From Collaborative RCE Tool Library

Jump to: navigation, search

Crypto Tools


Tool name: Keygener Assistant
Rating: 5.0 (1 vote)
Author: Mr Paradox + Prince                        
Website: www.at4re.com
Current version: Keygener Assistant V1.0 Beta
Last updated: September 11, 2009
Direct D/L link: Locally archived copy
License type: Free
Description: <nowiki>Keygener Assistant Version 1.0 Beta Release


[ Descreption ]

Keygener Assistant is a good tool that combines several functions
to facilitate the task and save time during the analysis of an algorithm


[ Operations ]


+ BigNumbers Calculator
+ Conversion & Encoding
+ Hashing & CheckSum Calculator
+ Cryptography Operations
+ Hash & Crypto detector
+ System Information & System outils

[ Functions ]
Also listed in: (Not listed in any other category)
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: SnD Reverser Tool
Rating: 5.0 (1 vote)
Author: Loki & PuNkDuDe                        
Website: http://www.tuts4you.com/forum/index.php?showtopic=13596
Current version: 1.4 Final
Last updated: May 2008
Direct D/L link: N/A
License type: Freeware
Description: A crypto utility tool, with many features.

Hashes include:
+ Adler32
+ Crc16, Crc32, Crc32b, Crc16ccitt
+ GOST
+ Panama
+ MD2, MD4, MD5
+ SHA0, SHA1,SHA256, SHA384, SHA512
+ RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320
+ SNEFRU
+ Tiger
+ Whirlpool
+ HAVAL 128/160/192/240/256 with 3/4/5 rounds

Encryptions:
+ Blowfish
+ Twofish
+ RC2, RC4, RC5, RC6
+ TEA, xTEA, xxTEA
+ UUCode & XXCode
+ AES/Rijndael
+ Cast128, Cast256
+ DES, Triple DES, DESNew
+ Mars
+ Skipjack

Base Conversions include:
+ Base2(Binary)
+ Base10(Decimal)
+ Base16(Hexadecimal)
+ Base32
+ Base64
+ hex input to Base32
+ hex input to Base64

Other Functions:
+ URLEncode and URLDecode
+ Reverse String
+ Uppercase
+ Lowercase
+ String ROT
+ String XOR
+ Caesar Bruteforce


Misc Tools:
+ PE File Crypto Scanner
+ Disabled Control
+ Flexible Hash Bruteforcer
+ Memo Tool (to keep track of current workings)
+ 512bit Calculator
+ Hash modification for hashes with dword sized initialisation vectors.


History:
--------

02.05.08 : SND Reverser Tool 1.4 Final : Public Release
Functions:
+ CRC16ccitt (Thanks UFO-Pu55y)
+ GOST Hash (Thanks UFO-Pu55y)
+ Panama Hash (Thanks UFO-Pu55y)
+ SNEFRU 128/256 Hashes (4/8 Rounds) (Thanks UFO-Pu55y)
+ URLEncode and URLDecode
Options:
+ Cleaned up the options menu
+ Autostrip spaces from input
+ Autostrip non hex chars from input
+ Autostrip non alpha numeric chars from input
+ Read Input as Hex
+ Read Key as Hex
+ Display Output as Hex
+ Display Output in Uppercase
+ Display Output if Unicode (thanks Sub Zer0)
+ Deep Red Colour Scheme
Fixes:
* thanks to syk071c who reported and then fixed a bug in the Blowfish encryption.
* fixed a further issue with Blowfish only encrypting/decrypting the first block of data.
* fixed crash with UUDecode when entering a single byte (thanks UFO-Pu55y).
* fixed crash in 512bit calculator when trying to bswap an empty input (thanks HVC)
* changed bruteforcer status field from DISABLED to READONLY to allow copying of solution (thanks ChupaChu)
Tools:
+ updated the crypto scanner tool to use updated signatures and engine as in the Olly/Immunity Plugins.
+ added "Export to .txt" and "Export as IDC" options to the crypto scanner (thanks HVC)
(and also thanks to kanal's writers whom the idea is obviously taken from)
* fixed minor cosmetic bugs in the crypto scanner (thanks HVC)
+ added ADLER32 initialisation vector to the hash modification tool.
+ added CRC16 initialisation vector to the hash modification tool.
+ added CRC16ccitt initialisation vector to the hash modification tool.
+ added CRC32 initialisation vector to the hash modification tool.
+ added CRC32b initialisation vector to the hash modification tool.
+ added GOST hash initialisation vectors to the hash modification tool.
+ added HAVAL hash initialisation vectors to the hash modification tool.
+ added PANAMA hash initialisation vectors to the hash modification tool.
+ added SHA384 hash initialisation vectors to the hash modification tool (implemented as 32bit vectors).
+ added SHA512hash initialisation vectors to the hash modification tool (implemented as 32bit vectors).
+ added SNEFRU hash initialisation vectors to the hash modification tool.
+ added TIGER hash initialisation vectors to the hash modification tool (implemented as 32bit vectors).
+ added WHIRLPOOL hash initialisation vectors to the hash modification tool (implemented as 32bit vectors).
+ added GOST to the hash brute force tool.
+ added PANAMA to the hash brute force tool.
+ added RIPEMD320 to the hash brute force tool.
+ added SHA384 to the hash brute force tool.
+ added SHA512 to the hash brute force tool.
+ added TIGER to the hash brute force tool.
+ added WHIRLPOOL to the hash brute force tool.


