Created
May 19, 2014 13:49
-
-
Save huyphan/959e58a3baa63368d310 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <iostream> | |
| #include <cstdint> | |
| using namespace std; | |
| typedef uint8_t CHAR; | |
| typedef uint16_t WORD; | |
| typedef uint32_t DWORD; | |
| typedef int8_t BYTE; | |
| typedef int16_t SHORT; | |
| typedef int32_t LONG; | |
| typedef LONG INT; | |
| typedef INT BOOL; | |
| typedef unsigned long long ull; | |
| #define SAR(x,y) ((x)>=0) ? ((x)>>(y)) : (~(~(x)>>(y))) | |
| #define LOBYTE(w) ((BYTE)(((w)) & 0xff)) | |
| #define LOWORD(_dw) ((WORD)(((_dw)) & 0xffff)) | |
| #define HIWORD(_dw) ((WORD)((((_dw)) >> 16) & 0xffff)) | |
| #define LODWORD(_qw) ((DWORD)(_qw)) | |
| #define HIDWORD(_qw) ((DWORD)(((_qw) >> 32) & 0xffffffff)) | |
| ull calc(ull rdi, CHAR* rsi, unsigned long long rdx, unsigned long long rcx) { | |
| ull var_m4 = LODWORD(rdi); | |
| CHAR* var_m16 = rsi; | |
| ull var_m24 = rdx; | |
| ull var_m32 = rcx; | |
| var_m4 = var_m4 | LODWORD(LODWORD(LOBYTE(LODWORD(SAR(LODWORD(LOBYTE(*(int8_t *)(var_m16 + 0x1 + var_m32 + (var_m24 >> 0x3)) & 0xff) & 0xff), LOBYTE(LODWORD(LODWORD(0x8) - LODWORD(LODWORD(var_m24) & 0x7))))) | LODWORD(LODWORD(LOBYTE(*(int8_t *)(var_m16 + (var_m24 >> 0x3) + var_m32) & 0xff) & 0xff) << LOBYTE(LODWORD(LODWORD(var_m24) & 0x7)))) & 0xff) << LOBYTE(LODWORD(LODWORD(LODWORD(LODWORD(0x0) - LODWORD(var_m32)) << 0x3) + 0x18))); | |
| ull rax = var_m4; | |
| return rax; | |
| } | |
| ull loop(ull rdi, CHAR* rsi, CHAR* rdx) { | |
| ull var_16 = rdi; | |
| CHAR* var_8 = rsi; | |
| CHAR* char_array = rdx; | |
| ull var_36 = 0x0; | |
| ull var_32 = 0x0; | |
| ull var_80 = var_16 - 0x20; | |
| ull var_40 = 0x0; | |
| ull rax = var_40; | |
| while (var_40 < var_80) { | |
| var_36 = 0x0; | |
| ull var_56 = 0x0; | |
| while (var_56 <= 0x3) { | |
| var_36 = LODWORD(calc(LODWORD(var_36), var_8, var_40, var_56)); | |
| var_56 = var_56 + 0x1; | |
| } | |
| ull var_48 = 0x0; | |
| while (var_48 < var_80) { | |
| var_32 = 0x0; | |
| ull var_64 = 0x0; | |
| while (var_64 <= 0x3) { | |
| var_32 = LODWORD(calc(LODWORD(var_32), var_8, var_48, var_64)); | |
| var_64 = var_64 + 0x1; | |
| } | |
| var_32 = var_32 ^ LODWORD(var_36); | |
| ull var_72 = 0x0; | |
| while (var_72 <= 0x3) { | |
| *(int8_t *)(char_array + (var_48 + var_80 * var_40) * 0x4 + var_72) = LOBYTE(LODWORD(LODWORD(var_32) >> LOBYTE(LODWORD(LODWORD(LODWORD(LODWORD(0x0) - LODWORD(var_72)) << 0x3) + 0x18)))); | |
| //cout<<(var_48 + var_80 * var_40) * 0x4 + var_72<<endl; | |
| //*(int8_t *)(var_0 + (var_48 + var_80 * var_40) * 0x4 + var_72) = 100; | |
| var_72 = var_72 + 0x1; | |
| } | |
| var_48 = var_48 + 0x1; | |
| } | |
| var_40 = var_40 + 0x1; | |
| } | |
| return rax; | |
| } | |
| ull new_loop(ull rdi, CHAR* rsi, ull my_index) { | |
| ull var_16 = rdi; | |
| CHAR* var_8 = rsi; | |
| ull var_36 = 0x0; | |
| ull var_32 = 0x0; | |
| ull var_80 = var_16 - 0x20; | |
| ull var_40 = 0x0; | |
