Common HowTo

# Keygen sony vaio bios password

## Keygen sony vaio bios password

Sony has a line of laptops ("Vaio") which compete mainly in the high value market segments. They implemented a master password bypass which is rather sane in comparison to the rest of the bunch. The randomly generated master password is only stored in RAM, e.g. it's lost after the next reboot ("one time password. RSA is used for encrypting the password which is then converted to a human-readable form (4x4 characters/8 bytes/64 bits. Their customer support apparently allows for one free password generation per device which is pretty decent by the industry standard. Dogbert claims he was able to factor the password used to encrypt the OTP key because Sony used a key lenght of 64bits. And did this using an unoptimized python implementation of a general number sieve in less than a minute. I was not aware that such small key length was even possible for RSA (I think pycrypto will not allow anything below 1024. With a key (D63K-XFVF-TK7H-RJKX) and a password (43878945) is it really that easy to figure out the scheme used? How should I approach the problem. First of all, RSA works for any size modulus. 10 bits, 32 bits, 64 bits, 1 million bits. I'm having a hard time seeing exactly what the question is. You are given the key (D63K-XFVF-TK7H-RJKX). Is that key the RSA key? That key then encrypts the password (43878945)? Or is that key the result of encrypting the password with RSA? – mikeazo 2 days ago. @mikeazo: it is a challenge-response theft protection. Type the wrong password 3 times and you will be presented the 16 character challenge. You call Sony customer support, fax them a proof of purchase and based on the challenge they will give you a password. You can't brute-force it because it changes every time. @Schwartz: of course, Dogbert disassembled the Sony Vaio BIOS and got the public key! Calculating the private key was the easy step. I was not thinking like a hardware hacker, thanks. asked May 4 '12 at 4:26. I think that number OTP 4x4 XXX-XXXX-XXXX-XXXX is in Base64 Alphabet, so convert this to Decimal and you have a big Integer. Factorize, and you'll obtain a couple of primes numbers, with which you can to generate a public and private key. With those keys, using the Euler law (RSA Encryption base) you can decipher the password. answered Dec 11 '13 at 20:55. I doubt its Base64, since that would require two non-alphanumeric characters ($26*2+10=62$), and would be case sensitive. Seems much more likely to be encoded within the 36 letters+numbers in some way. Also, not convinced your approach will work: what do you think the challenge encodes? It sounds like you think the challenge is the RSA modulus, in which case how would you get the public/private key from it? Just knowing $\varphi(n)$ doesn t tell you anything about $d,e$. figlesquidge Dec 12 '13 at 10:39. 2017 Stack Exchange, Inc.

PREVIOUS   NEXT