14.03.08 : SND Reverser Tool 1.4beta2 : Public Release
New Functions:
+ Panama Hash (Thanks UFO-Pu55y)
+ GOST Hash (Thanks UFO-Pu55y)
Fixes
* thanks to syk071c who reported and then fixed a bug in the Blowfish encryption.
* fixed crash with UUDecode when entering a single byte (thanks UFO-Pu55y for the report).
* fixed crash in 512bit calculator when trying to bswap an empty input.


18.01.08 : SND Reverser Tool 1.3 : Public Release
Fixes:
* minor bug fixes for the public build.


17.01.2008 : SND Reverser Tool 1.2.2 : Private Release
New Tools:
+ Improved Flexible Hash Bruteforcer
+ Added basic hash modification code for hashes with dword sized initialisation vectors. Others may
follow later if we get requests to include them.


11.01.2008 : SND Reverser Tool 1.2.1 : Private Release
New Tools:
+ Flexible Hash Bruteforcer


20.09.2007 : SND Reverser Tool 1.2 : Public Release
New Tools:
+ Memo Tool (to keep track of current workings)
+ 512bit Calculator


06.09.2007 : SND Reverser Tool 1.1 : Public Release
Fixes:
* Removed alpha blend option to enable the tool on Win98


29.08.2007 : SND Reverser Tool 1.0 : Public Release
+ minimise to tray option
+ minor GUI changes and fixes
Also listed in: (Not listed in any other category)
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: ECCTool
Rating: 0.0 (0 votes)
Author: readyu                        
Website: http://www.tuts4you.com/download.php?view.2306
Current version: 1.02
Last updated: July 6, 2008
Direct D/L link: Locally archived copy
License type: Free
Description: Main fuctions:
1.generate curvers, computer np/order;
2.trap small ecdlp (< 64 bits), using kangaroo method;
3.generate keypairs.
4.ECDSA/ECNR sign/verify.

Support curves:
1. support curve bits: 32-1024;
2. support elliptic curve over GF(p);
3. support elliptic curve over GF(2^m), with irreducible ploy:
Trinomial: f(t)=t^m + t^a + 1,
Pentanomial: f(t) = t^m + t^a + t^b + t^c + 1
4. support NIST-recommended elliptic curves.
Also listed in: (Not listed in any other category)
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Hash & Crypto Detector
Rating: 0.0 (0 votes)
Author: Mr Paradox / AT4RE                        
Website: http://www.at4re.com
Current version: 1.1
Last updated: February 7, 2009
Direct D/L link: Locally archived copy
License type: Free
Description: * HCD detects most common Hash & crypto Algorithmes and compilers for PE files.
* It can currently detect more than 90 different signatures .
* HCD is special in some aspects when compared to other identifiers already out there!

