Log inRegister an accountBrowse CSDbHelp & documentationFacts & StatisticsThe forumsAvailable RSS-feeds on CSDbSupport CSDb Commodore 64 Scene Database
 Welcome to our latest new user jmin ! (Registered 2024-02-28) You are not logged in - nap
CSDb User Forums


Forums > C64 Coding > EOR file coders
2008-02-22 04:42
The Shadow

Registered: Oct 2007
Posts: 304
EOR file coders

Someone once told me that it is impossible to open a file which was coded with an EOR coder. With todays machines, is there any conceivable way that an EOR coded file can be placed into a PC and descrambled?
 
... 48 posts hidden. Click here to view all posts....
 
2008-03-05 20:53
MagerValp

Registered: Dec 2001
Posts: 1055
Sadly I haven't had time to work on it. I confirmed that my emulator produces the same output as VICE though, which is good.
2008-03-06 20:35
tlr

Registered: Sep 2003
Posts: 1693
Added another hint...
2008-03-09 08:17
tlr

Registered: Sep 2003
Posts: 1693
I guess most gave up on this so I'm giving the pw this evening unless someone says they are still trying. :)

It's apparent that Ymgve chose a really good strategy for cracking it!
When I got the correct answer reported only 5 hours after release I thought I might had accidentally made the challenge way too easy. ;)
2008-03-09 18:39
tlr

Registered: Sep 2003
Posts: 1693
Posted the answer: Crack me too!
2008-03-10 00:46
Quetzal

Registered: Jul 2002
Posts: 71
Tried brute force attack myself and failed, since searching for #$08 at $0802 gave far too many results to sort through (have just confirmed "2,4" was in my list of results, damn!). Also tried looking for POKE565xx in the decrypted code (for disabling CIA timer), but TLR cleverly hid that, as I suspected when no results were found.
I'll be interested to hear a report from Ymgve as to what his method of attack was.
2008-03-10 05:18
Ymgve

Registered: May 2002
Posts: 84
I actually found it by doing a bit of statistics. One of my ideas was to count the number of digit characters in the first 128 bytes, and then the "2,4" combination showed up with 45 out of 128 bytes being digits.
2008-03-10 09:50
MagerValp

Registered: Dec 2001
Posts: 1055
Nice work Ymgve!

My next step would have been code execution and a breakpoint on the basic SYS command and the error routine, but I didn't have the time to implement it. Would it have worked?
2008-03-10 15:20
Ymgve

Registered: May 2002
Posts: 84
Yeah, detecting changes to the error routine should work. He never actually uses a SYS command. He POKEs a small program into memory, hooks the error message vector, then executes a syntax error. There's also no numbers larger than 3 digits, all addresses are created through obfuscated math.
2008-03-10 17:05
MagerValp

Registered: Dec 2001
Posts: 1055
Nasty! :)
2008-03-10 19:51
tlr

Registered: Sep 2003
Posts: 1693
Quote: Nasty! :)


Thanks. :)

I've added the decrypted payload data for people to check out:
http://noname.c64.org/csdb/getinternalfile.php/55441/payload.prg

One attack vector I thought would be usable was statistics in some form. 6502 instruction statistics for instance.
I tried to make the basic stub hard to identify but the Ymgves digit statistics was a very clever idea... :)
Previous - 1 | 2 | 3 | 4 | 5 | 6 | 7 - Next
RefreshSubscribe to this thread:

You need to be logged in to post in the forum.

Search the forum:
Search   for   in  
All times are CET.
Search CSDb
Advanced
Users Online
t0m3000/ibex-crew
Mythus/Delysid
Knut Clausen/SHAPE/F..
Menace/Spaceballs
jmin
sailor/Triad
Martin Piper
csabanw
-trb-
Guests online: 281
Top Demos
1 Next Level  (9.8)
2 Mojo  (9.7)
3 The Ghost  (9.7)
4 Coma Light 13  (9.7)
5 Edge of Disgrace  (9.6)
6 No Bounds  (9.6)
7 Uncensored  (9.6)
8 Comaland 100%  (9.6)
9 No Sprites  (9.6)
10 Wonderland XIV  (9.6)
Top onefile Demos
1 Party Elk 2  (9.7)
2 Cubic Dream  (9.6)
3 50 Shades of Zardax  (9.6)
4 Rainbow Connection  (9.6)
5 Copper Booze  (9.5)
6 TRSAC, Gabber & Pebe..  (9.5)
7 Onscreen 5k  (9.5)
8 Dawnfall V1.1  (9.5)
9 Daah, Those Acid Pil..  (9.5)
10 Quadrants  (9.5)
Top Groups
1 Nostalgia  (9.4)
2 Booze Design  (9.3)
3 Oxyron  (9.3)
4 Performers  (9.3)
5 Crest  (9.3)
Top Swappers
1 Derbyshire Ram  (10)
2 Jerry  (9.8)
3 Violator  (9.8)
4 Acidchild  (9.7)
5 Starlight  (9.6)

Home - Disclaimer
Copyright © No Name 2001-2024
Page generated in: 0.044 sec.