brain teaser

Git · #1 11-18-2011, 00:50

Given this set of numbers :

i num
0 FCDE 1111 1100 1101 1110
1 4873 0100 1000 0111 0011
2 3809 0011 1000 0000 1001
3 8BC3 1000 1011 1100 0011
4 E9E8 1110 1001 1110 1000
5 D20E 1101 0010 0000 1110
6 FFD8 1111 1111 1101 1000
7 B552 1011 0101 0101 0010
8 E469 1110 0100 0110 1001
9 0423 0000 0100 0010 0011
A 0C77 0000 1100 0111 0111
B FDF2 1111 1101 1111 0010
C CE96 1100 1110 1001 0110
D C28F 1100 0010 1000 1111
E 72B4 0111 0010 1011 0100
F 0AED 0000 1010 1110 1101

Can anybody see how 'num' is generated from it's index position 'i', some constants (probably 16bit), maybe other table values(like the previous entry e.g.) and binary operators xor, ror, and, etc. Data is given in hex and binary for convenience.

I can't offer any reward, other than a mention in the credits in the free utility which needs this algo!.

Git

aldente · #2 11-18-2011, 01:23

Why don't you just use a lookup table, if there are just 16 numbers?

Git · #3 11-18-2011, 01:58

That set of numbers is just an example, I need the general algorithm.

Git

disauto · #4 11-18-2011, 04:37

you give the num i think maybe 1(8)1(4)1(2)1(1) .

Git · #5 11-18-2011, 06:18

Don't understand you disauto, sorry.

Git

tofu-sensei · #6 11-18-2011, 20:31

what's this for, if i may ask? perhaps there's an easier way to figure it out.

Git · #7 11-18-2011, 23:05

It's part of a data file protected by RSA, RC6 and MD5 checks. This obfuscated block is the last part to crack. The exe that writes the file is in private hands. The app that decrypts the file is a VMProtect protected ring 0 driver.

Git

nathan · #8 11-23-2011, 19:54

Hi Git, from what you say these numbers are changing everytime you run the process. Could you cut & paste a couple of more sequences ?

Git · #9 11-24-2011, 00:49

They're not created by my process, they are part of an encrypted data file. Each data file is unique, depending on a different 16bit key. The algo which produces these tables is the same for each, but probably with different constant(s). Here are the numbers from another file :

0 FCDE
1 4873
2 3809
3 8BC3
4 E9E8
5 D20E
6 FFD8
7 B552
8 E469
9 0423
A 0C77
B FDF2
C CE96
D C28F
E 72B4
F 0AED

Git

*RemedY* · #10 11-24-2011, 00:53

Uhmm Git...

these numbers are the same as in your first post

A different set would be nice.

Regards
*RemedY*

sendersu · #11 11-24-2011, 01:18

Git, you said
"a data file protected by RSA, RC6 and MD5 checks."
so do you mean that these numbers could be as a result of one of strong crypto algo?
you need to figure out what algo used exactly (if you lucky - you cuold monitor the Win API, is it windows app?
you could for example sniff the crypto api from ms...... etc
without this knowledge your teaser = find black cat in black room

Git · #12 11-24-2011, 06:17

Sh*t, sorry

.

0 84D5
1 09AA
2 8E7F
3 1354
4 9829
5 1CFE
6 A1D3
7 26A8
8 AB7D
9 3052
A B527
B 39FC
C BED1
D 43A6
E C87B
F 4D50

The protection of the data is in layers. RC6 etc has been removed and this block of numbers is the jam in the doughnut. Data is processed by VMprotected ring 0 driver, not so easy to monitor.

Git

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode