Friday, 28 March 2014

rsakeyfind compiling (make)

Hello all,

I have a fix for you today. This is for anyone interested in obtaining cached RSA keys (the type used in drive encryption) off memory dumps. The paper describing the experiments I am conducting can be found here. The authors of this paper also wrote some software to pull possible keys from memory dumps. When I attempted to compile the rsakeyfind software on Kali Linux 1.0.6 (kernel version 3.12-kali1-amd64), I got these errors:

root@tsec:/home/tsbarras/Desktop/rsakeyfind# make
g++ -Wall -O4   -c -o rsakeyfind.o rsakeyfind.cpp
rsakeyfind.cpp: In function ‘void FindKeys(unsigned char*, int, unsigned char*, int, bool)’:
rsakeyfind.cpp:98:46: error: ‘memcmp’ was not declared in this scope
rsakeyfind.cpp: In function ‘int GetHexByte(int)’:
rsakeyfind.cpp:141:26: error: ‘read’ was not declared in this scope
rsakeyfind.cpp:144:28: error: ‘read’ was not declared in this scope
rsakeyfind.cpp: In function ‘unsigned char* ReadModulus(char*, unsigned int&)’:
rsakeyfind.cpp:173:11: error: ‘close’ was not declared in this scope
make: *** [rsakeyfind.o] Error 1


Luckily, there was a C programmer in my class who helped me out with this so shout-outs to him!

The solution is to add the appropriate header files which are missing. Here is the solution:

// RSAKeyFinder 1.0 (2008-07-18)
// By Nadia Heninger and J. Alex Halderman

#include <fcntl.h>
#include <stdlib.h>
#include <stdio.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <string>
#include <string.h>
#include <iostream>
#include <fstream>
#include <unistd.h>

1 comment :