Decoding the 90s: Cryptography in Early Software Development (2023)
a year ago
- #DOS
- #reverse-engineering
- #cryptography
- The blog post details the reverse engineering of QText, a DOS-era Hebrew-English word processor, to recover lost passcodes from encrypted documents.
- Initial analysis revealed the passcode was short (4 characters, uppercase letters and numbers), and the encryption was rudimentary with no salt, making brute-forcing feasible.
- The encryption key was found to be embedded in the document header, leading to a focus on reverse engineering the key derivation algorithm.
- The team used DOSBOX and IDA Free 5.0 for reverse engineering, encountering challenges with Turbo Pascal overlays and DOS MZ executables packed with PKZip.
- A key expansion function was identified, which involved a permutation process and a static bitmap to validate byte values.
- The permutation function was reversible, allowing the team to decompose the key and narrow down possible passcodes using constraints on valid characters and key structure.
- A Python script was developed to automate the decomposition and validation process, efficiently recovering the original passcode.