << j) :
  569.         has_common_bit = And(has_common_bit, bits[12][j])
  570.     eq = Xor(eq, has_common_bit)
  571.   if not bit :
  572.     eq = Not(eq)
  573.   solver.add(eq)
  574.  
  575. solver.check()
  576. solution = solver.model()
  577. r = ""
  578. for i in xrange(12) :
  579.   r += "%X"%int(str(solution[key[i]]))
  580.  
  581. print "serial 2 :"
  582. print r
create a new version of this paste RAW Paste Data