#### hwd45

##### Well-known member

- Joined
- Aug 7, 2007

- Messages
- 658

- Reaction score
- 523

It's been less than a day since my last update - normally I'd just edit my last post but I feel like it might be worth bumping the thread for this update.

Unless I'm mistaken... I've figured out how the checksum works in the V3 passwords, thus cracking the algorithm.

There's still more to understand - with this I'm only capable of generating half the allowed password combinations (which is still obviously more than is necessary, so it's not really a big deal) due to that one variable which, when turned on, seems to make everything more difficult. I think, after this most recent revelation, it should be easier to figure out, though.

Recall that there's a five-byte structure to the passwords, which we'll represent as follows:

BYTE_5 | BYTE_4 | BYTE_3 | BYTE_2 | BYTE_1

For now we'll set BYTE_5 to zero to make things a bit easier. Recall also that a username constant is XOR'd onto this structure - for now we'll pretend we've already XOR'd out this username factor so the username is no longer affecting the password. Since BYTE_5 is zero, we get the following password structure, just by the nature of how these passwords work:

0 | BYTE_4 | BYTE_3 | BYTE_2 | 199

BYTE_2 = ITEM_ID XOR 70

BYTE_3 may be any integer from 0 to 255

BYTE_4 may be the checksum?

That random 70 was definitely raising my eyebrows and when adding together all of the bytes I noticed that the result I got most of the time was exactly 140 away from 256, a power of two. So I tried XORing out a couple 70s here and there:

0 | BYTE_4 | BYTE_3 | BYTE_2 | 199

XOR

0 | 70 | 70 | 70 | 70

=

0 | BYTE_4 XOR 70 | BYTE_3 XOR 70 | ITEM_ID | 129

This seems like it's in a format that would make more sense for the password decoder to read - the item ID can now just be read out instead of needing to apply a random 70 to it. It should also be noted that BYTE_3 XOR 70 is once again just another integer from 0 to 255 so we can consider this the random element (if you'd like a more technical definition, the XOR 70 operator is a bijective function on the set of integers from 0 to 255 to itself). We'll notate BYTE_3 XOR 70 as just "RAND" and BYTE_4 XOR 70 as "CHECK". Here's the breakthrough:

129 + ITEM_ID + RAND + CHECK = 0 mod 256

Hence,

CHECK = 127 - ITEM_ID - RAND mod 256

A slightly unusual checksum, but it makes a certain amount of sense. To verify the checksum, all the device would need to do is add the four bytes together and check that they equal zero (mod 256).

I have a generator spreadsheet ready for those who want to generate passwords using this now, but I'd prefer to get it into a more accessible state, so I'm writing up some javascript for this purpose instead. I'm also considering creating a sort of EnWarehouse-like program for this purpose too, once I figure out some of the other password systems as well.

I'll get the script out as soon as possible. Thanks to all those who have helped me on this journey!

---

EDIT: I've embedded the script into this page: https://hazzabobbo.wixsite.com/mamemamelabs/password-generator

The presentation is a bit sloppy for now but it's something I'm working on! There'll probably be some item IDs which don't work so any feedback is helpful.

Unless I'm mistaken... I've figured out how the checksum works in the V3 passwords, thus cracking the algorithm.

There's still more to understand - with this I'm only capable of generating half the allowed password combinations (which is still obviously more than is necessary, so it's not really a big deal) due to that one variable which, when turned on, seems to make everything more difficult. I think, after this most recent revelation, it should be easier to figure out, though.

Recall that there's a five-byte structure to the passwords, which we'll represent as follows:

BYTE_5 | BYTE_4 | BYTE_3 | BYTE_2 | BYTE_1

For now we'll set BYTE_5 to zero to make things a bit easier. Recall also that a username constant is XOR'd onto this structure - for now we'll pretend we've already XOR'd out this username factor so the username is no longer affecting the password. Since BYTE_5 is zero, we get the following password structure, just by the nature of how these passwords work:

0 | BYTE_4 | BYTE_3 | BYTE_2 | 199

BYTE_2 = ITEM_ID XOR 70

BYTE_3 may be any integer from 0 to 255

BYTE_4 may be the checksum?

That random 70 was definitely raising my eyebrows and when adding together all of the bytes I noticed that the result I got most of the time was exactly 140 away from 256, a power of two. So I tried XORing out a couple 70s here and there:

0 | BYTE_4 | BYTE_3 | BYTE_2 | 199

XOR

0 | 70 | 70 | 70 | 70

=

0 | BYTE_4 XOR 70 | BYTE_3 XOR 70 | ITEM_ID | 129

This seems like it's in a format that would make more sense for the password decoder to read - the item ID can now just be read out instead of needing to apply a random 70 to it. It should also be noted that BYTE_3 XOR 70 is once again just another integer from 0 to 255 so we can consider this the random element (if you'd like a more technical definition, the XOR 70 operator is a bijective function on the set of integers from 0 to 255 to itself). We'll notate BYTE_3 XOR 70 as just "RAND" and BYTE_4 XOR 70 as "CHECK". Here's the breakthrough:

129 + ITEM_ID + RAND + CHECK = 0 mod 256

Hence,

CHECK = 127 - ITEM_ID - RAND mod 256

A slightly unusual checksum, but it makes a certain amount of sense. To verify the checksum, all the device would need to do is add the four bytes together and check that they equal zero (mod 256).

I have a generator spreadsheet ready for those who want to generate passwords using this now, but I'd prefer to get it into a more accessible state, so I'm writing up some javascript for this purpose instead. I'm also considering creating a sort of EnWarehouse-like program for this purpose too, once I figure out some of the other password systems as well.

I'll get the script out as soon as possible. Thanks to all those who have helped me on this journey!

---

EDIT: I've embedded the script into this page: https://hazzabobbo.wixsite.com/mamemamelabs/password-generator

The presentation is a bit sloppy for now but it's something I'm working on! There'll probably be some item IDs which don't work so any feedback is helpful.

Last edited by a moderator: