Thread: Steppenwolf takes on the Sify Broadband Encryption Algorithm...

Sistine | Cross-platform Sify Authentication Daemon
[ Works with Sify 3.12 Encryption Algorithm ]

by Liet-Kynes

"Information Wants To Be Free. Information also wants to be expensive. ... That tension will not go away."
- 'The Media Lab: Inventing the Future at MIT', originally by Stewart Brand, in the first Hacker's conference, 1984.



A quick history of its creation.
==================================
I came over to my house for vacation and found that the old internet connection wasn't working. So, I decided to sign up for Sify's Broadband connection. Unfortunately, what I got was an intermittent connection with a bloated dialer. Nowhere during the setup did I agree that it was OK for them to pop up the Indian Idol website, or on a whim pop up bharatmatrimony.com (ugh). One of the statements in the dialer's post-installation doc was along the lines of “to keep your connection active...we will automatically log you out”. Surely this is Orwellian Doublespeak at its best! Ah, but then we need a resistance...

So, I decided to spend a day reverse engineering the dialer from hell. As I expected, it was moronic and not much of a challenge to decipher. Guess that's what you get from "coders" at Satyam, who call themselves CS/Engineers, but have the brain the size of a quark.

On the encryption algorithm and the internals.
===============================================
I won't digress here since I've explained the inner workings in detail in the code. In a nutshell, it generates a connection string that contains amongst other things your userid, encrypted password, MAC address, a dead poodle, and so on. This string itself is encrypted. The encryption algorithm is a moronically modified version of blowfish, with the only differences being minor changes to the S-boxes and the P-array. (Gee, I'll just switch these numbers. No one will ever figure it out). The crypto-geeks amongst you will recall that the original P-array and S-box is composed of hex digits of Pi. Do a diff with my code to see the changes.

Instructions on use.
=====================
The daemon consists of two components:
1. The Main Python script that generates the key, handles the server comm, and xml parsing and so on
2. A C proggy that performs the modified blowfish encryption. It's called by the python script

The C code is perfectly platform independent, so all you need to do is compile it using gcc/mingw and you're good to go.
Since the python script expects it to be present as "modBlowfish" in the current working directory, I suggest "gcc blowfish.c modBlowfish.c -o modBlowfish".

Customizing the python script

It's pretty self explanatory. Open it up in your favorite editor and modify the username and password variables to your own.

Spoofing your MAC address

Sify has this irritating habit of allowing only listed MACs. However, it's easy to circumvent this. By default, sistine parses the output of ipconfig (ifconfig for posix) to get the MAC address. To override this, scroll down to the line marked "Spoof MAC" in the script, uncomment the line, and replace it with a MAC address that you know is registered with Sify. Voila.

Extending Sistine
======================
I had only a few days at my home, so I didn't get time to polish up the code. It was quickly whacked out in python and C in a day or two. For me, the code was over after I figured out the encryption algo and created a quick auth daemon. However, any 7yr old can extend the script. Want keep alive? Query the isActive url, or ping it out. Add command line support. I'll leave it to your imagination.

Final words...
================

I no longer have access to a Sify connection (I was home for only a couple of days, which was sufficient to develop a distaste for Sify...) Any further modifications, I leave them up to you. I hereby release Sistine into public domain. Go crazy.

Download
===========
sistine.tar.gz (updated: a slightly more cleaner version)