Hardcoded md5 serial number crack

[foosaa]

Quote:

Originally Posted by TmC

There is no problem with patching the program. (inlining rather than patching, since it is part of a suite that has also a hardware part and the hardware is checking for program integrity at startup).

Unfortunately, the serial is checked also when requesting updates through the update routine, and even patching the program wont pass the server check.

The serial is passed in cleartext so a patch that simply gives one random hash to check does not work.

Yup. Thought so. Would you mind sharing the program name in a PM? Thanks.

[aijundi]

Perhaps you can check this and do something similar

[chants]

So it looks like you want to do a first pre image attack on MD5.

Wait a second if they are chaining, that opens up a whole new set of opportunities. Why not look into length extension attack and such. You need to explain what is meant by "chaining" in mathematical detail e.g. h(h(bytes[12:16])^bytes[8:12]) where ^ is xor or even concatenation.

The time it takes to handle a group of 4 !!!! Should then based on that list for the final combos be the time per final pair to get the next to last combo etc.

If you want to pass remote validation checks, it may still be impossible as they may further reduced the allowable set or notice unusual activity ertc, no guarantees.