Lorak-mmk/my_decrypt.c Secret

## my_decrypt.c
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <string.h>
#include <unistd.h>


struct __attribute__((__packed__)) header_struct {
    uint32_t MAGIC_NUMBER;
    uint32_t file_length;
    char original_filename[256];
    char encrypted_password[32];
};


int encrypted_functions[] = {2641436120, 975465081, 3639072764, 675281407, 513948138, 3031756428, 2926203943, 837877829, 1603594944, 2674519367, 14904615, 1904161682, 1309572624,
  1994684315, 3910680652, 1536647422, 3918535801, 323721627, 3668362202, 3213866328, 794644938, 131977481, 2317446848, 2453208172, 85782959, 766000050,
  3399236994, 1532102173, 1886368010, 3235867784, 643900750, 1717543307, 2343514176, 1149557049, 1073275240, 3257519993, 288790638, 1076794953, 4268601417,
  3266887874, 3645237953, 1843745858, 1781056571, 1034680822, 104138810, 3295793340, 1465521029, 1224605082, 2530136465, 3983223631, 2841605508,
  3444926664, 4149515519, 3780638026, 982363417, 174387901, 2539220994, 951286662, 157827293, 1468744899, 3883083532, 2194888239, 2152260906, 1994013429,
  918382859, 811246267, 4291154621, 301503864, 947108398, 2366758585, 2815734210, 3121781063, 2301142496, 1256258315, 3298709743, 1798567309, 1164547884,
  3454806340, 2625884970, 1454649368, 446660275, 1277510936, 4159153455, 10824485, 3750559173, 1686871593, 1418242110, 3044965063, 2723463997, 2550151912,
  515181895, 2002464040, 1638838068, 1046903818, 2587864173, 4458591, 404174259, 308706747, 2172521490, 1298255283, 1275572871, 3137382528, 585406011,
  1639641840, 2825155210};


int decrypt_queue[4] = {0x62831853,     0x7179586,    0x27182818,    0x28459045};

int unhexlified_pass_buffer[5];

int password_global[8];

void print_queue() {
    printf("[generic] queue: %08X, %08X, %08X, %08X\n", decrypt_queue[0], decrypt_queue[1], decrypt_queue[2], decrypt_queue[3]);
}

void decrypt_very_easy(uint32_t param_1){
  uint32_t retval = param_1 ^ decrypt_queue[0];
  decrypt_queue[0] = decrypt_queue[1];
  decrypt_queue[1] = decrypt_queue[2];
  decrypt_queue[2] = decrypt_queue[3];
  decrypt_queue[3] = retval >> 6 | retval << 0x1a;
  printf("[very easy] queue: %08X, %08X, %08X, %08X\n", decrypt_queue[0], decrypt_queue[1], decrypt_queue[2], decrypt_queue[3]);
  return;
}


uint32_t decrypt_easy(uint32_t arg) {
    uint32_t retval = arg ^ decrypt_queue[0];
    uint32_t tmp = decrypt_queue[2] * 0x2137 + retval;
    decrypt_queue[0] = decrypt_queue[1];
    decrypt_queue[1] = decrypt_queue[2];
    decrypt_queue[2] = decrypt_queue[3];
    decrypt_queue[3] = tmp >> 6 | tmp * 0x4000000;
    printf("[easy] queue: %08X, %08X, %08X, %08X\n", decrypt_queue[0], decrypt_queue[1], decrypt_queue[2], decrypt_queue[3]);
    return retval;
}

uint32_t param_0x1030d7 = 0x2137;
uint32_t param_0x1030bd = 0x7a69;
uint32_t param_0x1030dc = 0x1234567;

uint32_t decrypt_hard(uint32_t arg) {
    uint32_t retval = arg ^ decrypt_queue[0];
    uint32_t tmp = decrypt_queue[2] * param_0x1030d7 + retval;
    decrypt_queue[0] = decrypt_queue[2] * param_0x1030bd + decrypt_queue[1];
    decrypt_queue[1] = decrypt_queue[2];
    decrypt_queue[2] = decrypt_queue[2] * param_0x1030dc + decrypt_queue[3];
    decrypt_queue[3] = tmp >> 6 | tmp * 0x4000000;
    return retval;
}


void strange_function(struct header_struct* header) {
    char status_key [256];
    char status_value [1032];

    char* orig_filename = header->original_filename;
    char* enc_password = header->encrypted_password;
    do {
        decrypt_very_easy(*(uint32_t *)orig_filename);
        orig_filename += 4;
    } while (orig_filename != enc_password);

