Questions tagged [encryption]
Process of encoding information such that decoding requires the knowledge of some secret (a key). This tag covers questions about obfuscated and encrypted programs, or tools, but higher level questions may get better answers on Cryptography Stack Exchange.
222 questions
0
votes
0
answers
18
views
How do I find the decryption key of an android app using Frida?
I've been reverse-engineering an Android app for a set of Bluetooth headphones, and my goal is to find the keys to decrypt the firmware. I obtained the firmware by intercepting the traffic between the ...
- 1
0
votes
0
answers
32
views
Reverse Engineering S/EX RE-MAN BOARD INTERFACE SR2 SL (MRD-45-2276)
S/EX RE-MAN BOARD INTERFACE SR2 SL (MRD-45-2276)
How can I access the raw data sent by the sensors to this board?
I also need the data sheet and schematic information of the board.
- 1
0
votes
1
answer
67
views
can we decrypt a hash function of SHA256
if i have a hash SHA-256 , i want to decrypt it i know that result is in the format of string of length 40 which contains both small and large alphabet and 0-9 number (randomly)
which method i have ...
0
votes
0
answers
51
views
Which BHC error correction code produces non-zero code for all-zero data input
I am reversing a raw flash image (Micron MT29F16G08ABACA), and I am currently stuck trying to find the correct ECC algorithm.
What I know thus far:
1 page = 4096 bytes data + 224 bytes OOB (out of ...
- 33
0
votes
0
answers
71
views
What is the checksum algorithm for these messages?
I am attempting to reverse engineer a motor with an unknown CRC algorithm. I've used a logic analyzer to find these bytes, and I would like to send my own bytes back to the motor. Unfortunately, I can'...
1
vote
1
answer
74
views
How to Determine the AES Mode Used for an Encrypted Binary File?
I'm working with a binary file that has been encrypted using the AES cipher, but I'm unsure of which mode of operation was used (e.g., ECB, CBC, GCM, etc.). I need to automate the process of ...
- 125
0
votes
0
answers
36
views
SIM card firmware
I'm trying to look into inner workings of smart cards. I'm familiar with APDUs, PC/SC and the ways of communicating with a smart card. I'm more interested in the firmware (bootloader/OS) that is ...
- 1
0
votes
0
answers
48
views
How the 'Secure Application ROM (SAROM)' works ? and how can be decrypted?
There is a protection product that i'm interested in analyzing and breaking it called SAROM that encrypts sensitive information that stored in the client-side such as API Keys/hardcoded stuff. I tried ...
- 137
0
votes
0
answers
24
views
Figure out iButton hash of known stored value in 6 bytes
I have an old iButton which stores a floating number on 6 bytes, presumably using a checksum, for which I can't figure out the algorithm.
Here are samples I have:
value X1 X2 X3 X4 X5 X6 V1 V2 ...
0
votes
0
answers
66
views
Save game files
I recently decided to embark on the adventure of reverse engineering game save files and I am trying to modify the Eternium game data, I have tried to see similarities between the different saves but ...
0
votes
0
answers
35
views
I extracted a file from inside the dump that contains the serial number and I need to analyze it
I extracted a file from inside the dump that contains the serial number and I need to analyze it
I want to unpack and compress this encrypted file after modifying it
1
vote
1
answer
93
views
Sniff Bluetooth traffic using Fitness Tracker
I am attempting to sniff the Bluetooth between the fitness tracker(GOJI ACTIVE GFITBK20 Activity Tracker) and the application(Goji Active) installed on the phone but I am unable to see any health ...
- 11
0
votes
0
answers
112
views
How did a cheap amazon RF key managed to clone original key with rolling codes?
I have a garage and I have the original key which is 433MHz and the specifications say it is a rolling code. Here is a table of the specifications:
Range in open field (m): 100
Frequency: 433.92 MHz
...
0
votes
1
answer
57
views
Is there any way to read the data in STC11F02E?
I need to read the data from the STC11F02E microcontroller. Is there a way to do this?
- 1
0
votes
0
answers
50
views
Decoding API headers of unknown encoding?
I'm using mitmproxy to monitor facebook messenger app traffic on my android. Firstly I had to enable whitehat settings to use it. After that I found some request headers has some unknown value in body....
0
votes
0
answers
64
views
Unknown file analysis
I have a file, which supposedly contains an output of CRC32 hash. Problem is, file has no extension, type file (cat analogue) returns mangled gibberish, i.e. ёя╫жW▲{═Sb╨y¶|ИМ▐ВQ╙l9k╖▀у║?╩↓b☼┐R.
