StrikerMan780, on 17 April 2014 - 12:24 AM, said:
With my growing knowledge of disassembly, I may be able to at least disable the self-destruct/corruption subroutine of whatever program is used to decrypt the files, that way people can take brute-force attempts at the password without worrying about losing anything.
At that rate it might be easier to decouple the payload from the extractor and try to find out more about what kind of encryption it uses, then look for exploits. I personally have qualms with even executing any program that claims to corrupt or delete itself for fear of borking my entire HDD(s).
This is a quote from an email I sent to Joe, where I hypothesized that the archives were zips with passwords:
Quote
Beyond convincing you to release the betas per se, I have confidence I can crack the passwords on any betas which are password-protected. The PKZIP encryption, the only method available [for .zip files] before 2003, was the subject of a research paper. This paper concluded that the encryption could be broken if the user has at least 13 bytes of unencrypted "plaintext". ("Plaintext" is a technical term meaning any unencrypted data, as opposed to "ciphertext".) Following this, at least one tool was created to utilize this technique.
http://www.unix-ag.u...to/pkcrack.html
Using Duke Nukem II as a sample, I successfully decrypted a .zip archive (with the password 33823300c218538c92037a14970a3164) in 40 minutes on a 2004 Pentium 4 using the FILE_ID.DIZ of old as my plaintext. Many Apogee betas have the potential to be cracked using the FILE_ID.DIZ, ORDER.FRM, CATALOG.EXE, and DEICE.EXE files present on so many releases. Beyond that, the betas should be handled on an individual basis. For example, games using the BUILD engine (Duke Nukem 3D, Shadow Warrior, Blood) could be cracked based on the plaintext "Creative Voice File", a heading present in every sound file in those games. Many betas could be cracked using one of the music files depending on the development timeline, such as the Apogee fanfare. Any piece of data at least 13 consecutive bytes long that has remained unchanged for the development cycle could be used.
Even if the plaintext attack fails or no suitable plaintext is found, releasing the archives will prevent permanent loss and allow collaboration to crack them using a brute force method.