-
Notifications
You must be signed in to change notification settings - Fork 276
Would you please create a writeup as to what you had to defeat in order to get chromeRSAPrivateKey? #14
Comments
I am considering to write such a write up in the future, not promising though. But basically, after deobfuscating the control flow and translating the algorithm to python, I begun substituting complex operations with simpler but mathematically equivalent operations, eliminating redundant tables and numbers along the way. |
@tomer8007 can't do a write up because he didn't reverse this, I did. The original Python implementation of the whiteboxed RSA attached. All he has done is steal my work and dumb it down further to the original exponent, which is a pointless exercise anyway. This whitebox is produced in-house by Google, and variants of it have been used on other Widevine libraries. Of course they know anything like this will be reversed, it's not meant to be secure that is why Chrome can only do 720p or SD at places. All making this public has done is: "Here's a thing, it wont work long term, I can't explain how I did it and it's just here to prove something everybody already knew." - tomer8007 Did this for fun... Had known what my work would become. Would have ever done it. |
Well, it is at least true that I wasn't sure that Arxan really made the whitebox RSA algorithm. |
@therealchrome join our discord server |
@therealchrome is it possible to speak with you regarding this work? Вы русский?? |
@tomer8007 𝗴𝗲𝘁 𝗲𝘅𝗽𝗼𝘀𝗲𝗱 𝗽𝗶𝗲𝗰𝗲 𝗼𝗳 𝘀𝗵𝗶𝘁 |
He's far from a piece of shit. Bright dude. We have no idea who actually designed this code. Neither do you. |
𝒚𝒆𝒔 , 𝒔𝒖𝒏𝒏𝒙𝒕-𝒅𝒍 𝒑𝒍𝒛𝒛 𝒄𝒓𝒆𝒂𝒕𝒆 𝒕𝒐𝒐𝒍 𝒇𝒐𝒓 𝒎𝒆 𝒅𝒐𝒘𝒍𝒐𝒂𝒅 𝒉𝒆𝒓𝒆 𝒊𝒏 𝒊𝒏𝒅𝒊𝒂 𝒃𝒂𝒏𝒈𝒂𝒍𝒊 |
I completely agree, this kind of thing should not be made public. |
i need you to work with us in some company with benefit good thank you |
@tomer8007 can you share the "m" value? |
// Extracted by applying some mathematical tricks to Arxan's white-box algorithm
That's not a good enough explanation for a lot of us :)
For those of us who don't have the time to reverse the DLL ourselves, a writeup describing what obfuscation was actually used in the most popular DRM module is quite interesting.
Since you were generous enough to create this repo, perhaps you'll be kind enough to create this writeup as well :)
The text was updated successfully, but these errors were encountered: