Jump to content
Tuts 4 You

AES Finder

Recommended Posts






Edited by whoknows (see edit history)
  • Like 1
Link to post

ARTeam or some other group use to have a tool that just found static lib code that you could BP the call stack for and get keys..

Link to post

It seems this only works because of the way AES key scheduling works.  In other words a 128 bit key for example will always generate 11 round keys.  So it works by taking every 128 bits of a memory dump, and checking if the following data matches what would be the generated 11 round keys in the 128 bit case.  This will only work if the memory to hold the AES key and its key scheduler data is contiguous and is not reused/freed after use.  Which is probably most often the case, but not always...

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...