deploy: 00a68cc

from-0-to-crypto-by-projects/episode-2-proof-demonstration/index.html

@@ -2,11 +2,11 @@
 According to the documentation and as it is mentionned that type 7 is an hashing algorithm.
 "><meta name=keywords content><meta name=robots content="noodp"><meta name=theme-color content><link rel=canonical href=https://gogo2464.github.io/gogo-s-blog-cpe/from-0-to-crypto-by-projects/episode-2-proof-demonstration/><title>Episode 2: Reversing cryptography algorithm made to be unreversable (checksum). Method by mathematical proof: disproof :: CPE — CPE: the school that schools to send you to cpe!
 </title><link href=https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css rel=stylesheet type=text/css><link rel=stylesheet href=/gogo-s-blog-cpe/main.d7ff2d2210fd0ab14f417c6d91d2931b4ecffab189943b30890ff820a24a57c9.css><script src=https://kit.fontawesome.com/0ed5cec925.js crossorigin=anonymous></script><link rel=apple-touch-icon sizes=180x180 href=/gogo-s-blog-cpe/apple-touch-icon.png><link rel=icon type=image/png sizes=32x32 href=/gogo-s-blog-cpe/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/gogo-s-blog-cpe/favicon-16x16.png><link rel=manifest href=/gogo-s-blog-cpe/site.webmanifest><link rel=mask-icon href=/gogo-s-blog-cpe/safari-pinned-tab.svg color><link rel="shortcut icon" href=/gogo-s-blog-cpe/favicon.ico><meta name=msapplication-TileColor content><meta itemprop=name content="Episode 2: Reversing cryptography algorithm made to be unreversable (checksum). Method by mathematical proof: disproof"><meta itemprop=description content="I - Identify In a previous article, I read the source code of a program from the executable. The goal of this new article is to audit the logic behind the math algorithm that supposed to avoid to make someone reverse the modification of the password. The password modification algorithm provided by the previous article work is available at this url.
-According to the documentation and as it is mentionned that type 7 is an hashing algorithm."><meta itemprop=datePublished content="2024-10-13T01:25:30+02:00"><meta itemprop=dateModified content="2024-10-13T01:25:30+02:00"><meta itemprop=wordCount content="546"><meta itemprop=image content="https://gogo2464.github.io/gogo-s-blog-cpe/"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://gogo2464.github.io/gogo-s-blog-cpe/"><meta name=twitter:title content="Episode 2: Reversing cryptography algorithm made to be unreversable (checksum). Method by mathematical proof: disproof"><meta name=twitter:description content="I - Identify In a previous article, I read the source code of a program from the executable. The goal of this new article is to audit the logic behind the math algorithm that supposed to avoid to make someone reverse the modification of the password. The password modification algorithm provided by the previous article work is available at this url.
+According to the documentation and as it is mentionned that type 7 is an hashing algorithm."><meta itemprop=datePublished content="2024-10-13T01:25:30+02:00"><meta itemprop=dateModified content="2024-10-13T01:25:30+02:00"><meta itemprop=wordCount content="538"><meta itemprop=image content="https://gogo2464.github.io/gogo-s-blog-cpe/"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://gogo2464.github.io/gogo-s-blog-cpe/"><meta name=twitter:title content="Episode 2: Reversing cryptography algorithm made to be unreversable (checksum). Method by mathematical proof: disproof"><meta name=twitter:description content="I - Identify In a previous article, I read the source code of a program from the executable. The goal of this new article is to audit the logic behind the math algorithm that supposed to avoid to make someone reverse the modification of the password. The password modification algorithm provided by the previous article work is available at this url.
