m0k1 (08-20-2011),matypatty (08-19-2011),se7enthsin (09-25-2011),Xlilzoosk8rX (08-25-2011)
Nexon's public and private key's are one step closer to discovery.Here's a algorithm and some info.With these key's we can run are own lobby's/sign files the same way nexon does.ECDSA Param's are in there,im hoping to get a P.O.C going.....
.signature has problems, re-make with post SSLeay045.....SHA1
ENCRYPTED PRIVATE KEY...PRIVATE KEY.ANY PRIVATE KEY..................$...$.. $...........M...O......................@...`...
PEM part of OpenSSL 0.9.8k 25 Mar 2009..0123456789ABCDEF....C:\src\buildtools\branch es\voon\tmp4x2fne\externals\openssl-0.9.8k\crypto\pem\pem_lib.c.phrase is too short, needs to be at least %d chars..Enter PEM pass phrase:..Proc-Type: 4,...BAD-TYPE....MIC-ONLY....MIC-CLEAR...ENCRYPTED...DEK-Info: ..PKCS #7 SIGNED DATA.TRUSTED CERTIFICATE.X509 CERTIFICATE....-----END ...-----...-----BEGIN .strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf....enc->iv_len <= (int)sizeof(iv)..Proc-Type: .Expecting: .X509_CRL....crl.X509_CRL_INFO...revoked.nextUpdat e..lastUpdate..issuer..X509_REVOKED....extensions. .revocationDate..serialNumber
CERTIFICATE.RSA PRIVATE KEY.RSA PUBLIC KEY..PUBLIC KEY..DSA PRIVATE KEY.DSA PARAMETERS..EC PARAMETERS...EC PRIVATE KEY..DH PARAMETERS...
md4WithRSAEncryption....RSA-MD4.
aes-256-cfb.AES-256-CFB.aes-256-ofb.AES-256-OFB.aes-256-cbc.aes-256-ecb.AES-256-ECB.aes-192-cfb.AES-192-CFB.aes-192-ofb.AES-192-OFB.aes-192-cbc.AES-192-CBC.aes-192-ecb.AES-192-ECB.aes-128-cfb.AES-128-CFB.aes-128-ofb.AES-128-OFB.aes-128-cbc.aes-128-ecb.AES-128-ECB.Microsoft CSP Name..CSPName.ecdsa-with-SHA1.prime256v1..prime239v3..prime239v2..prime239v 1..prime192v3..prime192v2..prime192v1..id-ecPublicKey..characteristic-two-field....prime-field.ANSI X9.62..ansi-X9-62..X509v3 No Revocation Available..
CERTIFICATE.RSA PRIVATE KEY.RSA PUBLIC KEY..PUBLIC KEY..DSA PRIVATE KEY.DSA PARAMETERS..EC PARAMETERS...EC PRIVATE KEY..DH PARAMETERS...memory buffer...
PKEY_USAGE_PERIOD...T........œ,................... ...............œ,.........‰...........lëK..B).‰... ........`ëK..B).........Ä=L.............x=L.Not After: .Not Before: ....decipherOnly....Decipher Only...encipherOnly....Encipher Only...cRLSign.CRL Sign....keyCertSign.Certificate Sign....keyAgreement....Key Agreement...dataEncipherment....Data Encipherment...keyEncipherment.Key Encipherment....nonRepudiation..Non Repudiation.digitalSignature....Digital Signature...objCA...Object Signing CA...emailCA.S/MIME CA...sslCA...SSL CA..reserved....Unused..objsign.Object Signing..server..client..G
%s%02X..%*sKey Id: .%*sAlias: %s....%*sNo Rejected Uses.....%*sRejected Uses:.%*s...%*sNo Trusted Uses......%*sTrusted Uses:.%*s....<EMPTY>.....%*s.%*s<Not Supported>..%*s<Parse Error>....%*s%s...: %s....%*s%s:..Generator (hybrid):.Generator (uncompressed):...Generator (compressed):.%s %s%lu (%s0x%lx)..%s 0.... recommended-private-length: %d bits.....generator:..prime:..Diffie-Hellman-Parameters: (%d bit).....
