Checksum?

[maggus23]

I have an iPhone app with .json files which store data, a META-O file, and a crc file.
Whenever I change values in the json files, and run the app, it gives me an error saying data files have been compromised.
The crc file has this:

Code: Select all

CheckSum=4d696c61343332

Can you reverse engineer this and remove the checksum so you can edit anything?

[not_essence2]

Hmm.... I'm not sure, but checksum sure sounds like it's coming from a hash, and hashes are one-way functions (they can't be reverse engineered even if you knew how to hash it). Checksums are basically files full of hashes of all the programs you have (they take the program, break it down into bits and bytes, and use an algorithm to "hash" it) and use that as a checksum. If you change the files, the hash of those files will be different, and the computer finds out when it checks the file's hash against the hash it has stored of the file in its proper format, and the hash is different, so it knows that someone changed the files. Unless you can change the hashes it uses to check for compromised programs, not much can be done. (Yes, you could remove the program altogether, but that isn't really the way you want to go, takes too much time and you'll break the law, even if you just change the hashes, I believe)

[pertti123]

I don't know anything about iPhones, but maybe you could change the json file the way you want to and additionally, add something to it, so that the original crc and the new crc of the json file are the same. If the crc is calculated based on the json file. Here's an example Perl script what I'm after.

Code: Select all

#!/usr/bin/perl
use warnings;
use strict;
use JSON;
use Digest::CRC qw/crc16/;

# original json { "a": 1 }, we try to get { "a": 2, something... } with
# same crc16 as original
my $json_hash = { a => 1 };
my $json = encode_json($json_hash);
my $crc_orig = crc16($json);
$json_hash->{a} = 2;
$json_hash->{b} = 0;

my $new_json = encode_json($json_hash);
while ($crc_orig != crc16($new_json)) {
    $json_hash->{b}++;
    $new_json = encode_json($json_hash);
}

printf "new json: %s\noriginal crc: %x - new crc: %x\n",
    $new_json, $crc_orig, crc16($new_json);


Finding a colliding crc, took 23 seconds on my machine, but this method might not be feasible though, as there are more bits on your iPhone's crc than in my example. And this won't work if the app does some kind of strict json schema check. Or maybe the additional change could be just adding whitespace to the file.