    FILE *status_file = fopen("/proc/self/status","r");
    if(status_file == NULL) {
        perror("status");
        exit(1);
    }

    int scanf_result;
    while(1) {
        scanf_result = fscanf(status_file,"%[^:]: %s ", status_key, status_value);
        if (scanf_result == -1) {
            scanf_result = fclose(status_file);
            return;
        }
        if (scanf_result != 2) break;

        size_t key_length = strlen(status_key);
        if (((status_key[key_length + -3] == 'P') && (status_key[key_length + -2] == 'i')) && (status_key[key_length + -1] == 'd')) {
            uint our_pid;
            sscanf(status_value, "%u", &our_pid);
            printf("our pid (%s): %u\n", status_key, our_pid);
            decrypt_very_easy(our_pid);
        }
    }
    fprintf(stderr,"%d? umm what?\n",(ulong)scanf_result);
    exit(1);
}


int main(int argc,char **argv){
    int retval = 0;
    if (argc < 2) {
        printf("usage: %s <input filename> [<key>]\n",*argv);
        return 0;
    }
    FILE *encrypted_file = fopen(argv[1], "rb");
    if (encrypted_file == NULL) {
        perror("fopen");
        retval = 1;
        goto cleanup_1;
    }

    struct header_struct file_header;
    memset(&file_header, 0, sizeof(file_header));
    size_t read_chars = fread(&file_header,0x128,1,encrypted_file);
    if(read_chars != 1) {
        perror("fread");
        retval = 1;
        goto cleanup_1;
    }

    if ((file_header.MAGIC_NUMBER != 0xb542020) && (file_header.MAGIC_NUMBER != 0x20200b54)) {
        fwrite("unrecognized file\n",1,0x12,stderr);
        retval = 1;
        goto cleanup_1;
    }

    if (argc == 2) {
        const char *mode_name = "easy";
        if (file_header.MAGIC_NUMBER != 0xb542020) {
            mode_name = "hard";
        }
        printf("%s mode file, original name %s\n", mode_name, file_header.original_filename);
        retval = 0;
        goto cleanup_1;
    }
    size_t key_len = strlen(argv[2]);
    if(key_len != 0x40) {
        fwrite("wrong key length\n",1,0x11,stderr);
        retval = 1;
        goto cleanup_1;
    }

    int* ptr = encrypted_functions;
    for(int i = 0; i < 105; i++) {
        encrypted_functions[i] = decrypt_easy(encrypted_functions[i]);
    }

    printf("decrypted functions\n");


    decrypt_queue[0] = getpid();
    decrypt_queue[1] = getppid();
    printf("after pid & ppid\n");
    print_queue();

    strange_function(&file_header);
    printf("after strange function\n");
    print_queue();
    const char *pass = argv[2];

    char password_fragment [9];
    password_fragment[8] = 0;


    *(uint64_t*)password_fragment = ((uint64_t*)pass)[0];
    sscanf(password_fragment,"%x", unhexlified_pass_buffer + 4);

    *(uint64_t*)password_fragment = ((uint64_t*)pass)[1];
    sscanf(password_fragment,"%x", unhexlified_pass_buffer + 3);

    *(uint64_t*)password_fragment = ((uint64_t*)pass)[2];
    sscanf(password_fragment,"%x", &param_0x1030d7);

    *(uint64_t*)password_fragment = ((uint64_t*)pass)[3];
    sscanf(password_fragment,"%x", &param_0x1030bd);

    *(uint64_t*)password_fragment = ((uint64_t*)pass)[4];
    sscanf(password_fragment,"%x", unhexlified_pass_buffer + 2);

    *(uint64_t*)password_fragment = ((uint64_t*)pass)[5];
    sscanf(password_fragment,"%x", &param_0x1030dc);

    *(uint64_t*)password_fragment = ((uint64_t*)pass)[6];
    sscanf(password_fragment,"%x", unhexlified_pass_buffer + 1);

