문제
정답은 무엇인가
실행 화면
IDA 분석
입력한 문자열과 복호화한 암호문을 비교해서 성공 메시지를 보여주는 동작을 하는 것 같다.
RijndaelSimple 은 AES 암호화 알고리즘이라고 한다.
계속 찾아보니 C#으로 짜여진 .Net 프로그램이라서 ida에서 분석이 제대로 안된 것이라고 한다.
dotpeek이라는 .net decompiler를 사용해서 분석을 해보도록 하겠다.
Main
RijndaelSimple
IDA로 분석한 동작과 같은 동작을 한다.
decompile된 코드를 가져와서 정답문자열을 볼 수 있게 해보자
Main 사이에 Console.WriteLine(str);를 넣어서 정답 문자열이 출력되게 하였다.
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
public class RijndaelSimple
{
public static string Encrypt(
string plainText,
string passPhrase,
string saltValue,
string hashAlgorithm,
int passwordIterations,
string initVector,
int keySize)
{
byte[] bytes1 = Encoding.ASCII.GetBytes(initVector);
byte[] bytes2 = Encoding.ASCII.GetBytes(saltValue);
byte[] bytes3 = Encoding.UTF8.GetBytes(plainText);
byte[] bytes4 = new PasswordDeriveBytes(passPhrase, bytes2, hashAlgorithm, passwordIterations).GetBytes(keySize / 8);
RijndaelManaged rijndaelManaged = new RijndaelManaged();
rijndaelManaged.Mode = CipherMode.CBC;
ICryptoTransform encryptor = rijndaelManaged.CreateEncryptor(bytes4, bytes1);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream((Stream)memoryStream, encryptor, CryptoStreamMode.Write);
cryptoStream.Write(bytes3, 0, bytes3.Length);
cryptoStream.FlushFinalBlock();
byte[] array = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(array);
}
public static string Decrypt(
string cipherText,
string passPhrase,
string saltValue,
string hashAlgorithm,
int passwordIterations,
string initVector,
int keySize)
{
byte[] bytes1 = Encoding.ASCII.GetBytes(initVector);
byte[] bytes2 = Encoding.ASCII.GetBytes(saltValue);
byte[] buffer = Convert.FromBase64String(cipherText);
byte[] bytes3 = new PasswordDeriveBytes(passPhrase, bytes2, hashAlgorithm, passwordIterations).GetBytes(keySize / 8);
RijndaelManaged rijndaelManaged = new RijndaelManaged();
rijndaelManaged.Mode = CipherMode.CBC;
ICryptoTransform decryptor = rijndaelManaged.CreateDecryptor(bytes3, bytes1);
MemoryStream memoryStream = new MemoryStream(buffer);
CryptoStream cryptoStream = new CryptoStream((Stream)memoryStream, decryptor, CryptoStreamMode.Read);
byte[] numArray = new byte[buffer.Length];
int count = cryptoStream.Read(numArray, 0, numArray.Length);
memoryStream.Close();
cryptoStream.Close();
return Encoding.UTF8.GetString(numArray, 0, count);
}
}
public class RijndaelSimpleTest
{
[STAThread]
private static void Main(string[] args)
{
string plainText = "";
string cipherText = "BnCxGiN4aJDE+qUe2yIm8Q==";
string passPhrase = "^F79ejk56$£";
string saltValue = "DHj47&*)$h";
string hashAlgorithm = "MD5";
int passwordIterations = 1024;
string initVector = "&!£$%^&*()CvHgE!";
int keySize = 256;
RijndaelSimple.Encrypt(plainText, passPhrase, saltValue, hashAlgorithm, passwordIterations, initVector, keySize);
string str = RijndaelSimple.Decrypt(cipherText, passPhrase, saltValue, hashAlgorithm, passwordIterations, initVector, keySize);
Console.WriteLine(str);
while (true)
{
Console.WriteLine("Please enter the password: ");
if (!(Console.ReadLine() == str))
Console.WriteLine("Bad Luck! Try again!");
else
break;
}
Console.WriteLine("Well Done! You cracked it!");
Console.ReadLine();
}
}정답
^^