TrID ...
0
votes
0
answers
62
views
How to use reverse engineering to learn how facebook send messages?
I would like to know how I can use reverse engineering technique to learn how Facebook/messenger send messages? I were analyzing my developer tools network tab, but couldn't find anything. Fiddler ...
0
votes
0
answers
87
views
How to get decryption keys from an offline player?
I am just starting to learn reverse engineering from lena lectures.
I have 2 encrypted sample vids and an offline player which is able to decrypt the videos and play them, is there any way,I can get ...
0
votes
0
answers
60
views
How to replicate this encoding algorithm
I am writing a helper script at work for when new people start work and need help setting up respective applications - the application will write configuration files to be loaded into the various ...
1
vote
0
answers
74
views
Reverse engineering from sets of data
I'm starting in the world of reverse engineering, for educational purpose, by studying a (supposed-to-be) relatively simple system as black-box.
The system uses a NFC Mifare 1k badge to store ...
- 111
0
votes
0
answers
61
views
Attempting to auto reverse XOR
Does anyone know of any helpful tools or a way to automate decryption of XOR in IDA? I know that they have a built in function to do some bare XOR encryption but this one seems a bit more ...
0
votes
0
answers
435
views
How to decompile python .exe who compiled by Nuitka?
i have one file named hello.exe and compiled using nuitka by cmd :
python -m nuitka --mingw64 --windows-icon-from-ico=ICON.ico --onefile --windows-company-name=NAME --windows-product-version=1.0 --...
- 1
0
votes
0
answers
82
views
How to decrypt and analyse data from desktop application
I have a project where I need to analyse some data from a desktop application (WeChat) on Windows. More specifically, I am looking to extract URLs when I search for articles using a particular keyword....
- 1
1
vote
0
answers
92
views
How to identify digital signature and sign executables with it?
There is an embedded platform which requires signing binary executable file for them to be loadable onto CPU from flash. Signed executable consists from signature (first 40 bytes) and unsigned ...
- 11
0
votes
0
answers
142
views
Find encryption method, Decrypt Non-Cyrillic/Non readable characters
I have an old file, I know what it contains, I know that this is encoding without a password, any privatekey and secretkey. This is some kind of encoded file/string, possibly converted several times.
...
- 21
2
votes
0
answers
64
views
Figuring out the algorithm for an NFC reader, which displays values increased by 1.52 times
I have two NFC readers, reader A reads card ID numbers according to the ISO standard and the algorithm is publicly available. Reader B is from a Canon printer. The card numbers read by reader B are 1....
- 21
14
votes
1
answer
5k
views
McDonald's receipt codes
Receipts from McDonald's in the UK include a code that allows you to complete an online survey as shown in the attached image (in the green box):
After gathering and comparing several receipts I have ...
- 363
1
vote
1
answer
769
views
How can I extract the password from an installer/self-extracting archive?
I have an installer/self-extracting archive. The executable file has an embedded ZIP archive into it (like many other installers). The ZIP archive is encrypted with a password.
The installer DOES NOT ...
- 119
1
vote
0
answers
160
views
How to identify encoding algorithm used
I'm using a calendar application, and each date is encoded. I would like to know which algorithm has been used to do this.
Example:
I have a date: 05-10-2023 ('mm-dd-yyyy') and it's encoded string is ...
- 19
2
votes
0
answers
53
views
I want to learn how to program by orienting myself to the task of reverse engineering
I have to learn programming from scratch and I want to orient my learning in order to be able to reverse engineer to break obfuscators. It would be helpful if you could recommend me what languages, ...
- 21
3
votes
0
answers
76
views
How to read the content of these files?
I am looking for a way to read the content of these two files. If that is possible, please let me know.
Google Drive link for the files
- 73
3
votes
0
answers
219
views
How to decrypt query string of an url
I need to decrypt the encoded part of query string i.e. Q7eM0euncHNyrhJPjN06lw== and sWmYdMUi01BJplzumEaxTw== from the following urls?
https://XXXX/deed-check/view-deed-summary?encApplicationId=...
- 161
1
vote
0
answers
85
views
can sha1 hash of file converted to sha2 hash?
I have a phone database /data/user/0/com.miui.gallery/databases/gallery.db containing information such as exif data and file name. there is a column sha1 containing value
...
- 113
6
votes
1
answer
572
views
Decrypt the cookies stored by the MS Teams desktop client
I am creating a digital forensic tool that gets all data of user from different platforms. I successfully have done extraction for Teams website but I am unable to do so for the desktop app. So far, I ...