    *(uint64_t*)password_fragment = ((uint64_t*)pass)[7];
    sscanf(password_fragment,"%x", unhexlified_pass_buffer);

    password_global[0] = decrypt_easy(unhexlified_pass_buffer[4]);
    password_global[1] = decrypt_easy(unhexlified_pass_buffer[3]);
    password_global[2] = decrypt_easy(param_0x1030d7);
    password_global[3] = decrypt_easy(param_0x1030bd);
    password_global[4] = decrypt_easy(unhexlified_pass_buffer[2]);
    password_global[5] = decrypt_easy(param_0x1030dc);
    password_global[6] = decrypt_easy(unhexlified_pass_buffer[1]);
    password_global[7] = decrypt_easy(unhexlified_pass_buffer[0]);

    int identical = memcmp(file_header.encrypted_password,password_global,0x20);
    printf("pass from header:\n");
    for(int i = 0; i < 8; i++) {
        printf("%08X ", ((int*)file_header.encrypted_password)[i]);
    }
    printf("our pass:\n");
    for(int i = 0; i < 8; i++) {
        printf("%08X ", password_global[i]);
    }
    if(identical != 0) {
        fwrite("wrong key\n",1,10,stderr);
        retval = 1;
        goto cleanup_1;
    }
    fwrite("OK, decrypting...\n",1,0x12,stderr);
    FILE *decrypted_file = fopen(file_header.original_filename,"wb");
    if (decrypted_file == NULL) {
        perror("open");
        retval = 1;
        goto cleanup_2;
    }

    uint32_t current_data;

    if (file_header.file_length != 0) {
        for(int i = 0; i < file_header.file_length; i += 4) {
            read_chars = fread(&current_data,4,1,encrypted_file);
            if (read_chars != 1) {
                perror("fread");
                retval = 1;
                goto cleanup_2;
            }
            if (file_header.MAGIC_NUMBER == 0xb542020) {
                current_data = decrypt_easy(current_data);
            }
            else {
                current_data = decrypt_hard(current_data);
            }

            int32_t remaining = file_header.file_length - i;
            if (4 < remaining) {
                remaining = 4;
            }
            read_chars = fwrite(&current_data,(long)remaining,1,decrypted_file);
            if (read_chars != 1) {
                retval = 1;
                goto cleanup_2;
            }
        }
    }

    cleanup_2:
    fclose(decrypted_file);
    cleanup_1:
    fclose(encrypted_file);

    return retval;
}
	#include <stdio.h>
	#include <stdlib.h>
	#include <stdint.h>
	#include <string.h>
	#include <unistd.h>


	struct __attribute__((__packed__)) header_struct {
	uint32_t MAGIC_NUMBER;
	uint32_t file_length;
	char original_filename[256];
	char encrypted_password[32];
	};


	int encrypted_functions[] = {2641436120, 975465081, 3639072764, 675281407, 513948138, 3031756428, 2926203943, 837877829, 1603594944, 2674519367, 14904615, 1904161682, 1309572624,
	1994684315, 3910680652, 1536647422, 3918535801, 323721627, 3668362202, 3213866328, 794644938, 131977481, 2317446848, 2453208172, 85782959, 766000050,
	3399236994, 1532102173, 1886368010, 3235867784, 643900750, 1717543307, 2343514176, 1149557049, 1073275240, 3257519993, 288790638, 1076794953, 4268601417,
	3266887874, 3645237953, 1843745858, 1781056571, 1034680822, 104138810, 3295793340, 1465521029, 1224605082, 2530136465, 3983223631, 2841605508,
	3444926664, 4149515519, 3780638026, 982363417, 174387901, 2539220994, 951286662, 157827293, 1468744899, 3883083532, 2194888239, 2152260906, 1994013429,
	918382859, 811246267, 4291154621, 301503864, 947108398, 2366758585, 2815734210, 3121781063, 2301142496, 1256258315, 3298709743, 1798567309, 1164547884,
	3454806340, 2625884970, 1454649368, 446660275, 1277510936, 4159153455, 10824485, 3750559173, 1686871593, 1418242110, 3044965063, 2723463997, 2550151912,
	515181895, 2002464040, 1638838068, 1046903818, 2587864173, 4458591, 404174259, 308706747, 2172521490, 1298255283, 1275572871, 3137382528, 585406011,
	1639641840, 2825155210};



	int decrypt_queue[4] = {0x62831853, 0x7179586, 0x27182818, 0x28459045};

	int unhexlified_pass_buffer[5];

	int password_global[8];

	void print_queue() {
	printf("[generic] queue: %08X, %08X, %08X, %08X\n", decrypt_queue[0], decrypt_queue[1], decrypt_queue[2], decrypt_queue[3]);
	}

