Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hack PIX 501's PDM.SGZ!

Status
Not open for further replies.
outlooker

outlooker

Technical User
Jun 23, 2004
6
0
0
CA
Hi there.

AfterI downloaded PDM-304.bin, I found in the bin there is file structure, I wrote a simple C route, extracted some files.

There is ieloader.cab and 2 of *loader.jar which are for different browsers, the main function seems to load a PDM.SGZ file 1.79MB,a GZIP .class bundle.

My question is any one have experience in java to read these java code,I could send the java code and PDM.sgz to anyone who would like to tell me if is possible to further extract .class from PDM.SGZ

As I believe the license algorithm is in these .class.

voip_administrator@hotmail.com


 
Sort by date Sort by votes
Sounds interesting, however feature licenses on the pix platform are done by getting a new activation key, i seriously doubt that the algorithm for creating a new one is embedded in some java code in the pdm....not that it can't be cracked, but i don't see why the java code would need to be able to do that.

Network Systems Engineer
CCNA/CQS/CCSP/Infosec
Check the danish Cisco CSA Forum here :
 
Upvote 0 Downvote
Hi,
Usually, When you input a new license key, the system have to verify it before active it. C or assambler is not good at dealing string, if you look into some license verifying DLL, you can see a lot sscanf, sprintf, and "%s%s%%...".

So with 8MB it is hardly for CISCO to add DES,RSA,MD5,SHA and etc. and there is RSA, and MD5 algorithm in java code.and java is poerful at string function, so I think when you input a new license, it could be java which verify the license.

Normally, license consists MAC, active ports, functions, expiration information, and part of verfify code(Be it part of MD5, SHA1, RSA and DES,usually there is public key comes with installation code),when you input a new license, it first check if its format is valid, then using hash function to get the rest part, if same as given then active it.

As llong as one get the verify alogrithm, he can make a license anywhere.



 
Upvote 0 Downvote
ya, i realise that if you can figure out how the validation works you can use that. But i actually didn't think that the pdm does that.....the pix can validate the activation key itself so why put it in the pdm as well ?

Network Systems Engineer
CCNA/CQS/CCSP/Infosec
Check the danish Cisco CSA Forum here :
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

2
  • Question
Neighbor Hack
Replies
2
Views
259
27Astrid
2
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
35
xwray
xwray
Sparrow4
  • Locked
  • Question
AnyConnect + Azure + SAML
Replies
0
Views
98
Sparrow4
Sparrow4
salanje87
  • Locked
  • Question
Block Broadcast storming.
Replies
3
Views
114
hairlessupportmonkey
hairlessupportmonkey
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
42
brownmab53
brownmab53

Part and Inventory Search

Sponsor

Back
Top