Skip to content

AES setup hooking and key dumping made simple with RE::Tools.

Notifications You must be signed in to change notification settings

GHFear/re-tools

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 

Repository files navigation

RE::Tools

This project was made to make it easier to reverse engineer C code and to make it easier to dump AES keys from the most used AES crypt libraries.

Supported AES libs:
UE5 Type: https://github.com/EpicGames/UnrealEngine/blob/5.3/Engine/Source/Runtime/Core/Private/Misc/AES.cpp
UE4 Type: https://github.com/EpicGames/UnrealEngine/blob/4.27/Engine/Source/Runtime/Core/Private/Misc/AES.cpp
cryptoPP type: https://github.com/weidai11/cryptopp/blob/master/rijndael.cpp
openssl version < 3.0: https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/crypto/aes/aes_core.c
matt-wu type: https://github.com/matt-wu/AES/blob/master/rijndael.c
libgcrypt/GnuPG type: https://github.com/Chronic-Dev/libgcrypt/blob/master/cipher/rijndael.c

Use IDA, Ghidra, Cutter or Binary Ninja and binary search for the first 8 bytes of the Te, Td or rcon arrays and then xref those to find the AES setup functions.
Includes dxgi proxy loading and Minhook as external tools.

/GHFear

About

AES setup hooking and key dumping made simple with RE::Tools.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published