PKCS7_ATTR_VERIFY...PKCS7_ATTR_SIGN.PKCS7_ATTRIBUT ES....PKCS7_DIGEST....md..PKCS7_ENCRYPT...PKCS7_SI GN_ENVELOPE.PKCS7_ENC_CONTENT...PKCS7_RECIP_INFO.. ..enc_key.key_enc_algor...PKCS7_ENVELOPE..enc_data ....recipientinfo...PKCS7_ISSUER_AND_SERIAL.serial ..PKCS7_SIGNER_INFO...unauth_attr.enc_digest..dige st_enc_alg..auth_attr...digest_alg..issuer_and_ser ial...PKCS7_SIGNED....signer_info.cert....contents ....md_algs.d.encrypted.d.digest....d.signed_and_e nveloped..d.enveloped.d.sign..d.data..d.other
DSA-Parameters: (%d bit)....coefficient:....exponent2:..exponent1:..pr ime2:.prime1:.privateExponent:....publicExponent:. Exponent:...modulus:....Modulus (%d bit):...Private-Key: (%d bit)...G: ...Q: ...P: ...pub: ...priv:...Seed:...Cofactor: ..Order: .B: ...A: ...Prime:..Polynomial:.Basis Type: %s..Field Type: %s..ASN1 OID: %s....ECDSA-Parameters: (%d bit)..X........=).................ðÉ,............. ............Œ........=).................ðÉ,....... ..................ì........=).................ðÉ,. àW,.....................
PKCS8_PRIV_KEY_INFO.pkey....pkeyalg.........
11>...ENUMERATED..REAL....EXTERNAL....OBJECT DESCRIPTOR...OBJECT..OCTET STRING....BIT STRING..INTEGER.BOOLEAN.EOC.%-18s...%2d %-15s...(unknown)...<ASN1 %d>...appl [ %d ].cont [ %d ].priv [ %d ] ....prim: ..cons: ..length is greater than %ld..Error in encoding...BAD ENUMERATED..BAD INTEGER.00..%02X....[HEX DUMP]:.:%d.Bad boolean.....:BAD OBJECT.d=%-2d hl=%ld l=inf ...d=%-2d hl=%ld l=%4ld ...%5ld:.... Public key OCSP hash: ..... Subject OCSP hash: .%02x%s... ... Signature Algorithm: ...Bad time value..%s %2d %02d:%02d:%02d %d%s.. GMT....X509v3 extensions...%12sUnknown Public Key:.....%12sEC Public Key:..%12sDSA Public Key:.....%12sRSA Public Key: (%d bit)....%12sUnable to load Public Key...%12sPublic Key Algorithm: .. Subject Public Key Info:.... Subject:%c... Not After : ... Not Before: .... Validity.... Issuer:%c...%8sSignature Algorithm: ....%02x%c...%12s%s. (Negative). %s%lu (%s0x%lx).... Serial Number:..%8sVersion: %lu (0x%lx)..... Data:...Certificate:....'()+,-./:=?.maxsize=....minsize=..............
Last edited by xx404xx; 08-19-2011 at 01:13 PM.
m0k1 (08-20-2011),matypatty (08-19-2011),se7enthsin (09-25-2011),Xlilzoosk8rX (08-25-2011)
Wth is this?
R.I.P Grandma! 3-17-2012
The Algorithm's for code signing,and it goes hand and hand with nexon's keys.With this we could make full cheat client's,because if we can sign there file's we can make are own custom client's, and maybe even built in aimbot/hack panel's.There is still work to be done though,i still haven't found the key's but the algo is there and i am looking at older ver's for more info.We could do Private server's if we uncovered the key's.
Last edited by xx404xx; 08-19-2011 at 01:25 PM.
Maybe make it neater next time too.
I Read All Of My PM's & VM'sIf you need help with anything, just let me know.
Staff Administrator Since 10.13.2019
Publicist Since 04.04.2015
Middleman Since 04.14.2014
Global Moderator Since 08.01.2013
Premium Since 05.29.2013
Minion+ Since 04.18.2013
Combat Arms Minion Since 12.26.2012
Contributor Since 11.16.2012
Member Since 05.11.2010
maybe you could all understand it and stop complaining.... This makes a lot of sense thanks for the post!
OBrozz (08-20-2011)
This is 100% leeched and Idk how the hell u got it cuz it was posted a month ago in a private Modding section on another forum
combatarmsrager3 (08-21-2011)
Thank you.
Warrock Minion 8-13-2011 - N/AA.V.A Minion since 11-1-11 - 11-12-11
I really don't understand what is this. Could somebody explain this to me in English.
-The Joker.
no this is the C++ language section, would you care to step out? xD
Here is the read key command for opensslPBE-MD2-DES PBE-MD5-DES
These algorithms were included in the original PKCS#5 v1.5 specification. They only offer 56 bits of protection since they both use DES.
