OTClient discover rsa
- Thread starter Onimusha
- Start date
Merrok
Magic Tomato
- Joined
- Jun 18, 2009
- Messages
- 176
- Solutions
- 7
- Reaction score
- 209
Before you continue reading, please understand that I have never worked with OTC and thereby this information is general about those topics and not OTC specific.
So, it actually depends on if you are trying to find the public or the private key.
Though technically the public key for RSA is mostly the same (being 65537), so you are actually looking for the modulus n
If you wanna find the private key, you have no chance as long as the modulus n >= 1024bit
Encryption is based on basically unsolvable mathematical problems. So you create a problem (usually a prime number problem) that can't be solved without having certain (secret) information.
Now to obfuscated systems and code. People in this community seem to misinterpret what obfuscation is and why you do it.
It simply takes away a huge part of the human readability. It doesn't encrypt.
So depending on the obfuscation, there are different ways to retrieve huge parts of the code as human readable, even though it won't be the exact same code.
In your specific instance, it is a lot easier actually because you are looking for a certain variable.
So again: It depends on the obfuscation.
But google can help you with that.
There is a second way to retrieve the modulus though. But this is very mathematical and you will need to understand how RSA works to do this.
And this also depends a bit on the way OTs in general are using encryption or RSA specifically.
Stick with me and I will go more into detail, though not explain how exactly it would work. RSA is actually not the easiest of all encryptions if used correctly.
If they use textbook RSA and RSA only, it's gonna be pretty simple. Actually if it uses textbook RSA, it's by far not as secure as you might think. Better than nothing though I guess.
Again: I don't even know what I'm doing here, I don't even know how the connection between tibia clients and OTs is handled and I'm too lazy to read into it. Just not worth it.
Now if it uses RSA with a padding algorithm it is a lot more secure, but since you are the one sending the messages, you have access to the plaintext, the cryptotext and the public key (65537, assuming my guess is correct of course). So it is still possible to do, though more compllicated.
Then there is also the possibility it works like SSH and only uses RSA to negotiate an AES key for further communication, which would mean that after some "Smalltalk" between the server and your client, you would actually be using AES instead, which is a much lighter and more efficient encryption. Especially since Tibia actually uses TCP (for some dumb reason) it would be a huge benefit to do it this way.
In the most basic terms, RSA encrypts by this formula:
E(x,e) = xe mod n = y
with
plaintext x
public key e
modulus n
cryptotext y
So by knowing x, e and y, you can actually calculate n with a high probability of success.
The more different x, e and y combinations you have, the higher the probability of success.
Padding makes this a bit more complicated because the plaintext is being changed by the padding algorithm before it is encrypted. But with the right information, this can also be done. After all you aren't looking for the plaintext, but for the modulus and actually have the plaintext. Though you might not have the correct result of xe. But this is still possible, I won't go into detail on that now though. Google can help you out there.
More on Cryptography and the basics here if you are interested
Cryptography - An Introduction (https://otland.net/threads/cryptography-an-introduction.263166/)
In any way, you need certain information and at least some kind of skills and knowledge to execute this. It is not like right clicking and extracting a variable from a program.
Good Luck!
So, it actually depends on if you are trying to find the public or the private key.
Though technically the public key for RSA is mostly the same (being 65537), so you are actually looking for the modulus n
If you wanna find the private key, you have no chance as long as the modulus n >= 1024bit
Encryption is based on basically unsolvable mathematical problems. So you create a problem (usually a prime number problem) that can't be solved without having certain (secret) information.
Now to obfuscated systems and code. People in this community seem to misinterpret what obfuscation is and why you do it.
It simply takes away a huge part of the human readability. It doesn't encrypt.
So depending on the obfuscation, there are different ways to retrieve huge parts of the code as human readable, even though it won't be the exact same code.
In your specific instance, it is a lot easier actually because you are looking for a certain variable.
So again: It depends on the obfuscation.
But google can help you with that.
There is a second way to retrieve the modulus though. But this is very mathematical and you will need to understand how RSA works to do this.
And this also depends a bit on the way OTs in general are using encryption or RSA specifically.
Stick with me and I will go more into detail, though not explain how exactly it would work. RSA is actually not the easiest of all encryptions if used correctly.
If they use textbook RSA and RSA only, it's gonna be pretty simple. Actually if it uses textbook RSA, it's by far not as secure as you might think. Better than nothing though I guess.
Again: I don't even know what I'm doing here, I don't even know how the connection between tibia clients and OTs is handled and I'm too lazy to read into it. Just not worth it.
Now if it uses RSA with a padding algorithm it is a lot more secure, but since you are the one sending the messages, you have access to the plaintext, the cryptotext and the public key (65537, assuming my guess is correct of course). So it is still possible to do, though more compllicated.
