Is there any routine to reverse engineer cryptographic algorithms?


#1

Hi everybody !

I wonder if you have any tips, trick and / or routine to reverse engineer encryption algorithms used by iOS (or other) applications.

Since we can hook and inspect class’s method at runtime I think it could be easier for us. For example we could read and / or change input to make tests, set breakpoints with lldb, etc.

Let’s imagine you have an API with many tokens to understand, where would you start ? Do you have any tips, any routine ?

Best,

Babbu.


#2

Not much.
Still, if the code is purely written in C without external function calls you can try use unicorn engine to emulate them and completely save your ass from all the trouble


#3

Hey Zhang, thanks for answer. Could you give me more detail about how and why you would use Unicorn ? Regarding their repo:

Unicorn is a lightweight, multi-platform, multi-architecture CPU emulator framework based on QEMU.

Do you have any kind of “attack strategy” in mind?


#4

for emulating functions where I dont bother reversing step by step.
For your use case(Judging by the history of english speaking users here,you are probably reversing instagram), this probably isn’t a very feasible option.

I’d say divide the target function by tokens and use callstack to see how each token is implemented, then finally add everything together


#5

It’s not really for Instagram but more generally speaking :wink:

Ok ! Thanks for your hints ! :slight_smile: