CRC32 Mpeg校验和不匹配?

时间:2015-10-07 18:43:12

标签: encryption checksum crc mpeg crc32

我一直在尝试对crc32校验和进行逆向工程。我无法访问原始的J#代码,因为它已编译并反编译它没有帮助。我通过reveng运行了10个有效负载,返回:

  

width = 32 poly = 0x04c11db7 init = 0xFFFFFFFF refin = false refout = false xorout = 0x00000000 check = 0x0376e6e7 name =“CRC-32 / MPEG-2”

我尝试通过两个不同的python库运行包,甚至构建了一个objective-c算法来尝试获取已知的校验和。重新创建都相互匹配,但它们与原始校验和不匹配。有什么想法吗?

以下是原始和计算的crc32校验和:

original  -> calculated

1.  0x99c93052 -> 0x13bc2c5c
2.  0xb5cea403 -> 0x1fd00c8e
3.  0xc7e4f40c -> 0xf9698bd6
4.  0xabe5ad28 -> 0x6be300d6
5.  0x2dacbf16 -> 0x43b2c356
6.  0xf321c2E9 -> 0xacb5981a
7.  0x01430cb6 -> 0x2f9e64ee
8.  0xa1028afb -> 0x44c7182b
9.  0xe73118e6 -> 0xd6c1ffa5
10. 0x5f366305 -> 0x84961d17

赞赏任何和所有建议!

修改

根据请求,这里是原始有效载荷及其CRC-32 / MPEG-2校验和及其计算的校验和:

1. Payload = d3b09900005500005469746c653a090954657374207469746c652020202020202020202020202020202020202020202020202020202020200a4172746973743a09095465737420617274697374202020202020202020202020202020202020200a43443a0909095465737420434420202020202020202020202020202020202020202020200a4c6162656c3a0954657374204c626c202000
   Orig = 0xf9297a54
   Calc = 0xebcc0d91
2. Payload = d3b09900004300005469746c653a090954657374207469746c652032202020202020202020202020202020202020202020202020202020200a4172746973743a09095465737420617274697374202020202020202020202020202020202020200a43443a0909095465737420434420202020202020202020202020202020202020202020200a4c6162656c3a0954657374204c626c202000
   Orig = 0xb518dad0
   Calc = 0x45e4e895
3. Payload = d3b09900004300005469746c653a090954657374207469746c652033202020202020202020202020202020202020202020202020202020200a4172746973743a09095465737420617274697374202020202020202020202020202020202020200a43443a0909095465737420434420202020202020202020202020202020202020202020200a4c6162656c3a0954657374204c626c202000
   Orig = 0xe367073b
   Calc = 0x5db5800c
4. Payload = d3b09900004300005469746c653a090954657374207469746c652034202020202020202020202020202020202020202020202020202020200a4172746973743a09095465737420617274697374202020202020202020202020202020202020200a43443a0909095465737420434420202020202020202020202020202020202020202020200a4c6162656c3a0954657374204c626c202000
   Orig = 0x44d90b1d
   Calc = 0x14039bc3

这是我计算这些校验和的一种方法(尽管pycrc和我实现的Objective-c代码都给出了相同的结果):

>>> import crcmod.predefined
>>> s = 'd3b09900004300005469746c653a090954657374207469746c652034202020202020202020202020202020202020202020202020202020200a4172746973743a09095465737420617274697374202020202020202020202020202020202020200a43443a0909095465737420434420202020202020202020202020202020202020202020200a4c6162656c3a0954657374204c626c202000'
>>> crc32_func = crcmod.predefined.mkCrcFun('crc-32-mpeg')
>>> print hex(crc32_func(s))
0x14039bc3

上面的代码使用了有效负载示例4.如您所见,计算出的校验和(0x14039bc3)与有效负载附带的原始校验和(0x44d90b1d)不匹配。

1 个答案:

答案 0 :(得分:0)

所以事实证明只是传递十六进制作为一个字符串不会通过python库crcmod.得到正确的校验和它也不会采用bytearray,这似乎是一个更可能的方式计算准确的校验和。您需要做的是将bytearray作为缓冲区传递,然后计算正确的校验和。

使用问题中的示例:

>>> import crcmod.predefined
>>> s = 'd3b09900004300005469746c653a090954657374207469746c652034202020202020202020202020202020202020202020202020202020200a4172746973743a09095465737420617274697374202020202020202020202020202020202020200a43443a0909095465737420434420202020202020202020202020202020202020202020200a4c6162656c3a0954657374204c626c202000'
>>> h = s.decode("hex")
>>> b = bytearray(h)
>>> crc32_func = crcmod.predefined.mkCrcFun('crc-32-mpeg')
>>> print hex(crc32_func(buffer(b)))
0x44d90b1d

所以你有它。主要是我不知道如何计算CRC校验和的计算方法。希望这最终会帮助别人。

相关问题
最新问题