To resurrect an ancient thread, due to the increased traffic on the list
lately, I played a bit with trying to crack PBL 5.1 last night.

Otaku mentions (over here [1]) that he believes the key is 392 bytes long
and he gives the hash. What's interesting is in the mail from Cliff
mentioned below, he says that the signature is SHA256 and the key is the
first two or three sentences of the King James Bible ("In the beginning was
the word" - so start of John), and looking at the King James version of
John, the first 6 sentences make exactly 392 bytes:

"1 In the beginning was the Word, and the Word was with God, and the Word
was God. 2 The same was in the beginning with God. 3 All things were made
by him; and without him was not any thing made that was made. 4 In him was
life; and the life was the light of men. 5 And the light shineth in
darkness; and the darkness comprehended it not. 6 There was a man sent from
God, whose name was John."

However, piping this through sha256sum I cannot get the same hash. I have
tried various permutations, newlines at the end of the sentences, periods
in different places, tabs after the numbers, before the numbers, changing
everything to lower case or upper case, feeding the whole thing in
backwards, feeding each line in backwards, changing the endianess of the
data, changing ascii encoding (character page) and various combinations of
those. I am not sure if a tool like hashcat could be used to try and crack
it more systematically by using permutations of the information we have,
but the tool seems quite complex and 392 bytes is a very long key. Also, it
is possible that I should actually be looking at the New King James Bible,
or that Cliff actually meant to refer to the old testament. or maybe it's
only 3 sentences of some version, but in UTF16? God knows... hehe

Anyway, thought I'd mention it in case anyone else has any bright ideas or
wants to have a go.

[1] http://www.earth.li/pipermail/e3-hacking/2008-January/000795.html

On Wed, 17 Oct 2012 at 13:58, Edward Robbins <edd.robb...@googlemail.com>
wrote:

> > Cliff Lawson, the creator of the Emailer family, might know who owns the
> > rights and how to go about contacting them.  I'll send you his email
> > address off-list.  If they are effectively bricks without the Amstrad
> > infrastructure support then he may like to see them getting some use by
> > being opened up more.
> >
>
> I emailed Cliff Lawson (thanks for the
> contact Ralph) and he does indeed seem willing to help. He gave me
> some information about how the images are signed in PBL 5.1! He says:
>
> "all I can tell you is that the signature I added uses SHA256 and the
> key is the first two or three sentences of the King James Bible ("In
> the beginning was the word...").
> ...
> note that SHA256 like all hashses (MD5 etc) is sensitive to every last
> space and bit of punctuation so even if you get the words right if you
> miss a comma or a semi-colon it will not sign. Again I forget the
> exact details but I did it very like CHAP authentication so first the
> "key" and then the bytes of the image are passed through the hash and
> then I cannot remember if the SHA256 hash output was then put in the
> header or a footer to the image and the PBL also has the key built in
> (actually I think it may be held like a module in Nand) it passes that
> then the delivered data through an SHA256 and only if it gets the same
> hash does it unlock the flash programming routines."
>
>
>
_______________________________________________
e3-hacking mailing list
e3-hacking@earth.li
https://www.earth.li/mailman/listinfo/e3-hacking

Reply via email to