[prog] Update on that reengineering problem

Elizabeth Barham lizzy at soggytrousers.net
Tue May 27 13:38:06 EST 2003


Meredydd writes:

> So. The algorithm I need to replicate takes an eight-byte challenge
> and returns a sixteen-byte response. From past experience, it is
> likely to make heavy use of MD5 hashing. It may or may not be
> related to the known algorithm (as was, in fact, it was identical):

Have you tried using the SHA1 hash function instead of MD5?

> - Append challenge to constant string
> - Take hash of the above, append that to another constant string
> - Send hash of the above as response

In your next message, you gave (my comments in brackets; please
correct):

MSN_chat2:

#1: 11 93 b7 b5 6d a2 d7 3a [server->client]
-->	1a db 94 96 a6 1a bf 82 1e 79 44 b0  38 c3 29 9d  [client->server]

#2: 34 e7 54 af 3e  59 02 f8 [server->client]
-->	b5 5c 5c 7a  9f 32 6f 0c 9d 34 cd 78 7a 3c b0 c7 af [client->server]

MSN_chat3:

#1: 9a 8f 35 35 9e 28 78 4e [server->client]
-->	4f 16 79 e6 7f e7 56 10  2a 0b 55 6c b6 3d 35 b4 [client->server]

#2: de 45 c1 e2 8e 26 75 db [server->client]
-->	a5 9e e4 1a  bf 2d cd c7 13 09 8b ad 24 53 74 02 [client->server]

I'm not clear on what #1 and #2 are, or are they two different
servers? Are either of these the constant string you wrote about? I'd
like to duplicate the md5 hash'd response of MSN_chat2 just to get a
feel for it.

Also, I had difficulty parsing the libpcap file with tcpdump:

# tcpdump -F MSN_chat3.libpcap 
tcpdump: illegal char 'Ô'

Should I use another method?

Also, retrieving MSN_chat2.libpcap results in an ERROR 403: Forbidden
from here.

Elizabeth


More information about the Programming mailing list