<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Exchange Server">
<!-- converted from text --><style><!-- .EmailQuote { margin-left: 1pt; padding-left: 4pt; border-left: #800000 2px solid; } --></style>
</head>
<body>
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Arial,Helvetica,sans-serif;" dir="ltr">
<p>Does anyone happen to have a pcap of the serial comms with a non-plus KG-UV8D? This will be helpful in my decryption attempts. So far, I have discovered that they appear to be using the "<span>Cryptography API: Next Generation (CNG)</span>", but it supports
a number of different encryption algorithms.</p>
<p><br>
</p>
<p><a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa376210(v=vs.85).aspx" class="OWAAutoLink" id="LPlnk950198" previewremoved="true">https://msdn.microsoft.com/en-us/library/windows/desktop/aa376210(v=vs.85).aspx</a></p>
<p><br>
</p>
<p>I have also extracted the strings from the exe using aluigi's <span>exestringz, and discovered 2 differences between the 8D and the pluis. One of the strings is simply 123456, which sure looks to me like a lazy developer making up a key, so I'm optimistic that
this may be as easy as I had hoped.</span></p>
<p><span><br>
</span></p>
<p><span>The other interesting difference is an additional string with a value of "<span>ENSJBXP8E-V1.00-150525</span>". I have no idea what that is, and Google is not helping either.</span><br>
</p>
<div id="LPBorder_GT_14943491502010.6364927149025137" style="margin-bottom: 20px; overflow: auto; width: 100%; text-indent: 0px;">
<table id="LPContainer_14943491501980.9351692068178099" role="presentation" cellspacing="0" style="width: 90%; background-color: rgb(255, 255, 255); position: relative; overflow: auto; padding-top: 20px; padding-bottom: 20px; margin-top: 20px; border-top: 1px dotted rgb(200, 200, 200); border-bottom: 1px dotted rgb(200, 200, 200);">
<tbody>
<tr valign="top" style="border-spacing: 0px;">
<td id="TextCell_14943491501990.805703538741599" colspan="2" style="vertical-align: top; position: relative; padding: 0px; display: table-cell;">
<div id="LPRemovePreviewContainer_14943491501990.001950874666453828"></div>
<div id="LPTitle_14943491501990.13470245137812653" style="top: 0px; color: rgb(0, 120, 215); font-weight: normal; font-size: 21px; font-family: wf_segoe-ui_light, "Segoe UI Light", "Segoe WP Light", "Segoe UI", "Segoe WP", Tahoma, Arial, sans-serif; line-height: 21px;">
<a id="LPUrlAnchor_14943491502000.853897694706448" href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa376210(v=vs.85).aspx" target="_blank" style="text-decoration: none;">Cryptography API: Next Generation (Windows)</a></div>
<div id="LPMetadata_14943491502000.20637805901964645" style="margin: 10px 0px 16px; color: rgb(102, 102, 102); font-weight: normal; font-family: wf_segoe-ui_normal, "Segoe UI", "Segoe WP", Tahoma, Arial, sans-serif; font-size: 14px; line-height: 14px;">
msdn.microsoft.com</div>
<div id="LPDescription_14943491502000.19687845115852332" style="display: block; color: rgb(102, 102, 102); font-weight: normal; font-family: wf_segoe-ui_normal, "Segoe UI", "Segoe WP", Tahoma, Arial, sans-serif; font-size: 14px; line-height: 20px; max-height: 100px; overflow: hidden;">
Purpose. Cryptography API: Next Generation (CNG) is the long-term replacement for the CryptoAPI. CNG is designed to be extensible at many levels and cryptography ...</div>
</td>
</tr>
</tbody>
</table>
</div>
<br>
<br>
<p></p>
</div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> chirp_devel-bounces@intrepid.danplanet.com <chirp_devel-bounces@intrepid.danplanet.com> on behalf of Derek Chauran via chirp_devel <chirp_devel@intrepid.danplanet.com><br>
<b>Sent:</b> Monday, May 8, 2017 7:47:43 AM<br>
<b>To:</b> Ron Wellsted; chirp_devel@intrepid.danplanet.com<br>
<b>Subject:</b> Re: [chirp_devel] [KG-UV8D Plus] Hello and KG-UV8D Plus support</font>
<div> </div>
</div>
<div>
<div>Thanks Ron. That certainly explains the indecipherable serial traces I'm getting. Reverse engineering encryption is outside of my wheelhouse, but I'll ask around. It's really a shame, as I can't imagine programming 1000 memories with the horrid factory
software.
<div><br>
</div>
<div><br>
</div>
<div>-------- Original message --------</div>
<div>From: Ron Wellsted via chirp_devel <chirp_devel@intrepid.danplanet.com> </div>
<div>Date: 5/8/17 2:43 AM (GMT-08:00) </div>
<div>To: Derek Chauran via chirp_devel <chirp_devel@intrepid.danplanet.com> </div>
<div>Subject: Re: [chirp_devel] [KG-UV8D Plus] Hello and KG-UV8D Plus support </div>
<div><br>
</div>
</div>
<font size="2"><span style="font-size:10pt;">
<div class="PlainText">Hi,<br>
<br>
The biggest problem you are likely to experience is that the newer<br>
Wouxun radios (KG-UV950, KG-UV8D Plus, KG-UV9) seem to use an encrypted<br>
protocol, the details of which the manufacturer is not prepared to<br>
release. Unless we can work out the encryption, this effectively locks<br>
out these radios from Chirp.<br>
<br>
-- <br>
Ron Wellsted<br>
ron@wellsted.org.uk <a href="http://www.wellsted.org.uk">http://www.wellsted.org.uk</a><br>
ron@m0rnw.uk <a href="http://m0rnw.uk">http://m0rnw.uk</a><br>
Call Sign: M0RNW / Linux Counter No. 202120<br>
_______________________________________________<br>
chirp_devel mailing list<br>
chirp_devel@intrepid.danplanet.com<br>
<a href="http://intrepid.danplanet.com/mailman/listinfo/chirp_devel">http://intrepid.danplanet.com/mailman/listinfo/chirp_devel</a><br>
Developer docs: <a href="http://chirp.danplanet.com/projects/chirp/wiki/Developers">
http://chirp.danplanet.com/projects/chirp/wiki/Developers</a><br>
</div>
</span></font></div>
</body>
</html>