USB Logger....

Request a hack or modification here:

So, you need a new wheelchair control for your nephew, someone here can figure it it. Maybe you want ambient lighting for your car to match the music, we've probably got someone here who does that.

No illegal "hacking" requests allowed and we are not responsible for the activities of the users. If you make an arrangement with another user, it is between the two of you.

Re: USB Logger....

Postby NTense » November 22nd, 2011, 10:20 am

Got the hexeditor, but really doesn't make it in any form readable for me.....just a bunch of random stuff.

Later EddieO
NTense
 
Posts: 23
Joined: November 12th, 2011, 11:12 am

Re: USB Logger....

Postby st2000 » November 22nd, 2011, 10:39 am

Got the hexeditor, but really doesn't make it in any form readable for me.....just a bunch of random stuff.


Yeah, I shouldn't have had you go down that path. I'm just saying that that is how many developers "plow" through unknown files. One really needs to know a bit about what to look for when going this way. It's kind-of like... well, you need to kind-of know how to spell a word before you go looking it up in a dictionary.

I don't know if the ASCII option is on by default. But most HEX editors can display the HEX values and the ASCII values side by side. If there is any "plain text" (usually there is some at the beginning of most files (for example a JPEG file starts with JPEG spelled out in ASCII)), you can see the letters w/ASCII turned on.
st2000
 
Posts: 1453
Joined: February 3rd, 2011, 6:10 pm

Re: USB Logger....

Postby NTense » November 22nd, 2011, 11:21 am

I will try that. I am assuming my copy of the file is still encrypted too, so I don't know how to decrypt it, even though we have the key. The LRP file appears to be encrypted too.....but no clue on the key.

Later EddieO
NTense
 
Posts: 23
Joined: November 12th, 2011, 11:12 am

Re: USB Logger....

Postby st2000 » November 22nd, 2011, 12:14 pm

Well, there's no point in looking at it w/a Hex editor if it is encoded. I think the algorithms can be found at nist.gov if you want to go that far. The fact that the key was so easy to find was just bad judgment on the part of the creator. Given a truly random key I suspect the files would still be encoded. Truth of the matter is that given a truly random key, most will not wast time on the encoded file. Instead they will go looking for the key in the code used to decode the file. But that key is supposed to be hidden too.
st2000
 
Posts: 1453
Joined: February 3rd, 2011, 6:10 pm

Re: USB Logger....

Postby NTense » November 22nd, 2011, 2:46 pm

Well, at worst I am gonna learn something..........never messed with encoding stuff.

I did notice the NEO program has a decrypt option. the AES is in the there, but I see no AES-CBC...I tried the 3 AES options, none seemed to really do anything.

I was unable to find the ASCII option you spoke of either....

At this point, since we know the key and such for the novak file, I would love to know how to decrypt it.......and then open it up in something I can at least make a little sense out of....I am positive once I know the languages and such the code is written in, I will be able to spot something in it.

Later EddieO
NTense
 
Posts: 23
Joined: November 12th, 2011, 11:12 am

Re: USB Logger....

Postby st2000 » November 22nd, 2011, 3:23 pm

I was unable to find the ASCII option you spoke of either....


I just opened hex editor neo and clicked new then entered the ASCII code for "0, 1, 2, ..." which would be 30 31 32 ... . I see the hex on the left side and the ASCII on the right side. So ASCII is displayed by default.

I see no AES-CBC


The first nist.gov hit I get when searching for the above is:

http://www.antd.nist.gov/iip_pubs/rfc3602.txt
st2000
 
Posts: 1453
Joined: February 3rd, 2011, 6:10 pm

Re: USB Logger....

Postby NTense » November 22nd, 2011, 3:54 pm

Ok, I am understanding the hex editor now.......you just had to dumb it down for me!:)

I have googled a ton, but have not had much luck finding how to decrypt the file. From all the reading though, I am understanding some stuff. Mainly, the encryption scrambles the information, so hence why when I open the encrypted file in hex editor, the raw data is just spitting out random crap that makes little sense.

So, where does one learn to decrypt. I read that file you posted.......no luck on how to decrypt.

Later EddieO
NTense
 
Posts: 23
Joined: November 12th, 2011, 11:12 am

Re: USB Logger....

Postby st2000 » November 22nd, 2011, 4:39 pm

@NTense, you're going to have to do some work (develop your own google-foo and what not). I have not had the occasion to implement AES-CBC. The last go around I had w/encoding stuff was implementing SHA-1 and SHA-2 based on the examples I found on the nist.gov site. It took about a week to understand the algorithm and write the code. In the end, ti.com had implemented a slightly different version (reads: their own version!) of the SHA encoding scheme which cost me an additional week's work. This stuff isn't easy. BTW, a word of caution, I am not up to speed on current rules, but exporting code that can do this stuff may be considered, well, not legal. Do error on the side of caution.
st2000
 
Posts: 1453
Joined: February 3rd, 2011, 6:10 pm

Re: USB Logger....

Postby NTense » November 22nd, 2011, 10:12 pm

I googled a lot. Not much luck, but gonna ask some friends who may know a thing or two about it.


Later EddieO
Last edited by NTense on December 16th, 2011, 7:47 pm, edited 1 time in total.
NTense
 
Posts: 23
Joined: November 12th, 2011, 11:12 am

Re: USB Logger....

Postby GaspingSpark » November 22nd, 2011, 11:03 pm

@NTense: Sorry I was gone for a few days.

I took a look at the LRP firmware update files. Lots of fun stuff in there SHA-256, RSA, AES. I was able to get a partial decryption, but there is another layer of encryption below that. :( The last layer must be done on the device itself. So, like the Tekin products, there is no way to get the firmware image without knowing what algorithm and key is used by the boot loader.

It was weird looking at their firmware updater. Their convoluted encryption scheme uses RSA to encrypt the AES keys. Normally this is a good thing - you bank uses the same thing to secure your online banking. If done right it prevents anyone from creating a custom firmware image - unless they know the private key. However LRP sends the private key in their updater. Their whole RSA scheme is absolutely pointless! :roll:

As for the Novak firmware I'll email what I have.

To decrypt it I used Python with the PyCrypto extension. To mess with proprietary file formats like this, you often have to write your own code to crack them open. I like Python for this since it is easy for me to quickly code up a file decoder. For tasks like this it's valuable to know some kind of scripting language.

Here is the source for the decryption:

Code: Select all
#Import AES from PyCrypto package
from Crypto.Cipher import AES

#Get AES decryption object
aes = AES.new("1234567890123456",AES.MODE_CBC,"1234567890123456")

#Read the outloada143.rdd file into data
data = file("outloada143.rdd","rb").read()

#Decrypt it into data2
data2 = aes.decrypt(data)

#Save the results
file("decrypted.s19","wb").write(data2)


Result is a Motorola S-Record file. CPU is probably a Freescale S08 series MCU. They make special versions for Brushless motor control. The code doesn't look like their 56 series DSP code - no fixed 24bit instructions.

http://www.freescale.com/webapp/sps/sit ... de=APLBDCM
GaspingSpark
 
Posts: 180
Joined: March 8th, 2011, 10:24 am

PreviousNext

Return to Requests and commissions

Who is online

Users browsing this forum: Bing [Bot] and 1 guest