 According to the documentation and as it is mentionned that type 7 is an hashing algorithm."><meta property="article:published_time" content="2024-10-13 01:25:30 +0200 +0200"><link rel=stylesheet href=https://cdn.jsdelivr.net/npm/[email protected]/dist/katex.min.css integrity=sha384-nB0miv6/jRmo5UMMR1wu3Gz6NLsoTkbqJghGIsx//Rlm+ZU03BU6SQNC66uf4l5+ crossorigin=anonymous><script defer src=https://cdn.jsdelivr.net/npm/[email protected]/dist/katex.min.js integrity=sha384-7zkQWkzuo3B5mTepMUcHkMB5jZaolc2xDwL6VFqjFALcbeS9Ggm/Yr2r3Dy4lfFg crossorigin=anonymous></script><script defer src=https://cdn.jsdelivr.net/npm/[email protected]/dist/contrib/auto-render.min.js integrity=sha384-43gviWU0YVjaDtb/GhzOouOXtZMP/7XUzwPTstBeZFe/+rCMvRwr4yROQP43s0Xk crossorigin=anonymous onload='renderMathInElement(document.body,{delimiters:[{left:"$$",right:"$$",display:!0},{left:"\\[",right:"\\]",display:!0},{left:"$",right:"$",display:!1},{left:"\\(",right:"\\)",display:!1}]})'></script></head><body><script defer src=https://cdn.jsdelivr.net/npm/[email protected]/dist/katex.min.js></script><script defer src=https://cdn.jsdelivr.net/npm/[email protected]/dist/contrib/auto-render.min.js onload=renderMathInElement(document.body)></script><div class=container><header class=header><span class=header__inner><a href=/gogo-s-blog-cpe style=text-decoration:none><div class=logo><span class=logo__mark>></span>
 <span class=logo__text>crypto-pwn-elite(cpe): courses</span>
 <span class=logo__cursor style=background-color:#fff></span></div></a><span class=header__right><nav class=menu><ul class=menu__inner><div class=submenu><li class=dropdown><a href=/gogo-s-blog-cpe/from-0-to-crypto-by-projects>Crypto</a></li></div><div class=submenu><li class=dropdown><a href=/gogo-s-blog-cpe/from-0-to-buffer-overflow-by-projects>Pwn</a></li></div><div class=submenu><li class=dropdown><a href=/gogo-s-blog-cpe/putting-games-on-darknet>Elite</a></li></div></ul></nav><span class=menu-trigger><svg viewBox="0 0 24 24"><path d="M0 0h24v24H0z" fill="none"/><path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/></svg>
-</span><span class="theme-toggle not-selectable"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none"><path d="M22 41c10.4934.0 19-8.5066 19-19C41 11.5066 32.4934 3 22 3 11.5066 3 3 11.5066 3 22s8.5066 19 19 19zM7 22C7 13.7157 13.7157 7 22 7V37C13.7157 37 7 30.2843 7 22z"/></svg></span></span></span></header><div class=content><main class=post><div class=post-info></p></div><article><h2 class=post-title><a href=https://gogo2464.github.io/gogo-s-blog-cpe/from-0-to-crypto-by-projects/episode-2-proof-demonstration/>Episode 2: Reversing cryptography algorithm made to be unreversable (checksum). Method by mathematical proof: disproof</a></h2><div class=post-content><h2 id=i---identify>I - Identify</h2><p>In a previous <a href=https://gogo2464.github.io/gogo-s-blog-cpe/from-0-to-buffer-overflow-by-projects/episode-2-guessing-source-code-reverse-engineering-program/>article</a>, I read the source code of a program from the executable. The goal of this new article is to audit the logic behind the math algorithm that supposed to avoid to make someone reverse the modification of the password. The password modification algorithm provided by the previous article work is available at this <a href=https://codeberg.org/gogo/viegenere-cisco-proprietary-algorythm-decompiled-from-packet-tracer>url</a>.</p><p>According to the documentation and as it is mentionned that type 7 is an hashing algorithm.</p><p>A secure hash algorithm is an hash algorithm so that for any function hash that transform the original (plaintext) value $ hased = H(plain) $ there does not exist a function $ rev(hashed) $ so that $ rev(hashed) = plain $.</p><h2 id=ii---notes>II - Notes:</h2><p>I really definitely insist on this point: <code>It is crucial for a cryptologist to PROOVE his statement. Not just calculating.