Re: [NSE + NSELib] Netbios and SMB [stable!]

[Sven Klemm <sven () c3d2 de>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Ron,

|> I got the MD4() stuff working, and it's working well. But I'm having a
|> problem with the DES(), and it's probably my own fault for not knowing
|> OpenSSL well enough. I'm trying to encrypt the string "KGS!@#$%" using
|> the key "part1" (which is a 7-character string). But it's returning
|> 'nil'. Am I doing this wrong, and/or is there a way to tell what I'm
|> doing incorrectly?
|>
|> The 7-character string should have the parity bits set and become a
|> 8-character key, which is used to encrypt the constant string. That's
|> how I understand it to work, anyways.
|>
|> Here's the relevant code:
|>     return openssl.encrypt("DES-ECB", part1, nil, "KGS!@#$%", false)
|>
|> Thanks!
|> Ron
|
| So, I got to the point where it'll return me an encrypted string, that
| was my own fault (wasn't returning the right variable). But I still
| can't get it to encrypt the string the way I want it. Again, this is
| likely due to a lack of my own understanding.

It expects to get an 8-byte string as DES keys are 8 byte but because
of the parity they only have 56 bits of information.

| This is how I do it in C:
|
| -----------------------
| static void password_to_key(const uint8_t password[7], uint8_t key[8])
| {
|     /* make room for parity bits */
|     key[0] =                        (password[0] >> 0);
|     key[1] = ((password[0]) << 7) | (password[1] >> 1);
|     key[2] = ((password[1]) << 6) | (password[2] >> 2);
|     key[3] = ((password[2]) << 5) | (password[3] >> 3);
|     key[5] = ((password[3]) << 4) | (password[4] >> 4);
|     key[5] = ((password[4]) << 3) | (password[5] >> 5);
|     key[6] = ((password[5]) << 2) | (password[6] >> 6);
|     key[7] = ((password[6]) << 1);
| }
|
| static void des(const uint8_t password[7], const uint8_t data[8],
| uint8_t result[])
| {
|     DES_cblock key;
|     DES_key_schedule schedule;
|
|     password_to_key(password, key);
|
|     DES_set_odd_parity(&key);
|     DES_set_key_unchecked(&key, &schedule);
|     DES_ecb_encrypt((DES_cblock*)data, (DES_cblock*)result, &schedule,
| DES_ENCRYPT);
| }
| -----------------------

here is how i did it in lua. The key is already 8 byte with parity.

~  local key = string.char(0x3b,0x38,0x98,0x37,0x15,0x20,0xf7,0x5e)

~  local crypt = openssl.encrypt("des", key, nil, "Hallo du")
~  print( "DES", openssl.decrypt("des", key, nil, crypt ) )

I should probably add a utility function that turns a 7-byte string
into a valid DES key.

Cheers,
Sven


- --
Sven Klemm
http://cthulhu.c3d2.de/~sven/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjpzU4ACgkQevlgTHEIT4Y/nwCeNpf1N8MtLNHCz60YAOlSd58O
cAAAnRf72aChU8e/zNCtYN0FcefN3vbY
=Ij0g
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org