Then there is also the possibility it works like SSH and only uses RSA to negotiate an AES key for further communication, which would mean that after some "Smalltalk" between the server and your client, you would actually be using AES instead, which is a much lighter and more efficient encryption. Especially since Tibia actually uses TCP (for some dumb reason) it would be a huge benefit to do it this way.
In the most basic terms, RSA encrypts by this formula:
E(x,e) = xe mod n = y
with
plaintext x
public key e
modulus n
cryptotext y
So by knowing x, e and y, you can actually calculate n with a high probability of success.
The more different x, e and y combinations you have, the higher the probability of success.
Padding makes this a bit more complicated because the plaintext is being changed by the padding algorithm before it is encrypted. But with the right information, this can also be done. After all you aren't looking for the plaintext, but for the modulus and actually have the plaintext. Though you might not have the correct result of xe. But this is still possible, I won't go into detail on that now though. Google can help you out there.
More on Cryptography and the basics here if you are interested
Cryptography - An Introduction (https://otland.net/threads/cryptography-an-introduction.263166/)
In any way, you need certain information and at least some kind of skills and knowledge to execute this. It is not like right clicking and extracting a variable from a program.
Good Luck!
OP
OP
Onimusha
Advanced OT User
Before you continue reading, please understand that I have never worked with OTC and thereby this information is general about those topics and not OTC specific.
So, it actually depends on if you are trying to find the public or the private key.
Though technically the public key for RSA is mostly the same (being 65537), so you are actually looking for the modulus n
If you wanna find the private key, you have no chance as long as the modulus n >= 1024bit
Encryption is based on basically unsolvable mathematical problems. So you create a problem (usually a prime number problem) that can't be solved without having certain (secret) information.
Now to obfuscated systems and code. People in this community seem to misinterpret what obfuscation is and why you do it.
It simply takes away a huge part of the human readability. It doesn't encrypt.
So depending on the obfuscation, there are different ways to retrieve huge parts of the code as human readable, even though it won't be the exact same code.
In your specific instance, it is a lot easier actually because you are looking for a certain variable.
So again: It depends on the obfuscation.
But google can help you with that.
There is a second way to retrieve the modulus though. But this is very mathematical and you will need to understand how RSA works to do this.
And this also depends a bit on the way OTs in general are using encryption or RSA specifically.
Stick with me and I will go more into detail, though not explain how exactly it would work. RSA is actually not the easiest of all encryptions if used correctly.
If they use textbook RSA and RSA only, it's gonna be pretty simple. Actually if it uses textbook RSA, it's by far not as secure as you might think. Better than nothing though I guess.
Again: I don't even know what I'm doing here, I don't even know how the connection between tibia clients and OTs is handled and I'm too lazy to read into it. Just not worth it.
Now if it uses RSA with a padding algorithm it is a lot more secure, but since you are the one sending the messages, you have access to the plaintext, the cryptotext and the public key (65537, assuming my guess is correct of course). So it is still possible to do, though more compllicated.
Then there is also the possibility it works like SSH and only uses RSA to negotiate an AES key for further communication, which would mean that after some "Smalltalk" between the server and your client, you would actually be using AES instead, which is a much lighter and more efficient encryption. Especially since Tibia actually uses TCP (for some dumb reason) it would be a huge benefit to do it this way.
In the most basic terms, RSA encrypts by this formula:
E(x,e) = xe mod n = y
with
plaintext x
public key e
modulus n
cryptotext y
So by knowing x, e and y, you can actually calculate n with a high probability of success.
The more different x, e and y combinations you have, the higher the probability of success.
Padding makes this a bit more complicated because the plaintext is being changed by the padding algorithm before it is encrypted. But with the right information, this can also be done. After all you aren't looking for the plaintext, but for the modulus and actually have the plaintext. Though you might not have the correct result of xe. But this is still possible, I won't go into detail on that now though. Google can help you out there.
More on Cryptography and the basics here if you are interested
Cryptography - An Introduction (https://otland.net/threads/cryptography-an-introduction.263166/)
In any way, you need certain information and at least some kind of skills and knowledge to execute this. It is not like right clicking and extracting a variable from a program.
Good Luck!
thank you for your explanation, it help me a lot but i think i dont have these skils to execute this steps.
Sparkles
snek
OtClient V8 block on serv..
And what you did? Now 2 players are using bot. In next step tibia.dat will be changed, I wonder how you'll deal with that xD So you're challenging me? Nah I'm not interested in files that don't have any unique value xD The point of my previous post was to prove that one person that it'll not...
Merrok
Magic Tomato
- Joined
- Jun 18, 2009
- Messages
- 176
- Solutions
- 7
- Reaction score
- 209
Right or you can just extract it while running from memory.
Why did I ignore that solution
Way less interesting than technological and mathematical ways though
Then again we can start talking about writing and reading in and from memory now. Highly mathematical and technological.
Let's not do that.
Why did I ignore that solution
Way less interesting than technological and mathematical ways though
Then again we can start talking about writing and reading in and from memory now. Highly mathematical and technological.
Let's not do that.
