Comment by NoMoreNicksLeft
3 days ago
>Claude walked me through examining the some of the original software in GHIDRA,
I wanted to be able to decrypt the files on The Complete New Yorker magazine DVDs. The old software was WinXP only, and crashed by the time you turned to page 3 or 4. It walked me through using Ghidra on the relevant dll, mapped out how it was using Blowfish, what the credentials were that it was passing, and re-implemented all of that in a python script.
Now all the files are in plain pdf.
Right now, it's helping me write an extension to the mkv specification for embedded scripts and modify VLC to be conformant, so I can watch Black Mirror Bandersnatch. Already have a buggy implementation, about 3 days in.
I've also had it add BEP 46 mutable torrent functionality to Transmission (and to some extent, to the WebTorrent library).
These are all well beyond my abilities to do casually, and probably beyond my ability to do even if I spent the next 18 months doing nothing by grinding away at it.
I only replied because I thought it curious that Claude apparently favors Ghidra.
Interestingly enough, i’ve been sitting on a project for the last 12ish years where i just took the FMloader lib and used that from C# to turn the djvu files into pdfs. All that was needed was a decompiler and an hour of banging my head on it. I published some of the results a few years ago but need to go back and actually build out a full app.
I'm trying to not do the naive pdf creation, where each page is just the raster. Trying to keep the JBIG2 bilevel, as I get better quality at lower file size. Using jpeg2000 too, where appropriate, but the pdfs are still x2.5 the size of the original. Though, I can have it spit out decrypted djvu files that are exactly the same filesize... I just don't like that format for archival.
If you want the Rolling Stone or Playboy archives decrypted, ReconSuave on github has tools to do those. I got tired of waiting for him to do The New Yorker though.
Ive mainly been outputting them to high fidelity jpegs and then stuffing them into a cbz for portability. Works well went im reading on my ipad. As for the others i had them sorted out about a week or two after i decompiled the original binaries.
I’ve definitely kicked myself a few times for not posting about them sooner, but the fear of pissing off CondeNast tempered my willingness to show off
2 replies →
Ooooh, you don't happen to have the code for the New Yorker decryption in a form you could send, do you? Or put up on github or even just give me the starting prompt…
Okay, a couple of hours later…thanks for the hint as that's fucking dark magic ;) and I now have access to the entire New Yorker again after around 15 years :)
Since I think you'll find the one for Rolling Stone and Playboy, but not The New Yorker (I might be one of the few that has this or something like it)...
https://gist.github.com/NoMoreNicksLeft/d3a4a59c7b4de0cdef1e...
I'll have a more proper github repo at some point, but there are bugs I was working through. Some issues are bloated up ridiculously... a 9mb djvu file shouldn't become a 110mb pdf. Most issues will work well though. Hope it helps.
What was your setup for this and did you have any preferences set in Claude to get started with something like this?
I use Claude on the desktop, and only occasionally Claude Code. It's the one that recommended Ghidra. Walked me through the install. Taught me the basics (G to go to an address, etc). Would tell me where to go, and what to paste back to it. It eventually converged on where to find the iv and credentials and so forth (after acting confused for awhile), and then wrote the python script for me that decrypts. I'd like to think my questions (and challenges to its assertions) were intelligent enough to spur it towards the solution, but self-flattery is all that is.
The dll in question was pretty obvious just from the filename alone that it was where the magic happened.
If you want something similar, you might just start by asking it if it would be feasible to decompile the software in question to reverse engineer the decryption, that you'd heard Ghidra was a big deal. Keep nudging it to guide you along that sort of path.