</code> If you only calculate, you could reach some proprietary algorithms such as this one but you will never ever be able to code CVE exploits on modern algorithms. I insist in the point you have to read <a href=https://www.people.vcu.edu/~rhammack/BookOfProof/Main.pdf>book fo proof</a> if you did not do it yet. It is to do theorem proving.</p><h2 id=iii---analysis-under-mathematical-thinking>III - Analysis under mathematical thinking</h2><p>The reverse engineering of the hash of vigenere cisco has permitted to deduct the method taken by this algorithm.</p><p>We could then guess that the researchers thanks then that:</p><p><img alt=image src=/gogo-s-blog-cpe/from-0-to-crypto-by-projects/episode-2-proof-demonstration/theory-behind-type7-hash.png></p><p>The question is to proove that there exists a function $ rev(hashed) $ so that $ \forall plain [rev(H(plain)) = plain] $ then $ \forall x [x = H(plain)] $</p><h2 id=iv-1--solving-the-theorem-finding-a-way-to-proove-the-case>IV/ 1- solving the theorem finding a way to proove the case.</h2><p>There are a lot of different method to proove a theorem. You could pick the one you prefer or the one you find easier.</p><p>The big picture is to split the proof into several cases.</p><p>There a serveral various operations including:</p><ul><li>splitting number between 0 and 256 to two differnt more little number (the shift: $ \ggg $ and the logical and: $ \land 0xf0 $ ). Reversable by mergingtwo numbers in a single one with same algortihm.</li><li>adding. You could simply substract to reverse.</li><li>doing an boolean exclusive logical or to a known password.<ul><li>as each number exclusively logically set to logical or (xored) with itself has the final value of 0 and as 0 set to logical or with another number will return this number, <img alt=image src=/gogo-s-blog-cpe/from-0-to-crypto-by-projects/episode-2-proof-demonstration/reversing-exclusive-or.png> it follows that logically set to logical or to the hardcoded password one time will change the values but logically set to logical or a second time to the same hardcoded value will change it to the original value. See <a href=https://en.wikipedia.org/wiki/Exclusive_or#Definition>boolean algebra</a>, and see this schems provided with the tool name <code>cryptool-2</code>.</li></ul></li></ul><p>All of these are equivalent to another operation.</p><p>Then I decide to choose a proof in the form:</p><p>as: $ \forall h \in N[(h = p + x) \implies (p = h - x)] $</p><p>and as: $ \forall h \in N[(h = p \oplus x) \implies (p = h \oplus x)] $</p><p>and as:
+</span><span class="theme-toggle not-selectable"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none"><path d="M22 41c10.4934.0 19-8.5066 19-19C41 11.5066 32.4934 3 22 3 11.5066 3 3 11.5066 3 22s8.5066 19 19 19zM7 22C7 13.7157 13.7157 7 22 7V37C13.7157 37 7 30.2843 7 22z"/></svg></span></span></span></header><div class=content><main class=post><div class=post-info></p></div><article><h2 class=post-title><a href=https://gogo2464.github.io/gogo-s-blog-cpe/from-0-to-crypto-by-projects/episode-2-proof-demonstration/>Episode 2: Reversing cryptography algorithm made to be unreversable (checksum). Method by mathematical proof: disproof</a></h2><div class=post-content><h2 id=i---identify>I - Identify</h2><p>In a previous <a href=https://gogo2464.github.io/gogo-s-blog-cpe/from-0-to-buffer-overflow-by-projects/episode-2-guessing-source-code-reverse-engineering-program/>article</a>, I read the source code of a program from the executable. The goal of this new article is to audit the logic behind the math algorithm that supposed to avoid to make someone reverse the modification of the password. The password modification algorithm provided by the previous article work is available at this <a href=https://codeberg.org/gogo/viegenere-cisco-proprietary-algorythm-decompiled-from-packet-tracer>url</a>.</p><p>According to the documentation and as it is mentionned that type 7 is an hashing algorithm.</p><p>A secure hash algorithm is an hash algorithm so that for any function hash that transform the original (plaintext) value $ hased = H(plain) $ there does not exist a function $ rev(hashed) $ so that $ rev(hashed) = plain $.