The Bat! got keygened

Quote:

Originally Posted by CyberGhost

http://en.wikipedia.org/wiki/Elliptic_Curve_DSA

And its key has a length of 800 bits.

The Bat! has NID_sect163k1 curve (NIST curve over a 163 bit prime field). I saw a maximum recommended 571 bit prime field. Never heard of 800 bit keys when it comes to Elliptic Curves.

[rangga]

Is SeVeN think that exetools members has not enough persion for get his method?

for user that got download problem:

_http://rapidshare.com/files/273086254/The.Bat_.v4.2.9.1_KEYGEN-FFF.zip.html

[ajron]

It's amazing . Some years ago I wrote keygens for TheBat 2 and 3, but I have used my own private key to generate licence and replace original public key with mine. I attach source code of tbkg3 (it's history). The algorithm is in keygen.cpp.

[o_o]

Really impressive feat.
Anyone already tried to reverse the keygen?

[kubik]

Quote:

Originally Posted by o_o

Really impressive feat.
Anyone already tried to reverse the keygen?

Main problem is search of private key ECDSA. Coding keygen isn't too hard. Reversing of keygen will not help.

[berry]

It's great. But if can crack the password of rar file would be greater.

[MaRKuS-DJM]

seems EDCSA isn't secure anymore... anyone know about (public) holes? didn't read any news about it.

[tofu-sensei]

aren't fff famous for stealing private keys off webservers?

[nanobit]

well, D-Jester did a little research. see them here:
ECDSA Books
The Insecurity of the Elliptic Curve Digital Signature Algorithm with Partially Known Nonces

[tofu-sensei]

Quote:

Originally Posted by nanobit

well, D-Jester did a little research. see them here:
ECDSA Books
The Insecurity of the Elliptic Curve Digital Signature Algorithm with Partially Known Nonces

these are hardly relevant, though.

[Asus]

LND can do almost FlexLM with some experience reversers Legends Never Die

[arlequim]

Quote:

Originally Posted by Asus

LND can do almost FlexLM with some experience reversers Legends Never Die

thanks for reply but i think that is not right, because LND cracks Pro/Engineer with license.dat + patch, and this is not really *pure* keygening

[merfy]

keygen by FFF works 100% with version 4.2.12.4
_http://narod.ru/disk/12146877000/The.Bat!.v4.2.9.1_KEYGEN-FFF.zip.html
_http://rapidshare.com/files/309364279/The.Bat_.v4.2.12.4_KEYGEN-FFF.zip

[dirkmill]

Quote:

Originally Posted by arlequim

I'm thinking ... SeVen will be able to keygen CRO 239 bits (120 chars ECC) Flexlm target licenses??? Atm LND and ZWT cant do that, or not?

If FFF/SeVen did indeed break ECDSA on sect163k1 they should (in theory) be able to generate licenses with LM_STRENGTH_163BIT considering the following from the flexlm headers

Code:

#define LM_PUBKEY_CURVE113BIT 	sect113r1
#define LM_PUBKEY_CURVE163BIT 	ec163a02  // (a.k.a  sect163k1)
#define LM_PUBKEY_CURVE239BIT 	ec239a03  // (a.k.a. sect239k1)

IMHO it is much more likely that Rarlabs made a poor choice of privkey/pubkey or have other implementation problems whereas
Macrovision/Acresso/Flexera bought their ECC/ECDSA-implementation from Certicom, a respected(?) company dealing exclusively in high security software products...

So to answer your question: I personally don't think we are going to see keygenned flexlm CRO/TRL SIGN2 licenses anytime soon ...

cheers,
dirkmill

[arlequim]

Hello Dirkmill, thanks for reply.
After this result we can compare SeVen with other great keygeners on the past like Dimedrol. But i think you right, probably the choice of WinRAR keys is really poor. Cracking of FlexLM CRO protected applications will be harder of course, maybe it is impossible today. But who knows, freaks of nature (like Se7en) are ready to attack. We will see, alto this is another history.
Bye!