- 111
2
votes
0
answers
533
views
Extract assets images from a games APK [closed]
I'm trying to remove some images from an android game, but when I try to view them in a hexadecimal viewer I see that they don't contain a PNG header, so I can't view them through the python PIL ...
- 21
3
votes
4
answers
573
views
Reverse Engineering CTF help
I am having trouble figuring out this microcorruption challenge in the link below: https://microcorruption.com/debugger/Halifax
Basically, the 0x7f interrupt has been disabled so I must reenable it ...
- 141
6
votes
1
answer
2k
views
Reversing an RSA function throws pkcs decoding error
I'm working my way through reversing a toy challenge, and I find myself stuck. The app is pretty simple, it spits out a blob of text (e.g. "3b880a90e476d66569d9d5dfb5cd755af3f..."). Dumping ...
- 215
2
votes
0
answers
45
views
Looking for some help for decoding a signal from IR remote
The following signal has been captured from a remote that I suspect code for at least 3 things: the ID: 107, the item: 1, and the color. I didn't change the ID and item here (although I could do so ...
- 21
3
votes
0
answers
171
views
Reverse-engineering 24-bit to make the lock system recognize NFC cards as their own
I own a lock system that uses SRI512 cards.
My supplier (manufacturer of the locks) sells the cards at a very expensive price, so I decided to buy them online.
Once they arrived, when I tried to write ...
- 31
2
votes
0
answers
186
views
Find out used encryption in an SQLite database
Is it possible to see from a string which encryption an SQLite database uses? Let's say, I can open the database and see this: O45dTrA6NKG6SYeCENMwV7nxp66HR9lbhK12NGHgVnzEhebMjMJUhTmConk= - how do I ...
- 21
2
votes
0
answers
149
views
How would I decode this XOR Cipher
I have been given a XOR Cipher which is a bunch of hexidecimal looking charcters. This cipher is:
fa ce fd d3 fa df ed d3 fa ce d3 d3 fa de df d3
fa de df d3 fa de f9 d3 fa ce f9 d3 fa de f1 d3
...
- 51
1
vote
0
answers
150
views
Where can I find the hashing algorithm in source code?
When I submit login credentials in an Android Application it POSTs an encrypted string to an API endpoint.
For example, if I enter the following email & pass :
"[email protected]:abc"
it ...
- 11
0
votes
1
answer
196
views
Reversing encrypted file with unknown extension
Hello to everyone in RE section!
I have a binary file with questionable extension(meaning idk if its exe/dll).
Multiple variations of this file can be acquired throught connection to remote CDN via ...
0
votes
1
answer
199
views
Identifying the source of encryption used by UDP packets in a PCAP file
I have a PCAP file (mediafire link to the file) which basically represents packet captures between 2 machines running the same game connected to each other via LAN inside RPCS3 using RPCN.
One of ...
- 103
2
votes
0
answers
21
views
Encoding scheme identification of the following communication message
I'm trying to RE an app for educational purposes.
So here is the behavior of the app.
When the app starts, it communicate with a server in plain tcp and based on those tcp messages, it either work as ...
- 21
2
votes
0
answers
398
views
Where can I find the encryption algorithm for this POST request in an Android APP?
I have an Android app for which I need to mock an API call outside of that environment. I successfully killed the certificate pinning on this app with Frida in order to access the URL and more, but ...
- 29
0
votes
0
answers
82
views
Password encryption when transferring from master to PLC
So, there is a PLC and a SoftMaster program to work with it. The PLC works according to the XGFenet protocol.
When connecting to the PLC for the first time in SoftMaster, a password must be entered. ...
- 101
2
votes
0
answers
8k
views
Extracting ZTE F670L router's config.bin file
I want to enable telnet in my router (ZTE F670L V9.0.11P1N20D), So, I backup my router and i have a file config.bin, Size 23.5KB. I fired up kali and when i issue this command:
$ file config.bin
...
- 21
1
vote
1
answer
2k
views
Where can I find the encryption algorithm in source code?
When I submit a Customer Reference ID in an Android Application it POSTs an encrypted string to an API endpoint.
For example, if I enter the following CR ID :
"SR-54585482"
it POSTs the ...
- 13
1
vote
0
answers
367
views
How to decode/decrypt/decipher an unknown 83 bytes long UDP payload?
I have an unknown 83 bytes long payload which I would like to decode/decrypt/decipher…
I got an alarm system from vendor www.jablotron.com, an old device, but it works perfectly.
It’s JA-63 with a LAN ...
A R