Created
March 28, 2014 04:16
-
-
Save potetisensei/9825286 to your computer and use it in GitHub Desktop.
JUNK
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class ECCDecodeDataStream { | |
| public: | |
| uint var_4[0x20]; | |
| uint var_84; | |
| uint var_88; | |
| uint *var_8C; | |
| uint var_90; | |
| uint var_94; | |
| uint var_98; | |
| uint var_9C; | |
| } | |
| ECCDecodeDataStream::ECCDecodeDataStream(this) { | |
| int i; | |
| this->var_8C = new[0x400]; | |
| this->var_94 = 0x400; | |
| this->var_84 = 0; | |
| this->var_88 = 0; | |
| this->var_90 = 0; | |
| this->var_98 = 0; | |
| this->var_9C = 0; | |
| for (i=0;i<0x20;i++) { | |
| this->var_4[i] = 0; | |
| } | |
| return ; | |
| } | |
| RS32_16::RSDecode(this, int *buf) { | |
| RS32_16::rs_syndrome(this, buf, var_4C); | |
| return RS32_16::rs_decode_with_syndrome(this, buf, var_4C); | |
| } | |
| ECCDecodeDataStream::DoDecodeBlock(this) { | |
| var_C = RS32_16::RSDecode(this, this->var_4); | |
| if (var_C == -1) { | |
| this->var_9C = 1; | |
| } else { | |
| this->var_98 += var_C; | |
| } | |
| this->var_98 += RS32_16::RSDecode(this, this->var_4); | |
| this->var_84 = 0; | |
| this->var_88 = 0; | |
| } | |
| ECCDecodeDataStream::AddDataBit(this, unsigned char bit, bool flag) { | |
| int i; | |
| var_1C = bit; | |
| var_20 = flag; | |
| this->var_4[this->var_84] |= bit << (7 - this->var_88); | |
| this->var_88 += 1; | |
| if (this->var_88 != 8) return this->var_90; | |
| this->var_88 = 0; | |
| this->var_84 += 1; | |
| if (this->var_84 != 0x20) return this->var_90; | |
| ECCDecodeDataStream::DoDecodeBlock(this); | |
| this->var_84 = 0; | |
| for (i=0;i<0x10;i++) { | |
| if (this->var_90 < this->var_94) { | |
| int j; | |
| uint *var_18 = new uint[this->var_94]; | |
| for (j=0;j<this->var_90;j++) { | |
| var_18[j] = this->var_8C[j]; | |
| } | |
| delete [] this->var_8C; | |
| this->var_94 *= 2; | |
| this->var_8C = new uint[this->var_94]; | |
| for (i=0;i<this->var_90;i++) { | |
| this->var_8C[j] = var_18[j]; | |
| } | |
| delete [] var_18; | |
| } | |
| this->var_8C[this->var_90] = this->var_4[i]; | |
| this->var_90 += 1; | |
| } | |
| for (i=0;i<0x20;i++) { | |
| this->var_4[i] = 0; | |
| } | |
| return this->var_90; | |
| } | |
| char ECCDecodeDataStream::IsDataAvailable(this) { | |
| return (this->var_90 != 0); | |
| } | |
| char* ECCDecodeDataStream::GetData(this, unsigned int &len, unsigned int &error_num, bool &has_error) { | |
| len = this->var_90; | |
| error_num = this->var_98; | |
| has_error = this->var_9C; | |
| return this->var_8C; | |
| } | |
| ProcessDecode(int fd) { | |
| unsigned int received_length; | |
| unsigned int file_size; | |
| unsigned int *raw_bmp; | |
| char bmp_header[0x400]; | |
| BMPFile bmp_file; | |
| ECCDecodeDataStream stream; | |
| received_length = recvdata(fd, bmp_header, 6); | |
| if (received_length != 6) { | |
| puts("Didn't receive header."); | |
| return 0; | |
| } | |
