Initial commit

.gitignore

@@ -0,0 +1,2 @@
+.vs/*
+out/*

CMakeLists.txt

@@ -0,0 +1,28 @@
+cmake_minimum_required (VERSION 3.8)
+project("ddon_common_key_bruteforce")
+
+
+if (CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
+  if (CMAKE_CXX_COMPILER_FRONTEND_VARIANT STREQUAL "MSVC")
+    message(FATAL_ERROR "Cannot be compiled clang-cl due to https://github.com/p-ranav/argparse/issues/136." )
+  endif()
+endif()
+
+
+set(CMAKE_CXX_STANDARD 17)
+set(CMAKE_CXX_STANDARD_REQUIRED ON)
+set(CMAKE_CXX_EXTENSIONS ON)
+
+# Set MSVC optimization flags
+if(MSVC)
+	set(CMAKE_CXX_FLAGS "/O2 /Oi /Ot /Oy /EHsc")
+endif()
+
+add_executable(ddon_common_key_bruteforce
+	src/seeded_xorshift_128.hpp
+	src/ctpl_stl.h
+	src/camellia.h
+	src/camellia.c
+	src/argparse.hpp
+	src/main.cpp
+)

CMakeSettings.json

@@ -0,0 +1,40 @@
+{
+  "configurations": [
+    {
+      "name": "x64-Debug (default)",
+      "generator": "Ninja",
+      "configurationType": "Debug",
+      "inheritEnvironments": [ "msvc_x64_x64" ],
+      "buildRoot": "${projectDir}\\out\\build\\${name}",
+      "installRoot": "${projectDir}\\out\\install\\${name}",
+      "cmakeCommandArgs": "",
+      "buildCommandArgs": "",
+      "ctestCommandArgs": "",
+      "variables": []
+    },
+    {
+      "name": "x64-Clang-Release",
+      "generator": "Ninja",
+      "configurationType": "Release",
+      "buildRoot": "${projectDir}\\out\\build\\${name}",
+      "installRoot": "${projectDir}\\out\\install\\${name}",
+      "cmakeCommandArgs": "",
+      "buildCommandArgs": "",
+      "ctestCommandArgs": "",
+      "inheritEnvironments": [ "clang_cl_x64_x64" ],
+      "variables": []
+    },
+    {
+      "name": "x64-Release",
+      "generator": "Ninja",
+      "configurationType": "RelWithDebInfo",
+      "buildRoot": "${projectDir}\\out\\build\\${name}",
+      "installRoot": "${projectDir}\\out\\install\\${name}",
+      "cmakeCommandArgs": "",
+      "buildCommandArgs": "",
+      "ctestCommandArgs": "",
+      "inheritEnvironments": [ "msvc_x64_x64" ],
+      "variables": []
+    }
+  ]
+}

README.md

@@ -0,0 +1,40 @@
+# ddon_common_key_bruteforce
+Tool for bruteforcing the Camellia key used in the DDON Login Server <-> Client exchange. This works by seeding the PRNG by interating over each millisecond, generating a large depth of crypto key characters for that PRNG state, and then attempting to decrypt the provided ciphertext and checking against a know crib value (the `L2C_CLIENT_CHALLENGE_RES` packet header).
+
+This has been optimized as much as I reasonably could (parallel processing, inlining, etc). However, profiling shows that ~90% of CPU time is spent within the NTT Camellia implement's keygen and block decrypt method. If speed ends up being an issue for some packet captures, we may need to move over to an optimized Camellia implementation that uses AES-NI & AVX. Such as implementation within the Linux kernel or libgcrypt.
+
+## Usage
+1. Take the third packet from a Login Server <-> Client exchange.
+2. Remove the size prefix bytes (`0060`), then take the next 16 bytes.
+3. Run `ddon_common_key_bruteforce [16 byte ciphertext as hex]`
+
+```
+> ddon_common_key_bruteforce fb3340b47214cc1e53e6d8e6652ef038
+
+Starting bruteforcer with 8 threads. Progress will be reported periodically.
+Progress: 0/86400000ms (0 work-seconds)
+Progress: 8000/86400000ms (8 work-seconds)
+Progress: 16000/86400000ms (16 work-seconds)
+Progress: 24000/86400000ms (24 work-seconds)
+Found match at ms26242, i:237, key: hREUMreQsowZisof2tBCtXrXUvcvqVUv
+Found key, exiting.
+```
+
+## Help
+```
+Usage: ddon_common_key_bruteforce [options] payload
+
+Positional arguments:
+payload         The payload to be bruteforced against.
+                This should be first 16 bytes of the second packet sent from the login server (do not include the 0060 prefix)
+
+Optional arguments:
+-h --help       shows help message and exits
+-v --version    prints version information and exits
+--start_second  Start of PRNG seed range (in seconds) [default: 0]
+--end_second    End of PRNG seed range (in seconds) [default: 86400]
+--key_depth     How many key chars are generated per millisecond that is bruteforced [default: 1024]
+--thread_limit  Maximum amount of CPU threads used for bruteforcing
+```
+
+