	void decrypt_very_easy(uint32_t param_1){
	uint32_t retval = param_1 ^ decrypt_queue[0];
	decrypt_queue[0] = decrypt_queue[1];
	decrypt_queue[1] = decrypt_queue[2];
	decrypt_queue[2] = decrypt_queue[3];
	decrypt_queue[3] = retval >> 6 \| retval << 0x1a;
	printf("[very easy] queue: %08X, %08X, %08X, %08X\n", decrypt_queue[0], decrypt_queue[1], decrypt_queue[2], decrypt_queue[3]);
	return;
	}



	uint32_t decrypt_easy(uint32_t arg) {
	uint32_t retval = arg ^ decrypt_queue[0];
	uint32_t tmp = decrypt_queue[2] * 0x2137 + retval;
	decrypt_queue[0] = decrypt_queue[1];
	decrypt_queue[1] = decrypt_queue[2];
	decrypt_queue[2] = decrypt_queue[3];
	decrypt_queue[3] = tmp >> 6 \| tmp * 0x4000000;
	printf("[easy] queue: %08X, %08X, %08X, %08X\n", decrypt_queue[0], decrypt_queue[1], decrypt_queue[2], decrypt_queue[3]);
	return retval;
	}

	uint32_t param_0x1030d7 = 0x2137;
	uint32_t param_0x1030bd = 0x7a69;
	uint32_t param_0x1030dc = 0x1234567;

	uint32_t decrypt_hard(uint32_t arg) {
	uint32_t retval = arg ^ decrypt_queue[0];
	uint32_t tmp = decrypt_queue[2] * param_0x1030d7 + retval;
	decrypt_queue[0] = decrypt_queue[2] * param_0x1030bd + decrypt_queue[1];
	decrypt_queue[1] = decrypt_queue[2];
	decrypt_queue[2] = decrypt_queue[2] * param_0x1030dc + decrypt_queue[3];
	decrypt_queue[3] = tmp >> 6 \| tmp * 0x4000000;
	return retval;
	}


	void strange_function(struct header_struct* header) {
	char status_key [256];
	char status_value [1032];

	char* orig_filename = header->original_filename;
	char* enc_password = header->encrypted_password;
	do {
	decrypt_very_easy((uint32_t )orig_filename);
	orig_filename += 4;
	} while (orig_filename != enc_password);

	FILE *status_file = fopen("/proc/self/status","r");
	if(status_file == NULL) {
	perror("status");
	exit(1);
	}

	int scanf_result;
	while(1) {
	scanf_result = fscanf(status_file,"%[^:]: %s ", status_key, status_value);
	if (scanf_result == -1) {
	scanf_result = fclose(status_file);
	return;
	}
	if (scanf_result != 2) break;

	size_t key_length = strlen(status_key);
	if (((status_key[key_length + -3] == 'P') && (status_key[key_length + -2] == 'i')) && (status_key[key_length + -1] == 'd')) {
	uint our_pid;
	sscanf(status_value, "%u", &our_pid);
	printf("our pid (%s): %u\n", status_key, our_pid);
	decrypt_very_easy(our_pid);
	}
	}
	fprintf(stderr,"%d? umm what?\n",(ulong)scanf_result);
	exit(1);
	}



	int main(int argc,char **argv){
	int retval = 0;
	if (argc < 2) {
	printf("usage: %s <input filename> [<key>]\n",*argv);
	return 0;
	}
	FILE *encrypted_file = fopen(argv[1], "rb");
	if (encrypted_file == NULL) {
	perror("fopen");
	retval = 1;
	goto cleanup_1;
	}

	struct header_struct file_header;
	memset(&file_header, 0, sizeof(file_header));
	size_t read_chars = fread(&file_header,0x128,1,encrypted_file);
	if(read_chars != 1) {
	perror("fread");
	retval = 1;
	goto cleanup_1;
	}

	if ((file_header.MAGIC_NUMBER != 0xb542020) && (file_header.MAGIC_NUMBER != 0x20200b54)) {
	fwrite("unrecognized file\n",1,0x12,stderr);
	retval = 1;
	goto cleanup_1;
	}

