Giters

GHFear / re-tools

AES setup hooking and key dumping made simple with RE::Tools.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

RE::Tools

This project was made to make it easier to reverse engineer C code and to make it easier to dump AES keys from the most used AES crypt libraries.

Supported AES libs:
UE5 Type: https://github.com/EpicGames/UnrealEngine/blob/5.3/Engine/Source/Runtime/Core/Private/Misc/AES.cpp
UE4 Type: https://github.com/EpicGames/UnrealEngine/blob/4.27/Engine/Source/Runtime/Core/Private/Misc/AES.cpp
cryptoPP type: https://github.com/weidai11/cryptopp/blob/master/rijndael.cpp
openssl version < 3.0: https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/crypto/aes/aes_core.c
matt-wu type: https://github.com/matt-wu/AES/blob/master/rijndael.c
libgcrypt/GnuPG type: https://github.com/Chronic-Dev/libgcrypt/blob/master/cipher/rijndael.c

Use IDA, Ghidra, Cutter or Binary Ninja and binary search for the first 8 bytes of the Te, Td or rcon arrays and then xref those to find the AES setup functions.
Includes dxgi proxy loading and Minhook as external tools.

/GHFear

About

AES setup hooking and key dumping made simple with RE::Tools.

Languages

Language:C 65.8%Language:C++ 30.8%Language:Assembly 3.4%