PBE-SHA1-RC2-64 PBE-MD2-RC2-64 PBE-MD5-RC2-64 PBE-SHA1-DES
These algorithms are not mentioned in the original PKCS#5 v1.5 specification but they use the same key derivation algorithm and are supported by some software. They are mentioned in PKCS#5 v2.0. They use either 64 bit RC2 or 56 bit DES.
PBE-SHA1-RC4-128 PBE-SHA1-RC4-40 PBE-SHA1-3DES PBE-SHA1-2DES PBE-SHA1-RC2-128 PBE-SHA1-RC2-40
These algorithms use the PKCS#12 password based encryption algorithm and allow strong encryption algorithms like triple DES or 128 bit RC2 to be used.Edit:There's still the Verisign problem also,unless someone happen's to find valid cert's somehow.Read a DER unencrypted PKCS#8 format private key:
openssl pkcs8 -inform DER -nocrypt -in key.der -out key.pem
Edit2:Verisign has been hacked before,and im pretty sure this hash exploit is still out there that would let us generate %100 valid cert's.
https://www.computerworld.com/s/artic...ring_Web_sites
Well first of all how do you think nexon does pming and thing's like that.....The Diffie-Hellman Key Exchange
Public Key
It is also possible to use Diffie–Hellman as part of a public key infrastructure. Alice's public key is simply (ga,g,p). To send her a message Bob chooses a random b, and then sends Alice gb (un-encrypted) together with the message encrypted with symmetric key (ga)b. Only Alice can decrypt the message because only she has a. A preshared public key also prevents man-in-the-middle attacks.
In practice, Diffie–Hellman is not used in this way, with RSA being the dominant public key algorithm. This is largely for historical and commercial reasons, namely that RSA created a Certificate Authority that became Verisign. Diffie–Hellman cannot be used to sign certificates, although the ElGamal and DSA signature algorithms are related to it. However, it is related to MQV, STS and the IKE component of the IPsec protocol suite for securing Internet Protocol communications.
This is not leached.This is an ECDSA fail.I also have the login token if anyone is interested.
This is how long the PKEY is usage period,self explanatory
Oh and btw look at the memory buffer here.PKEY_USAGE_PERIOD...T........œ,................... ...............œ,.........‰...........lëK..B).‰... ........`ëK..B).........Ä=L.............x=L.Not After: .Not Before: ....decipherOnly....Decipher Only...encipherOnly....Encipher Only...cRLSign.CRL Sign....keyCertSign.Certificate Sign....keyAgreement....Key Agreement...dataEncipherment....Data Encipherment...keyEncipherment.Key Encipherment....nonRepudiation..Non Repudiation.digitalSignature....Digital Signature...objCA...Object Signing CA...emailCA.S/MIME CA...sslCA...SSL CA..reserved....Unused..objsign.Object Signing..server..client..G^CERTIFICATE.RSA PRIVATE KEY.RSA PUBLIC KEY..PUBLIC KEY..DSA PRIVATE KEY.DSA PARAMETERS..EC PARAMETERS...EC PRIVATE KEY..DH PARAMETERS...memory buffer...
You will notice ECDSA-PARAMETERS from the blurb above
ECDSA-Parameters: (%d bit)..X........=).................ðÉ,............. ............Œ........=).................ðÉ,....... ..................ì........=).................ðÉ,. àW,.....................
And here it check's if it's revoked,The end goal is to sign are own content, as you can see belowrevoked.nextUpdat e..lastUpdate..issuer..X509_REVOKED....extensions. .revocationDate..serialNumber
PKCS7_ATTR_VERIFY...PKCS7_ATTR_SIGN.PKCS7_ATTRIBUT ES....PKCS7_DIGEST....md..PKCS7_ENCRYPT...PKCS7_SI GN_ENVELOPE.PKCS7_ENC_CONTENT...PKCS7_RECIP_INFO.. ..enc_key.key_enc_algor...PKCS7_ENVELOPE..enc_data ....recipientinfo...PKCS7_ISSUER_AND_SERIAL.serial ..PKCS7_SIGNER_INFO...unauth_attr.enc_digest..dige st_enc_alg..auth_attr...digest_alg..issuer_and_ser ial...PKCS7_SIGNED....signer_info.cert....contents ....md_algs.d.encrypted.d.digest....d.signed_and_e nveloped..d.enveloped.d.sign..d.data..d.other
Last edited by xx404xx; 08-21-2011 at 10:21 AM.
This is really interesting, good luck.