Leaderboard

It was mentioned once or twice...

You created a couple of global variables. This is not thread save. double *Re_zArr, *Im_zArr, *RelErr_Arr, *Re_wArr, *Im_wArr; double complex z, w; int Npts; int i;

I am 14 and am ready to take the CLAD exam, and I am almost ready for the CLD. Will NI let me take it?

Thanks @Stinus Olsen, will look into some of these. The tool I made can now extract and re-create most VIs, like this: ./readRSRC.py -vvv -x -i './examples/empty_vifile_lv14f1.vi' ./readRSRC.py -vvv -c -m './empty_vifile_lv14f1.xml' cmp -l './examples/empty_vifile_lv14f1.vi' './empty_vifile_lv14f1.vi' Though there are still a few for which `cmp` shows difference between original file and re-created one (I've run it on the standard VIs from LV2014, on thousands of files only a few had differences). Also, it currently leaves all Blocks as BIN files - does not parse their content.

Oh yeah I forgot about that. This is the Salt that gets applied to the MD5 of the password. Starting in 2012 NI started salting the block diagram passwords. The salt that gets applied is something like the number of all String, Path, and Numeric controls connected to terminals. I think this does go into clusters and arrays so the work actually needs to be recursive. This ends up being a 12 byte salt, but I think 9 bytes are always 0. Of course you don't need to do all of this, to figure out what the salt is. I mean all you need to do is guess three numbers, all of which are the number of controls on a terminal so you know that the value will probably be small. So when I wanted to figure out what the salt was I would just keep guessing until a match was found. It was easier than trying to look into the VCTP block to find all objects, and then all terminals, and blah blah blah. If you have a VI that is passworded correctly then the only unknown in the equation is the salt. I mean lets use this example equation (note that the actual one is different): Result = MD5(Hash 1 + Hash 2 + Hash 3 + Salt) In a valid passworded VI I can pull out each of the variables from the VI other than the salt. So I just made a VI that sets salt to 0,0,0, then 0,0,1, then 0,0,2, etc, until the equation matches. Fun story: Years ago we were in a meeting with a few LabVIEW champions and LabVIEW R&D and the discussion of protecting intellectual property came up. Someone was asking NI about ways they could tighten up their security. I made a suggestion of encrypting the password with the number of string terminals in a VI, knowing that this was something NI already was doing. Another LabVIEW Champion said that was a bad idea since that could be figured out by simply opening the VI and looking at it. I had to inform them that I said that knowing that that scheme was actually used by NI, and I put that out there to subtly let R&D know we know about it.

Yes, you might be right @Rolf Kalbermatter. As long as the whole work can be divided into steps, this might be doable though. For example - there is probably a way to tell labview to compile the assembly. So only disassembling the code, still puts us one step closer, and allows us to create buildable project. Right now, I already can replace single VIs and re-build the project. Having ASM blocks would allow me to replace only single blocks inside VIs. For the people who fear for their code being stolen - if the current solution is broken, NI will put resources into making "real" security in next version - so such reversing effort actually makes the tool more secure, and forces it to move to modern standards. I'd have to learn about LabView in general to go any deeper; last time I made a project with it was circa 20 years ago. Not sure if I have enough time to go that way.

This is just silly. Of course theres a difference. If there was no difference we would use the same word to describe both types of property. In the dictionary if you look up Intellectual Property it will not say "See Physical Property". I also don't condone releasing anything to break NI's password protection scheme, but I also think it isn't in your place to say that he "WILL get into trouble" if anything is released. What happened to the last guy that released a password cracker that works on all VIs between 7.x and 2011? Well I don't know for sure but his website is still up with the source code, and will even remove the password by uploading a VI.