</p><h2 id=ii---notes>II - Notes:</h2><p>I really definitely insist on this point: <code>It is crucial for a cryptologist to PROOVE his statement. Not just calculating.</code> If you only calculate, you could reach some proprietary algorithms such as this one but you will never ever be able to code CVE exploits on modern algorithms. I insist in the point you have to read <a href=https://www.people.vcu.edu/~rhammack/BookOfProof/Main.pdf>book fo proof</a> if you did not do it yet. It is to do theorem proving.</p><h2 id=iii---analysis-under-mathematical-thinking>III - Analysis under mathematical thinking</h2><p>The reverse engineering of the hash of vigenere cisco has permitted to deduct the method taken by this algorithm.</p><p>We could then guess that the researchers thanks then that:</p><p><img alt=image src=/gogo-s-blog-cpe/from-0-to-crypto-by-projects/episode-2-proof-demonstration/theory-behind-type7-hash.png></p><p>The question is to proove that there exists a function $ rev(hashed) $ so that $ \forall plain [rev(H(plain)) = plain] $.</p><h2 id=iv-1--solving-the-theorem-finding-a-way-to-proove-the-case>IV/ 1- solving the theorem finding a way to proove the case.</h2><p>There are a lot of different method to proove a theorem. You could pick the one you prefer or the one you find easier.</p><p>The big picture is to split the proof into several cases.</p><p>There a serveral various operations including:</p><ul><li>splitting number between 0 and 256 to two differnt more little number (the shift: $ \ggg $ and the logical and: $ \land 0xf0 $ ). Reversable by mergingtwo numbers in a single one with same algortihm.</li><li>adding. You could simply substract to reverse.</li><li>doing an boolean exclusive logical or to a known password.<ul><li>as each number exclusively logically set to logical or (xored) with itself has the final value of 0 and as 0 set to logical or with another number will return this number, <img alt=image src=/gogo-s-blog-cpe/from-0-to-crypto-by-projects/episode-2-proof-demonstration/reversing-exclusive-or.png> it follows that logically set to logical or to the hardcoded password one time will change the values but logically set to logical or a second time to the same hardcoded value will change it to the original value. See <a href=https://en.wikipedia.org/wiki/Exclusive_or#Definition>boolean algebra</a>, and see this schems provided with the tool name <code>cryptool-2</code>.</li></ul></li></ul><p>All of these are equivalent to another operation.</p><p>Then I decide to choose a proof in the form:</p><p>as: $ \forall h \in N[(h = p + x) \implies (p = h - x)] $</p><p>and as: $ \forall h \in N[(h = p \oplus x) \implies (p = h \oplus x)] $</p><p>and as:
 $ \forall h \in N[(h = p \ggg x) \implies (p = h \lll x)] $</p><p>then, for any h in N, $ p = (h - x_1 \oplus x_2 \lll x_3) $.</p><p>Let&rsquo;s check it out that <a href=/gogo-s-blog-cpe/from-0-to-crypto-by-projects/episode-2-proof-demonstration/latex-reverse-type7.pdf>in this paper</a>!</p></div></article><hr><div class=post-info></div></main></div><footer class=footer><div class=footer__inner><ul class=icons><li><a href=https://gogo2464.github.io/gogo-s-blog-cpe/posts/index.xml target=_blank title=rss class="icon fa-solid fa-rss"></a></li></ul></div><div class=footer__inner><span>&copy;2024</span>&nbsp;
 <span><a href=https://gogo2464.github.io/gogo-s-blog-cpe/></a></span>&nbsp;
 <span><a href=https://creativecommons.org/licenses/by-nc/4.0/ target=_blank rel=noopener>CC BY-NC 4.0</a></span></div><div class=footer__inner><div class=footer__content><span>Powered by <a href=http://gohugo.io>Hugo</a></span><span>with <a href=https://github.com/coolapso/hugo-theme-hello-4s3ti>Hello-friend-4s3ti</a></span></div></div></footer></div><script type=text/javascript src=/gogo-s-blog-cpe/bundle.min.efa6b6352b1e4d712533d2fbd29f0c899eb1474e0f181433c934e6c6fdd3678ff834c116423c957d7a6ff6763e9c0d599a82208cdeae81c4a483e37853c46360.js integrity="sha512-76a2NSseTXElM9L70p8MiZ6xR04PGBQzyTTmxv3TZ4/4NMEWQjyVfXpv9nY+nA1ZmoIgjN6ugcSkg+N4U8RjYA=="></script></body></html>