| file_size = *(unsigned int*)(bmp_header+2) | |
| if (file_size > 0xFFFFF) { | |
| puts("Header reporting file too large."); | |
| return 0; | |
| } | |
| uint *raw_bmp = new[file_size]; | |
| if (raw_bmp == NULL) { | |
| puts("Unable to allocate BMP buffer."); | |
| return 0; | |
| } | |
| raw_bmp[0] = bmp_header[0]; | |
| raw_bmp[1] = bmp_header[1] % 0x10000; | |
| received_length += recvdata(fd, raw_bmp+6, file_size-6); | |
| if (received_length != file_size) { | |
| printf("Didn't receive correct data amount: %d supposed to be %d\n", received_length, file_size); | |
| delete[] raw_bmp; | |
| return 0; | |
| } | |
| CsimpleDCT::Init(); | |
| if (bmp_file.ReadImageData(raw_bmp, received_length) != 7) { | |
| puts("BMP Read Failed."); | |
| exit(0); | |
| } | |
| var_18 = -1; | |
| has_error = 0; | |
| height = bmp_file.GetImageHeight(); | |
| width = bmp_file.GetImageWidth(); | |
| image_data = bmp_file.GetImageData(); | |
| i = 0; #var_C | |
| while (i < height/8) { | |
| j = 0; #var_10 | |
| while (j < width/8) { | |
| k = 0; # RGB var_14 | |
| while (k < 3) { | |
| l = 0; # y var_20 | |
| while (l < 8) { | |
| m = 0; # x var_24 | |
| while (m < 8) { | |
| index = ((i * 8 + l) * 64 + j) * 8 + m; | |
| index *= 3; # for RGBS | |
| value = image_data[index + k]; | |
| data8x8[l * 8 + m] = (double)value; | |
| m++; | |
| } | |
| l++; | |
| } | |
| CSimpleDCT::DCT2Calc8x8(data8x8); | |
| decoded_data = DCTCoefficient::DecodeDCT(data8x8); | |
| stream.AddDataBit(decoded_data, true); | |
| if (stream.IsDataAvailable() && var_18 == -1) { | |
| var_50 = stream.GetData(&var_7C, &var_80, &var_81); | |
| if (var_81) { | |
| printf("ERROR: ECC Processing failed.\n\r"); | |
| has_error = 1; | |
| break; | |
| } | |
| if (var_50[0] == 0x4D && var_50[1] == 0x41 && var_50[2] == 0x52 && var_50[3] == 0x4B) { | |
| var_18 = var_50[4]; | |
| var_18 += 8; | |
| } | |
| } | |
| if (stream.GetLength() >= var_18) { | |
| has_error = 1; | |
| break; | |
| } | |
| k++; | |
| } | |
| if (has_error != 0) break; | |
| var10++; | |
| } | |
| if (has_error != 0) break; | |
| i++; | |
| } | |
| n = 0; | |
| var_58 = stream.GetData(&var_74, &var_70, &var_75); | |
| if (var_75) { | |
| printf("Decode failed. Encountered processing errors and decoded %d errors.\n\r", var_70); | |
| exit(-1); | |
| } | |
| printf("Decode success, corrected %d errors.\n", var_70); | |
| if (var_74 <= 0x0F) { | |
| puts("Insufficient shellcode."); | |
| exit(0); | |
| } | |
| if (var_58[0] != 0x4D || var_58[1] != 0x41 || var_58[2] != 0x52 || var_58[3] != 0x4B) { | |
| puts("No mark header."); | |
| exit(0); | |
| } | |
| n = *((unsigned int*)var_58+4); | |
| if (n == 0) { | |
| puts("Shellcode size is 0. Exiting."); | |
| exit(0); | |
| } | |
| if (var_74 - 8 < n) { | |
| printf("Shellcode size exceeds buffer %d of %d. Exiting\n", n, var_74); | |
| exit(0); | |
| } | |
| ExecShellcode(var_58 + 8, n); | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment