Skip to content

Instantly share code, notes, and snippets.

@RIscRIpt

RIscRIpt/com_munge2.asm

Last active September 13, 2015 15:55
Show Gist options
  • Save RIscRIpt/2efd838b68e9904e5837 to your computer and use it in GitHub Desktop.
Save RIscRIpt/2efd838b68e9904e5837 to your computer and use it in GitHub Desktop.
Download ZIP
COM_UnMunge2 written in x64/x86 ASM
Raw
com_munge2.asm
;64 bit verison
proc INETWorker_Munge buf, len, npacket
mov r13d, r8d
xor eax, eax
not r13d
shr edx, 2 ;div 4
jz @f
.loop:
and al, 0x3F
mov r15d, [rcx]
mov r12d, [IW_mungeTable + eax]
xor r15d, r13d
bswap r15d
xor r15d, r12d
xor r15d, r8d
add eax, 4
mov [rcx], r15d
add ecx, 4
dec edx
jnz .loop
@@:
ret
endp
;64 bit version
proc INETWorker_UnMunge buf, len, npacket
mov r13d, r8d
xor eax, eax
not r13d
shr edx, 2 ;div 4
jz @f
.loop:
and al, 0x3F
mov r15d, [rcx]
mov r12d, [IW_mungeTable + eax]
xor r15d, r8d
bswap r15d
xor r15d, r12d
xor r15d, r13d
add eax, 4
mov [rcx], r15d
add ecx, 4
dec edx
jnz .loop
@@:
ret
endp
;32 bit version
proc INETWorker_UnMunge uses ebx esi edi, buf, len, npacket
mov ebx, [npacket]
mov esi, [buf]
xor eax, eax
not ebx
shr [len], 2 ;div 4
jz @f
.loop:
and al, 0x3F
mov ecx, [esi]
xor ecx, [npacket]
bswap ecx
xor ecx, [IW_mungeTable + eax]
xor ecx, ebx
add al, 4
mov [esi], ecx
add esi, 4
dec [len]
jnz .loop
@@:
ret
endp
IW_mungeTable:
dd 0xFFFFE7A5, 0xBFEFFFE5, 0xFFBFEFFF, 0xBFEFBFED
dd 0xBFAFEFBF, 0xFFBFAFEF, 0xFFEFBFAD, 0xFFFFEFBF
dd 0xFFEFF7EF, 0xBFEFE7F5, 0xBFBFE7E5, 0xFFAFB7E7
dd 0xBFFFAFB5, 0xBFAFFFAF, 0xFFAFA7FF, 0xFFEFA7A5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment