I have this uuid and I'm interested in finding the information behind it. I have a fair feeling that its a number but I'm not sure where to start to 'decode' it
7da32c8d-1f59-44a2-91b5-ac3a4141fd68
The official reference for this is RFC 4122, which should probably give you enough information to extract data, although you probably shouldn't rely on it too heavily.
And depending on the kind of UUID it is, it may be generated totally from random bits, or be timestamp-based, or be based on the MAC address. So you may be able to get some of that information, but you can't guarantee you can get anything.
If you are looking for a tool then OSSP uuid tool can decode UUIDs. On Debian-based Linux systems you can use apt-get install uuid to install it; for other distributions, the package name might be different.
To decode a UUID, use the -d (decode) flag:
uuid -d AAAAAAAA-BBBB-CCCC-DDDD-FFFFFFFFFFFF
For version 1 UUIDs, this gives the MAC address and timestamp -- since that's what's in a v1 uuid.
Related
I am using a Keygen application (.exe). There are two input fields in it's GUI:
p1 - at least 1 digit, 10 digits max - ^[0-9]{1,10}$
p2 - 12 chars max - uppercase letters/digits/underscores - ^[A-Z0-9_]{0,12}$
Pressing generate button produce a key x.
x - 20 digits exactly - ^[0-9]{20}$
For each pair (p1,p2), there is only one x (in other words: f(p1,p2) = x is a function)
I am interested in it's encryption algorithm.
Is there any way of reverse engineering the algorithm?
I thought of two ways:
decompiling. I used snowman, but the output is too polluted. The decompiled code probably contains non-relevant parts, such as the GUI.
analyzing of input and output. I wonder if there any option to determine the used encryption algorithm by analyzing a set of f(p1,p2) = x results.
As you mentioned, using snowman or some other decompiling tools is probably the way to go.
I doubt you would be able to determine the algorithm just by looking at the input output combinations, since it is possible to write any kind of arbitrary algorithm, that can behave in any way.
Perhaps you could just ask the author what algorithm they're using ?
Unless it's something really simple, I'd rule out your option 2 of trying to figure it out by looking at input and output pairs.
For decompiling / reverse engineering a static binary, you should first determine whether it's a .NET application or something else. If it's written in .NET you can try this for decompilation:
https://www.jetbrains.com/decompiler/
It's really easy to use, unless the binary has been obfuscated.
If the application is not a .NET application, you can try Ghidra and/or Cutter which both has pretty impressive decompilers built in:
https://ghidra-sre.org/
https://cutter.re/
If static code analysis is not enough, you can add a debugger to it. Ghidra and x64dbg work really well together, and can be synced via a plugin installed in both.
If you're new to this, I can recommend both that you look into basic assembler for the x86 platform so you have a general idea of how the CPU works. Another way to get started is "crackme" style challenges from CTF competitions. Often there great write-ups with the solution, so you have both the question and answer available.
Good luck!
Type in p1 and p2. Scan the process for that byte string. Then put a hardware breakpoint for memory access on it. Generate the key, it will hit that hardware breakpoint. Then you have the address which accesses it and start reversing from there in Ghidra(Don't forget to use BASE + OFFSET) since ghidra's output won't have the same base as the running application. The relevant code HAS to access the inputs. So you know where the algorithm is. Since it either directly accesses it, or somewhere within that call chain is accessed relatively fast. Nobody can know without actually seeing the executable.
Is there a way to match terminal/console features with entries in terminfo database?
For example, to find a closest match to Windows console or other type of non-traditional terminal.
There are no online services, so I expect that the problem is non-trivial and it is interesting to know why.
UPDATE: Terminfo database gives a set of features for a known terminal type or name. I am trying to do the reverse task - match features of unknown terminal against existing terminfo entries.
UPDATE2: How it should work...
I select my terminal capabilities from a long list
Matcher finds profiles that are either
2.1. implement all those capabilities exactly with no other capabilities
2.2. implement almost all capabilities exactly with no other capabilities
2.3. implement capabilities exactly with some other capabilities
2.4. implement almost all capabilities and adds some other capabilities
Thanks for your question. Try this, with ncurses package installed:
infocmp | grep _Cap_name_
or
infocmp _terminfo_name_ | grep _Cap_name_
and
infocmp [-d|-c|-n] _wanted_ _have_
infocmp compares the contents of two terminfo terminals, or displays the terminfo entry (binary) as termcap (human readable text)
On my system terminfo(s) are here:
/usr/share/terminfo
/lib/terminfo
I reference _Cap_name_ here at opengroup.org
Because you are on Windows (probably without Cygwin) you may have to manually check the capabilities of the TERMs you expect, and build in workarounds based on that pre-knowledge, but its Windows, so there can't be that many.
TERMINFO=/user/share/terminfo toe
This gets you a list of terminals. If you have control over the server, add a terminfo file yourself, write it as text in either termcap format then convert it or in terminfo info format and then compile it. That way you can start with dummy+linewrap. Or try ansi+idl.
NOTE: I agree with the other comment about using a VT100/VT102 library.
According to your revised OP, again using ncurses library, C you can query the terminal using tget. I am not aware of a way to iterate the capabilities without knowing what they might be before making a call to tget, however I know that it will return 0 for capabilities that return integer values and are not found, eg. cMax = tget("max_colors");.
According to terminfo, when compiling a terminal info configuration, it is possible to provide, (1st) over-rides, (2nd) included terminals, optionally (3rd) excluding included terminals with certain capabilities. This however still requires write access to the target server terminfo database directory, so your resulting terminfo file can be uploaded.
The terminfo database provides both a way for servers to provide a terminal, AND for programs (including remote ones) to interpret a provided terminal.
So far the answer is http://man7.org/linux/man-pages/man5/terminfo.5.html so I will post better results when I get more time.
I have got a PE executable file *.exe (32-bit), which is an small application (2.6Mb) to update firmware software of TV device. However, the update mechanism was only available up to 2013-03-12. I want to hack this executable just for pleasure. I'm trying to find this expiration date in file hexdump using PE Explorer, and replace it by some date in future to make this program work.
I found this article about binary date format:
binary date format
I am trying to find something like this value:
2013-03-xx: 0x713xxxxx
Is this a good approach to solve my task? Any suggestions? Do you know any others tools for hexdump that may be useful?
Best regard,
WP
There are likely a lot of values of the form 0x713xxxxx -- 2.6 MB might be larger than you've thought when you start looking through it more or less at random (you don't actually know that the application uses this date format internally).
The conventional approach to deal with this sort of problem is to use a tool to step through the program, examining the code that is executing, until you find the point where the check occurs. Then simply disable the check so that it always fails -- by altering the date, or simply by altering the code.
A popular tool for stepping through code that you do not control is the Interactive Dissassembler, IDA. You can download a freeware version of it here: https://www.hex-rays.com/products/ida/support/download_freeware.shtml
It might be harder than you think to do what you want, but you'll almost certainly learn a lot by trying.
Be aware of the legal issues you may be getting yourself into by making modifications to someone else's binaries, particularly if you distribute them afterwards.
dumpbin is a good PE parser (but if I were you, I won't do such kind of time stamp hacks :))
So at work, we check computer's specifications, and need to print these in a standard format. I know how to set up a PXE server already, but I was wondering if it were easy to get a program (or write a script) that will check the computer's hardware (processor, memory, hard drive), and print it over the network.
My thoughts are that I can boot a very simple linux os over PXE, and run a script to do the dirty work. However, I'm not sure how to set it up to use a network printer, or which script to use for that matter.
All the computers have the same architecture, (x86), so a single implementation should work for all of them.
I would be inclined to avoid using a printer directly here and use something like scp or netcat to send back the information you discover.
Edit:
There are a number of tools that might help collecting the data itself, depending on what exactly you want to collect. I've found dmidecode to be very useful. Potientally it can tell you the version of the BIOS, memory stick size/speed/locations and quite a lot of very detailed information. It is buggy on some older hardware with broken DMI tables though. lshal, lshw, lspci and lsusb are all fairly common on linux installations and rather useful for these things.
Have a look at GLPI. It's a good open source software used to manage IT tickets, but, it also integrates a IT infrastructure management that could turn our to be useful in your case.
There is a small piece of software to be installed on each remote client (this could be done remotely and silently) and then you can collect a lot of information and match it by IP addresses
We use 'pdsh' to manage our global network. We have a naming convention of hosts that makes the host expression easy to write. So to continue the ls### suggestion to collect the info on a collection of hardware, we would write a command like this:
[root#admin-console ~]# pdsh -R exec -w china-[1-1024] ssh %h lshal > china-lshal-cabinet-01.log
pdsh prefixes the host name to the output lines and as it runs as a concurrent operator the lines will collate. A simple sorting script using the, say "china-[1-1024]:" tag is needed to get them organized. You could also make the pdsh run sequentially by limiting its concurrency but if you are running large configurations you would want the concurrency.
I want to work with a modem interfaced on a serial port on an embedded platform.
Here are some solutions I have rejected so far :
Expect plus a terminal program :
My (cross)build system does not have any package rules for expect, and according to the installation instructions from the expect sources, the configure script needs to be interactive because it does some test with the terminale it is invoked in. Thid does not look like something you want to do when cross compiling.
Python plus pyserial :
I would love to use this, but the size of the whole thing won't fit on my limited flash space.
Chat (from the pppd package):
Well, I may give it a try but it is very, very limited
So I am looking for some sort of lightweight, embeddable expect replacement. I have no knwoledge of lua. Would it be a good candidate for expect like scipting ?
Well, Expect is just Tcl plus extensions to drive other programs via pseudo-terminals and do pattern-matching on the results. If you just want to drive a serial port you can drop the external terminal program and have Tcl drive the serial port directly - see sample code. See also the Tcl Wiki page on cross-compiling.