用于生成代码的识别算法
如何确定使用什么算法来生成代码? 常见的开源算法和更困难的自定义未发布算法? 例如,这里有一个示例...
x3vbhzcouy
g3zy453f4
srix1gtvri
3ewnubic5vz
4bu9ksba6yj
r1u3rxfd82n
fs30bew9eq
b8gr8w5f3
tz6t998ulr
ycd1zued
oizyviwv
7w6eownv0
s15zxpid9uoo
u8is4ulxm
bqg0c50luq
pqpwn6ty3
我将如何确定使用什么算法来生成这样的代码,从而能够使用相同的算法生成我自己的代码?
How would one identify what algorithm is used to generate codes with? Both common, open source ones, and the more difficult, custom unpublished algorithms? For example here are a sample...
x3vbhzcouy
g3zy453f4
srix1gtvri
3ewnubic5vz
4bu9ksba6yj
r1u3rxfd82n
fs30bew9eq
b8gr8w5f3
tz6t998ulr
ycd1zued
oizyviwv
7w6eownv0
s15zxpid9uoo
u8is4ulxm
bqg0c50luq
pqpwn6ty3
How would I go about identifying what algorithm is used to generate codes like this and thus be able to generate my own using the same algorithm??
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(7)
您的样本显然是由我自己的、困难的、定制的未发布的算法生成的。 这本书太难了,而且还没有出版,甚至连名字都没有……
Your sample was obviously generated by my own, difficult, custom unpublished algorithm. It is so difficult and custom unpublished, it doesn't even have a name...
这并不容易。 如果您有未加密和加密的示例,您可以测试多种算法并尝试匹配。
即使对于相对简单的加密算法,统计方法在确定加密技术方面也不是很有用。 一些较差的实现可能在文件中具有可用于确定加密技术的标头。
识别加密算法(没有提示)的最有效方法通常是解密文件。 相关技术“超出了本文的范围”,但本质上您将尝试使用几种流行的加密技术的一堆密码,使用快捷方式(例如流行的密码,测试文件的一小部分等)
That's not easy. If you have an unencrypted and encrypted sample, you could test several algorithms and try for a match.
Even for relatively simple encryption algorithms, statistical methods are not very useful in determining the encryption technique. Some poor implementations may have a header in the file that can be used to determine the encryption technique.
The most efficient way to identify an encryption algorithm (with no hints) is usually to decrypt the file. Techniques for that are "beyond the scope of this paper," but essentially you would try a bunch of passwords with several popular encryption techniques, using shortcuts (such as popular passwords, testing a small portion of the file, etc.)
就像其他人所说的那样,这很难知道,但是您可以对一些提示进行视觉分析,并通过足够大的样本缩小可能性并从那里开始工作,例如:
等等...
不要假设这些代码是加密的,它们可以用不同的基数(例如 base64)或 rot13 进行编码,或者使用某种校验位算法进行计算,例如 Luhn、ISBN、Verhoeff 等。
Like others have said it's difficult to know, however you can do a visual analysis for some hints and with a big enough sample narrow the possibilities and work from there, for example:
And so on...
Don't assume that the codes are cryptographic, they can be encoded in different bases (like base64) or rot13 for example, or be computed with some sort of check digit algorithm, for example Luhn, ISBN, Verhoeff, etc.
解决问题的关键是了解代码验证的条件。 如果代码是随机生成的,并由您无权访问的第三方验证(例如预付费电话卡、在线游戏的时间码卡等),您就完蛋了。
The key to your problem is knowing the conditions the codes are validated against. If the codes are generated randomly and validated by a third party you don't have access to (e.g. prepaid phone cards, timecode cards for online games, etc.) you are screwed.
理解代码算法是一个庞大而复杂的主题。 政府各部门都致力于这项任务。
为了成功理解特定代码,需要了解该代码的使用。 您获得的具体知识越多,您的机会就越大。 某些类型的知识包括:
任何/所有这些都会有所帮助。
要了解其中涉及的内容,请查找或购买应用密码学的副本。
Understanding code algorithms is a large and complex subject. Whole departments of governments are dedicated to this task.
In order to succeed at understanding a specific code requires knowledge of the use of that code. The more specific knowledge you can gain, the better your chances. Some types of knowledge include:
Any/all of these will help.
To get an idea of what is involved, find or buy a copy of Applied Cryptography.
如果这真的是一份恶魔邀请列表,那么即使你知道如何制作一个也没关系。 他们不太可能只是测试邀请代码是否与特定模式匹配。 他们可能使用算法生成它们,然后将它们存储在数据库中。
因此,即使您制作了一些,它们也不会出现在数据库中。
If this is really a list of demonoid invites, it wouldn't even matter if you figured out how to make one. It's not likely they just test if the invite code matches a particular pattern. They probably generate them using the algorithm and then store them in the database.
So even if you make some, they won't be in their DB already.
这并不容易。 如果您有读取代码的程序,您可以尝试弄清楚该程序是如何工作的,这为您提供了如何创建该程序想要的代码的线索。 请参阅此处。
如果您只有代码,但没有读取它们的程序,那么您就进入了密码学。
在最坏的情况下,它们只是一系列随机的字节,您没有希望创建自己的字节。 如果您购买了某个活动的门票,上面就会有一个代码。 此代码由售票系统记录,因此可以验证门票。 创建自己的门票的唯一方法是随机生成数据,希望你能幸运。 (或者产生无穷多个,最终一定有一个是正确的!)
It's not easy. If you have the program that reads the code, you can try to figure out how the program works, which gives you clues to how to create a code that the program wants. See here.
If you simply have the codes but not the program that reads them, you are getting into cryptography.
In the worst case, they are just a random series of bytes, and you have no hope of creating your own. This is what you would have if you buy a ticket to an event, and there is a code on it. This code is recorded by the system that sold the ticket, so the ticket can be validated. The only way to create your own ticket would be to randomly generate data, and hope you get lucky. (Or generate an infinite number, eventually one will have to be right!)