Archive for the Category: reverse engineering

Reverse-engineering Lyric file format – handling encryption with a known plaintext attack

This article explains how to reverse-engineer file formats by using what is called a known plaintext attack. This is a kind of attack when an attacker has an ability to pass the plaintext to the oracle (in our case the enryption algorithm) and receive back the encrypted text, and do it as many times as […]

Comments Off on Reverse-engineering Lyric file format – handling encryption with a known plaintext attack

Reverse-engineering the EMZ karaoke format, or watch out the API calls

Worked on adding support for the EMZ karaoke format to the Karaoke Player application, and would like to share another good reverse-engineering technique. EMZ is a Karaoke format similar to the old Karafun, based on a password-protected ZIP archive. Unlike Karafun, the password is not embedded into the archive, but is derived from a some […]

Also posted in Uncategorized 2 Comments

Breaking the one-time pad encryption

Following up the second week task for the excellent Cryptography course by Prof. Jonathan Katz at Coursera, and took the second programming assignment. This time it is about breaking the one-time pad encryption when the code was reused, and more than one ciphertext is intercepted. Again, the suggested approach required too much manual work, and […]

Comments Off on Breaking the one-time pad encryption

Breaking the Vigenere cipher

I have signed up for the excellent Cryptography course by Prof. Jonathan Katz at Coursera, and took the first programming assignment which was about breaking the Vigenere cipher. The instructor explained one of the ways to do it, and recommended to rely on letter distribution in English. But while the suggested approach was interesting, I […]

10 Comments

Reverse-engineering the KaraFun file format. Part 4, the encryption

So far all the files we have seen were not encrypted. However some users pointed out there are KFN files which are encrypted. While the encrypted files were still analysed and dumped properly, the output files were encrypted and hence unusable. But the users also confirmed that KaraFun player plays those files just fine, and does […]

Also posted in android 25 Comments

Reverse-engineering the KaraFun file format. Part 3, the Song.ini file

This is quite simple. We look at the song.ini file and it is obvious immediately where the text and the timing information is as those are the only lines with enough numbers.

Also posted in android 1 Comment

Reverse-engineering the KaraFun file format. Part 2, the directory

In the first part we found out the header format, and that it does not provide us with the directory location. However we know there must be a directory, as the KaraFun application must know where exactly in a file the files are stored, and how large are they. At minimum there should be the directory […]

Also posted in android Comments Off on Reverse-engineering the KaraFun file format. Part 2, the directory

Reverse-engineering the KaraFun file format. Part 1, the header

Several of our users have expressed disappointment that our Ulduzsoft Karaoke Player for Android does not support the popular KaraFun Karaoke format. This format seem to be very popular in some countries, and unfortunately there seem to be no player on Android capable of playing those files. Even the KaraFun Android application does not play those files […]

Also posted in android 11 Comments