Skip to content

Instantly share code, notes, and snippets.

@hasherezade
Last active Oct 4, 2019
Embed
What would you like to do?
Flare-On Task 12 - string decoder
#include <stdio.h>
#include <windows.h>
#include <peconv.h>
#define EXE_PATH "Z:\\flare\\m.dll"
__int64 (__fastcall *ini_ctx)(BYTE *ctx, BYTE *key, int key_size) = nullptr;
__int64 (__fastcall *decrypt_buf)(BYTE *ctx, BYTE *in_buf, BYTE *out_buf, unsigned int size) = nullptr;
size_t decrypt_string(BYTE *key, unsigned int key_size, BYTE *buf, unsigned int buf_size)
{
BYTE ctx[0x255] = { 0 };
ini_ctx(ctx, key, 4u);
const size_t out_len = decrypt_buf(ctx, buf, buf, buf_size);
return out_len;
}
int main(int argc, char *argv[])
{
size_t v_size = 0;
BYTE *my_exe = peconv::load_pe_executable(EXE_PATH, v_size);//(BYTE*)LoadLibraryA(EXE_PATH);//
if (!my_exe) {
std::cerr << "Loading failed!\n";
return -1;
}
ini_ctx = (__int64(__fastcall *)(BYTE *, BYTE *, int ))((ULONG_PTR)my_exe + 0x4010);
decrypt_buf = (__int64(__fastcall *)(BYTE *, BYTE *, BYTE *, unsigned int ))((ULONG_PTR)my_exe + 0x4120);
BYTE key[4] = { 0x77, 0x46, 0x8Fu, 7 };
BYTE buf[] = { 0xB5u, 0x4A, 0xC8u, 0xB2u, 0x2C, 0xCBu, 0xBEu, 0xB, 0xDBu,0xBDu, 0x6C, 0};
size_t res = decrypt_string(key, 4, buf, 0xB);
if (!res) {
std::cerr << "Decryption failed!\n";
return -2;
}
std::cout << (char*)buf << "\n";
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment