Reverse engineering CRC?
in [Python]
|
Prev: Call for papers: SETP-10, USA, July 2010
Next: [ANNC] pynguin-0.2 (python turtle graphics application)
From: Gregory Ewing on 11 Mar 2010 16:40 Steve Howell wrote: > Hi Greg. I would at least flip one bit at a time on the first byte of > your data to see if the transformation is bitwise. I'm actually making good progress on this -- it turns out there *is* a way of deducing the polynomial by looking at the effect of single-bit flips. It's actually quite simple, with no brute-force searching needed at all. Things get a bit tricky when you don't quite know all of the data that goes into the CRC, though, which seems to be the case here... I'm writing up an essay on my experiences. I'll post a link when it's finished. -- Greg
From: Lawrence D'Oliveiro on 11 Mar 2010 22:15 In message <mailman.452.1268043207.23598.python-list(a)python.org>, Dave Angel wrote: > However, if there's anything in there about how to derive the polynomial > algorithm from (a few) samples I missed it entirely. Given that CRC is all just a sequence of xor operations, what happens if you xor various pairs of CRCs together, wouldn't that cancel out at least parts of the operations?
From: Lawrence D'Oliveiro on 11 Mar 2010 22:16 In message <7vlameF7goU1(a)mid.individual.net>, Gregory Ewing wrote: > I'm going by the fact that the application reports a > "CRC mismatch" when it's wrong. I can't be sure that what > it calls a "CRC" is really a true CRC, but it's more than > a simple sum, because changing one bit in the file results > in a completely different value. They could be using a strong cryptographic hash and truncating it to 16 bits or something. In which case you've got your work cut out for you...
From: Gregory Ewing on 12 Mar 2010 06:24 Lawrence D'Oliveiro wrote: > They could be using a strong cryptographic hash and truncating it to 16 bits > or something. > > In which case you've got your work cut out for you... Nope, I've determined that it's actually a pretty standard CRC, and it's even using one of the standard polynomials, 0x8005. I'll explain the details of how I figured that out in my essay. What confused me initially is that it seems to be adding a few extra bytes to the checked data that aren't present in the file. Figuring out what they're supposed to contain is proving to be quite a headache... -- Greg
From: Emile van Sebille on 12 Mar 2010 09:22 On 3/12/2010 3:24 AM Gregory Ewing said... > What confused me initially is that it seems to be adding > a few extra bytes to the checked data that aren't present > in the file. Figuring out what they're supposed to contain > is proving to be quite a headache... Length? Emile
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 5 Prev: Call for papers: SETP-10, USA, July 2010 Next: [ANNC] pynguin-0.2 (python turtle graphics application) |