Draft Crypto Analyzer
Draft Crypto Analyzer (DRACA) is a tool to perform preliminary detection and analysis of crypto algorithms within executables. It will save your time by giving you a rough idea of what kind of algorithms to look at without actual spending a time on decompilation and code analysis. It will let you do not concentrate on reverse engineering but on cryptographic issues.
Please note that the results, given by DRACA, are actually means nothing without being carefully interpreted with further analysis. DRACA is not a silver bullet and cannot think instead of man. Think yourself.
Currently DRACA implemented as a command line utility for 80×86/Win32, however it is able to analyze Unix ELF binaries, Java applets as well as 16- and 32-bits DOS, Windows executables.
Usage
Download zip archive and unpack it to any directory of your choice. It is better to choose the directory listed in PATH for your convenience. There are two files should be created: draca.exe and draca.ovl. Run draca.exe with the name of file you would like to analyze specified as a parameter in command line. The result of analysis will be presented as a list of detected algorithms with percents ratio of successful recognition. The higher percentage demonstrates precisely recognition.
Limitations
DRACA will not properly analyze packed executables because it is not a cracker tool. Please unpack such files somehow else shall you really need to analyze them.
DRACA will probably never detect RSA or any other asymmetric encryption algorithms as well as a plain XOR confusion. At least no such features on a to-do list in near future.
Supported algorithms
For a moment DRACA can (or cannot) recognize the following algorithms: CRC32, RC5, RC6, RC2, TEA, MD5, Ripemd-160, Tiger, Skipjack, DES, Blowfish, Twofish, Safer, MARS, CAST-256, AES/Rijndael, SHA-1
License
DRACA is completely free for non-commercial use.
Download
Current version: 0.5.7b
Download it as
» a zip archive (101,282 bytes)
Subscribe to RSS feed