Skip to content

Instantly share code, notes, and snippets.

@JRHeaton

JRHeaton/kbag.c

Created June 20, 2010 04:33
Show Gist options
  • Save JRHeaton/445558 to your computer and use it in GitHub Desktop.
Save JRHeaton/445558 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
kbag.c
#include <sys/mman.h>
#include <stdio.h>
#include <fcntl.h>
#include <stdint.h>
#include <sys/stat.h>
#define IV_SIZE 0x10
#define KEY_SIZE 0x10
int data_is_img3(void *mem) {
uint32_t *data = (uint32_t *)mem;
if(*data != 0x496D6733)
return -1;
return 0;
}
void *get_kbag_addr(void *mem, uint32_t size) {
void *addr = mem;
int i;
for(i=0;i<size;addr++,i++) {
if(*((uint32_t *)addr) == 0x4B424147)
return addr;
}
return NULL;
}
int main(int argc, const char **argv) {
int fd, i;
void *data, *kbag_addr;
if(argc < 2) {
printf("Usage: %s <img3>\n", argv[0]);
return -1;
}
struct stat st;
if(stat(argv[1], &st) != 0) {
printf("Error: file not found\n");
return -1;
}
fd = open(argv[1], O_RDONLY);
if(fd < 0) {
printf("Error: couldn't open file\n");
return -1;
}
data = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
if(data == MAP_FAILED) {
close(fd);
printf("Error: couldn't map file\n");
return -1;
}
if(data_is_img3(data) != 0) {
printf("Error: file isn't a proper img3\n");
close(fd);
munmap(data, st.st_size);
return -1;
}
kbag_addr = get_kbag_addr(data, st.st_size);
kbag_addr += 20; //offset to iv
printf("KBAG offset: %p\n", (void *)(kbag_addr - data)),
printf("IV: ");
for(i=0;i<IV_SIZE;++i) {
printf("%02X", ((uint8_t *)kbag_addr)[i]);
}
printf("\n");
printf("Key: ");
for(i=IV_SIZE;i<(IV_SIZE + KEY_SIZE);++i) {
printf("%02X", ((uint8_t *)kbag_addr)[i]);
}
printf("\n");
close(fd);
munmap(data, st.st_size);
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment