Decoding Aztec code from polish vehicle registration certificate

About a year ago I interested in mysterious 2D code placed in my car’s registration certificate. After quick research on Google it turned out to be even more mysterious because nobody knew how to decode it. There was even no official document like act or regulation that describes the code somehow. People knew that the code is Aztec code and that’s it. Some companies shared web and Android apps to decode this. And all of them was sending base64 to some server and receive decoded data.

Of course for me it wasn’t rewarding so I started my research on it. After initially scanning the code I’ve seen long string that I immediately recognized as base64. The real fun started after that, because stream I’ve got after that was so strange that at first I had no idea what to do. Upon closer examination it was clear that this data is not damaged but encoded in somewhat strange way. Few days later I was almost sure that this is not encoding but rather compression, because some unique parts of stream was easily readable by human. About a month of learning about compression, looking for even most exotic decompression tools and I was left with almost nothing. I had only weak guess on how decompression parameters could be encoded. I gave up…

Polish vehicle registration certificate (source: pwpw.pl)

Polish vehicle registration certificate (source: pwpw.pl)

About a year later I tried one more time. This time I was a bit more lucky. I found a program that decodes the code. Again. But this time was different. I shut down my network connection to make sure. And it worked! So now a bit of reverse engineering and it’s done. I will skip any details because I do not want to piss off the company which created this, even though I was right and I HAD right to do this.

As usual the source code is available on my Github profile. There is also a bit more information about whole scanning/decoding process. If you like to know more technical details about the algorithm or how to decode the data, everything can be found in README file in the repo.

This entry was posted in Uncategorized and tagged , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback.

9 Comments

  1. Tom
    Posted August 2, 2015 at 15:04 | Permalink

    Stealing algorithms from other binaries is a crime and admitting to it is just stupid. I’ve collected all the evidence of this (screenshots, text) and I will report a crime.

    PS. I just hope all those expensive reverse engineering tools you own are legal, because I will mention that too to check the licenses.

    • v3l0c1r4pt0r
      Posted August 3, 2015 at 12:04 | Permalink

      Hi Troll,
      I am lucky to not live in a country with a highly oppressive government like United States so I had right to publish algorithm bought for taxes I paid. Moreover reverse engineering is legal in Poland for compatibility purposes. It’s a pity that you were not brave enough to give me your real email and IP address (not TOR exit node) so we could discuss more about it.
      Cheers,
      v3l0c1r4pt0r ๐Ÿ™‚

    • gutk
      Posted September 18, 2015 at 15:10 | Permalink

      Hi,

      I noticed that not every binary data is “unpacked” correctly. In some cases I got errors (iconv invalid argument) or blank output file. Could you explain what it depends on?

      Cheers

  2. maciej
    Posted September 28, 2015 at 16:11 | Permalink

    Hi,

    I had error : ./delz: copy offset before start of buffer -3
    What I do wrong ?

    Please help for newbie

    • v3l0c1r4pt0r
      Posted September 28, 2015 at 21:20 | Permalink

      Any decompression error is caused by invalid input. Are you sure you provided binary file as input, not its base64 encoded form?

    • maciej
      Posted September 29, 2015 at 10:47 | Permalink

      I have output from scaner (vwMAANtYAAJDAP8….) next I convert it to binary file And had error decompression ๐Ÿ™

    • Mt
      Posted October 15, 2015 at 23:42 | Permalink

      same problem here ๐Ÿ™

      I also have zeto app and for given string from scaner
      zetodecode.bin 1wMAANtYAAJDAP8xAH….

      It returns nice data.

      @v3l0c1r4pt0r I’d be glad if u provide steps necessary to use your library with strings from scaner.

      Thanks!!

    • v3l0c1r4pt0r
      Posted October 16, 2015 at 11:00 | Permalink

      Exact steps depends on platforms you use. On Linux you should use base64 program to decode output from scanner and write it to separate file. Then it will ready to decompress. As I have written in the post above, instructions can be found on github README file. There you can also find basic overview of the whole process.

  3. maciej
    Posted October 20, 2015 at 01:17 | Permalink

    It was invalid input. Code work perfect

Leave a Reply

Your email address will not be published. Required fields are marked *

Your email address will never be published.