	if (argc == 2) {
	const char *mode_name = "easy";
	if (file_header.MAGIC_NUMBER != 0xb542020) {
	mode_name = "hard";
	}
	printf("%s mode file, original name %s\n", mode_name, file_header.original_filename);
	retval = 0;
	goto cleanup_1;
	}
	size_t key_len = strlen(argv[2]);
	if(key_len != 0x40) {
	fwrite("wrong key length\n",1,0x11,stderr);
	retval = 1;
	goto cleanup_1;
	}

	int* ptr = encrypted_functions;
	for(int i = 0; i < 105; i++) {
	encrypted_functions[i] = decrypt_easy(encrypted_functions[i]);
	}

	printf("decrypted functions\n");


	decrypt_queue[0] = getpid();
	decrypt_queue[1] = getppid();
	printf("after pid & ppid\n");
	print_queue();

	strange_function(&file_header);
	printf("after strange function\n");
	print_queue();
	const char *pass = argv[2];

	char password_fragment [9];
	password_fragment[8] = 0;


	(uint64_t)password_fragment = ((uint64_t*)pass)[0];
	sscanf(password_fragment,"%x", unhexlified_pass_buffer + 4);

	(uint64_t)password_fragment = ((uint64_t*)pass)[1];
	sscanf(password_fragment,"%x", unhexlified_pass_buffer + 3);

	(uint64_t)password_fragment = ((uint64_t*)pass)[2];
	sscanf(password_fragment,"%x", &param_0x1030d7);

	(uint64_t)password_fragment = ((uint64_t*)pass)[3];
	sscanf(password_fragment,"%x", &param_0x1030bd);

	(uint64_t)password_fragment = ((uint64_t*)pass)[4];
	sscanf(password_fragment,"%x", unhexlified_pass_buffer + 2);

	(uint64_t)password_fragment = ((uint64_t*)pass)[5];
	sscanf(password_fragment,"%x", &param_0x1030dc);

	(uint64_t)password_fragment = ((uint64_t*)pass)[6];
	sscanf(password_fragment,"%x", unhexlified_pass_buffer + 1);

	(uint64_t)password_fragment = ((uint64_t*)pass)[7];
	sscanf(password_fragment,"%x", unhexlified_pass_buffer);

	password_global[0] = decrypt_easy(unhexlified_pass_buffer[4]);
	password_global[1] = decrypt_easy(unhexlified_pass_buffer[3]);
	password_global[2] = decrypt_easy(param_0x1030d7);
	password_global[3] = decrypt_easy(param_0x1030bd);
	password_global[4] = decrypt_easy(unhexlified_pass_buffer[2]);
	password_global[5] = decrypt_easy(param_0x1030dc);
	password_global[6] = decrypt_easy(unhexlified_pass_buffer[1]);
	password_global[7] = decrypt_easy(unhexlified_pass_buffer[0]);

	int identical = memcmp(file_header.encrypted_password,password_global,0x20);
	printf("pass from header:\n");
	for(int i = 0; i < 8; i++) {
	printf("%08X ", ((int*)file_header.encrypted_password)[i]);
	}
	printf("our pass:\n");
	for(int i = 0; i < 8; i++) {
	printf("%08X ", password_global[i]);
	}
	if(identical != 0) {
	fwrite("wrong key\n",1,10,stderr);
	retval = 1;
	goto cleanup_1;
	}
	fwrite("OK, decrypting...\n",1,0x12,stderr);
	FILE *decrypted_file = fopen(file_header.original_filename,"wb");
	if (decrypted_file == NULL) {
	perror("open");
	retval = 1;
	goto cleanup_2;
	}

	uint32_t current_data;

	if (file_header.file_length != 0) {
	for(int i = 0; i < file_header.file_length; i += 4) {
	read_chars = fread(&current_data,4,1,encrypted_file);
	if (read_chars != 1) {
	perror("fread");
	retval = 1;
	goto cleanup_2;
	}
	if (file_header.MAGIC_NUMBER == 0xb542020) {
	current_data = decrypt_easy(current_data);
	}
	else {
	current_data = decrypt_hard(current_data);
	}

	int32_t remaining = file_header.file_length - i;
	if (4 < remaining) {
	remaining = 4;
	}
	read_chars = fwrite(&current_data,(long)remaining,1,decrypted_file);
	if (read_chars != 1) {
	retval = 1;
	goto cleanup_2;
	}
	}
	}

	cleanup_2:
	fclose(decrypted_file);
	cleanup_1:
	fclose(encrypted_file);

	return retval;
	}