Obtain mystery.zip from the textbook website and extract the Windows executable mystery.exe. As mentioned in Problem 7, part e, the program contains code that generates a valid serial number...


Obtain mystery.zip from the textbook website and extract the Windows executable mystery.exe. As mentioned in Problem 7, part e, the program contains code that generates a valid serial number corresponding to any valid username. Such an algorithm is known as a key generator, or simply a keygen. If Trudy has a functioning copy of the keygen algorithm, she can generate an unlimited number of valid username/serial number pairs. In principle, it would be possible for Trudy to analyze a keygen algorithm and write her own (functionally equivalent) standalone keygen program from scratch. However, keygen algorithms are generally complex, making such an attack difficult in practice. But all is not lost (at least from Trudy's perspective). It is often possible—and relatively simple—to "rip" the keygen algorithm from a program. That is, an attacker can extract the assembly code representing the keygen algorithm and embed it directly in a C program, thereby creating a standalone keygen utility, without having to understand the details of the algorithm.


a. Rip the keygen algorithm from mystery.exe, that is, extract the keygen assembly code and use it directly in your own standalone keygen program. Your program must take any valid username as input and produce the corresponding valid serial number. Hint: In Visual C++ assembly code can be embedded directly in a C program by using the asm directive. You may need to initialize certain register values to make the ripped code function correctly.


b. Use your program from part a to generate a serial number for the username markkram. Verify that your serial number is correct by testing it in the original mystery. exe program.

Dec 22, 2021
SOLUTION.PDF

Get Answer To This Question

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here