Cracking Packet encryption (MMORPG Emulator)

[Ign0rance]

Hello ez,


For an emulator project, i did some RE with a friend and we are stuck at cracking the encryption system.


Let me explain :


- We know approximative data structure in packets,
- We know that packets are encrypted
- We know the first packet sent is something like an encryption key, and we have its data
- We think the encryption system is XOR.


And that's all, we can't go further (opCode analysis, etc) since we don't have this encryption cracked.


Can you guys recommend me somewhere I can find a crypto man for free? Or somewhere i can find a tutorial on how-to break this kinda encryption.


Thx for your future help

[Ign0rance]

Such a usefull answer, I don't have time to learn crypto stuff to do it by myself, i want to find someone who can do it.


I have the decompiled exe (with Themida removed) and i found encryption keys in this ASM, but the only thing i know about the encryption system is that they use crypto++ with this : http://www.cryptopp.com/docs/ref/class_d_l___elgamal_like_signature_algorithm.html


I also found some string references like "SHA256" and "ECDSA", also found "EMSA1". But nothing more, all i need now is someone who can find crypto system just with this asm file.

[Karpz]

You don't have time? Then... Erm... Why are you... Yeah...

And XOR doesn't take too much time to crack.

Staff note: double posting ngrfgt

[d4rkcat]

And XOR doesn't take too much time to crack.

You are full of shit, XOR with a one time pad is impossible to crack without the key.
Also stop shitposting and double posting.

@OP, I'm not good at crypto, but if you have what you think is the XOR key, you might want to try XORing the ciphertext with that key, maybe in a loop if the key is shorter than the ciphertext, and see if anything that makes sense comes out.

[Ign0rance]

You are full of shit, XOR with a one time pad is impossible to crack without the key.
Also stop shitposting and double posting.

@OP, I'm not good at crypto, but if you have what you think is the XOR key, you might want to try XORing the ciphertext with that key, maybe in a loop if the key is shorter than the ciphertext, and see if anything that makes sense comes out.

Going to try it, but i'm really not sure this is XOR since i found some String related to ECDSA1, SHA-256 and DSA in assembly...
I got all i need in assembly, having like 99,99% of what i need to develop my own emulator, the only thing needed now is this packet encryption ><.


Hope SHA-256 is only related to password hash for auth, koz if it's for a public/private key system, i'm almost fucked up (i'm not strong enough in RE to find the exact public key and try it by myself atm).

[Karpz]

You are full of shit, XOR with a one time pad is impossible to crack without the key.
Also stop shitposting and double posting.

@OP, I'm not good at crypto, but if you have what you think is the XOR key, you might want to try XORing the ciphertext with that key, maybe in a loop if the key is shorter than the ciphertext, and see if anything that makes sense comes out.

People have cracked way more sophisticated encryptions than XOR... So no, it's not "impossible".

[TheWormKill]

People have cracked way more sophisticated encryptions than XOR... So no, it's not "impossible".

Check your facts before shitposting: https://en.wikipedia.org/wiki/One-time_pad
If you meant repeated key XOR, then you missed d4rkcat's point.

[Ign0rance]

Anyways, this is not XOR, i'm afraid this can be some SSL/TLS, we have noticed a handshake between client and server, and the paquets sent are never the same :/.


So we got an idea, but i really doubt it can work.


The client is sending handshake request to our server, then we send this handshake packet to official server, which will answer with the good packet. Then we follow this good packet to the client. Can this one work? it'll not real encryption system but still, we'll be able to start a communication between client and server and try to send some clear packets (we noticed a crypt flag in packets, so if we can send the same packet crypted and unencrypted, we will be able t break encryption by comparing original data and crypted data.