Re: decrypting bgt stuff?
I think the problem is that there are two different methodologies at work here. Ethin, when he decrypts BGT data, is taking advantage of flaws in BGT itself. Let me say right out of the gate that I don't know how to do this, and if I did I wouldn't share details. Would I like to know how to decrypt BGT stuff? Well sure, who wouldn't.
Rastislav Kiss, on the other hand, is using what we might call a somewhat modified version of the brute force attack. That is, try every possible key until you get the right one. In a true brute force attack, you don't even worry about having a memory dump of the application, you just try all possible keys of length 1, then all possible keys of length 2, and so on, until you find the right one. Naturally, a brute force attack *WILL* succeed at some point, but it might take hours, weeks, or centuries. By using a memory dump, you can, at least in theory, eliminate those possible keys that aren't in the memory dump from the brute force process. However, you're counting on the fact that you know or can guess the length of the key, and that the developer hasn't done something to either hide the key in plain sight so you'll never find it no matter how many billions of keys you try, or destroy it when they're done with it, presumably before you get your memory dump.
-- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