############################################################################################

1. It has a superb GUI and the interface is really intuitive and simple.
2. The rate of detection is very good.
3. Shell integration, Command line support.
4. Always on top And Drag'n'Drop capabilities.
5. Extra scanning techniques used for even better detections.
6. Total Scan able to find duplicate signatures and determine the location VA.
7. Save Log allows you to choose the place of keeping or copying the result.
Also listed in: (Not listed in any other category)
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: SnD Crypto Scanner (Olly/Immunity Plugin)
Rating: 0.0 (0 votes)
Author: Loki                        
Website: http://tuts4you.com/forum/index.php?showtopic=15447
Current version: 0.5 (beta)
Last updated: March 30, 2008
Direct D/L link: N/A
License type: Freeware
Description: A scanner for crypto signatures as an Olly/Immunity Plugin:

(Following text from the forum thread)
Been coding this for a while and now kinda got bored with it so releasing it as a beta. Sure I'll go back to it again later... just need to do something else now.

Hopefully you will find this useful - the advantage of having it as a plugin means that breakpoints can easily be set where required, and signatures can be located quickly.


Setting Breakpoints:
The buttons try and use a little bit (not much :P) intelligence when setting breakpoints. In the data section, "hardware on access" or "memory access" breakpoints are set on the specific VA referenced. In the code section, a 'hardware on execution' breakpoint is set at the beginning of the disassembled line the referenced dword is on. Hope that makes a little sense :)


Limitations:
Signatures are either made up of dwords or byte sequences. This gives 2 main weaknesses:
- some algorithms use similar dwords, distinguishing between them is not always simple.
- the algorithm finds the first instance of a given dword in a signature. If you have code which has multiple algorithms which use some of the same dwords, the referenced VA will always point to the first instance in the file.

Without doing some in depth analysis, its impossible to determine which algorithm uses a specific instance of a dword. This tool is therefore only going to make analysis a little easier, not do it for you.


Future Development:
Currently the plugin uses the plugin API to get the current file name and then reads it into allocated memory. It does not read memory inside Olly. This means packed files will need to be unpacked and the unpacked instance debugged. In future I plan to give an option to either scan the file or memory (perhaps even a specified memory range).

If you have an idea for development, want to add signatures or just want to tell me how crap this is, please go for it :)
Also listed in: OllyDbg Extensions
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)


RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.


Retrieved from "http://www.woodmann.com/collaborative/tools/index.php/Category:Crypto_Tools"



Views
Category Navigation Tree
RCE Tools
   Categorized by Target Type  (176)
   Categorized by Tool Type  (973)
   Anti Anti Test Tools  (15)
   Assemblers  (15)
   Code Coverage Tools  (12)
   Code Injection Tools  (32)
   Code Ripping Tools  (2)
   Crypto Tools  (5)
   Data Extraction Tools  (19)
   Debuggers  (42)
   Decompilers  (20)
   Deobfuscation Tools  (11)
   Dependency Analyzer Tools  (5)
   Diff Tools  (29)
   Disassemblers  (45)
   Dongle Analysis Tools  (24)
   Exe Analyzers  (31)
   Firefox Extensions  (1)
   GUI Manipulation Tools  (15)
   Hardware Reversing Tools  (24)
   Hex Editors  (12)
   IDA Signature Creation Tools  (5)
   Kernel Tools  (12)
   Memory Data Tracing Tools  (6)
   Memory Patchers  (3)
   Memory Search Tools  (7)
   Monitoring Tools  (110)
   Network Tools  (15)
   PE Executable Editors  (78)
   Packers  (16)
   Patch Packaging Tools  (7)
   Profiler Tools  (10)
   Programming Libraries  (31)
   Regular Expression Tools  (3)
   Resource Editors  (11)
   Reverse Engineering Frameworks  (7)
   Source Code Tools  (11)
   String Finders  (5)
   Symbol Tools  (11)
   System Information Extraction Tools  (7)
   Technical PoC Tools  (7)
   Test and Sandbox Environments  (16)
   Tool Extensions  (135)
   Tool Hiding Tools  (5)
   Tool Signatures  (21)
   Tracers  (17)
   Unpacking Tools  (58)
   Needs New Category  (1)