| ull rax = var_40; | |
| ull var_48 = 0x0; | |
| ull var_72 = my_index % 4; | |
| var_40 = (my_index / 4) / var_80; | |
| var_48 = (my_index / 4) - var_80*var_40; | |
| var_36 = 0x0; | |
| ull var_56 = 0x0; | |
| while (var_56 <= 0x3) { | |
| var_36 = LODWORD(calc(LODWORD(var_36), var_8, var_40, var_56)); | |
| var_56 = var_56 + 0x1; | |
| } | |
| var_32 = 0x0; | |
| ull var_64 = 0x0; | |
| while (var_64 <= 0x3) { | |
| var_32 = LODWORD(calc(LODWORD(var_32), var_8, var_48, var_64)); | |
| var_64 = var_64 + 0x1; | |
| } | |
| var_32 = var_32 ^ LODWORD(var_36); | |
| return LOBYTE(LODWORD(LODWORD(var_32) >> LOBYTE(LODWORD(LODWORD(LODWORD(LODWORD(0x0) - LODWORD(var_72)) << 0x3) + 0x18)))); | |
| } | |
| ull get_byte(ull my_index, ull seed, CHAR* static_buffer) { | |
| return new_loop(seed, static_buffer, my_index); | |
| } | |
| int main() { | |
| // var_40 = 0x0; | |
| // var_48 = 0x0; | |
| // var_56 = 0x0; | |
| // var_64 = 0x0; | |
| // long long var_72 = LODWORD(LODWORD(LODWORD(*(int32_t *)0x100) + 0x1ffffffc) << 0x3); | |
| // var_80 = (var_72 * var_72 << 0x2) - 0x20; | |
| // var_88 = var_72 * var_72 << 0x2; | |
| // var_56 = operator new[](var_72 * var_72 << 0x2); | |
| // var_64 = operator new[](0x26); | |
| // var_96 = var_80 * var_80 << 0x2; | |
| // loop(var_72, __randpad, var_56); | |
| // var_104 = operator new[](0x130); | |
| // var_24 = LODWORD(_open("/dev/urandom", 0x0)); | |
| // _puts("OTP locations:"); | |
| // var_12 = 0x0; | |
| int var_40 = 0; | |
| int var_48 = 0; | |
| CHAR __randpad[] = {252, 138, 69, 81, 103, 140, 169, 192, 176, 253, 247, 111, 184, 80, 241, 47, 122, 98, 102, 227, 211, 195, 110, 190, 55, 57, 51, 104, 59, 198, 118, 30, 174, 170, 131, 237, 87, 26, 241, 41, 230, 193, 185, 158, 221, 162, 134, 44, 26, 220, 73, 157, 130, 1, 213, 58, 181, 211, 51, 18, 28, 206, 148, 43, 195, 176, 108, 188, 70, 115, 57, 94, 123, 199, 180, 158, 86, 240, 173, 114, 94, 131, 199, 5, 197, 233, 46, 133, 136, 121, 148, 247, 231, 172, 52, 254, 92, 206, 46, 19, 241, 204, 142, 234, 96, 131, 190, 220, 74, 187, 232, 223, 101, 32, 239, 68, 173, 250, 214, 18, 131, 213, 220, 148, 173, 31, 225, 95, 232, 250, 126, 63, 218, 97, 227, 223, 171, 91, 79, 42, 108, 36, 130, 173, 23, 137, 186, 41, 185, 70, 52, 116, 100, 247, 69, 34, 141, 175, 51, 214, 82, 181, 222, 16, 228, 83, 93, 150, 183, 226, 46, 203, 177, 117, 188, 116, 90, 33, 41, 140, 87, 179, 22, 94, 199, 200, 194, 38, 53, 72, 45, 60, 96, 123, 93, 221, 168, 41, 97, 25, 208, 239, 238, 109, 4, 221, 32, 81, 149, 29, 1, 225, 218, 218, 180, 165, 70, 217, 203, 175, 86, 181, 32, 5, 208, 107, 210, 34, 33, 47, 45, 211, 115, 151, 86, 137, 174, 172, 2, 182, 53, 210, 20, 135, 198, 73, 223, 14, 23, 133, 100, 229, 175, 110, 147, 97}; | |
| long long var_72 = LODWORD(LODWORD(LODWORD(0x100) + 0x1ffffffc) << 0x3); | |
| long long var_80 = (var_72 * var_72 << 0x2) - 0x20; | |
| long long var_88 = (var_72 * var_72) << 0x2; | |
| CHAR* var_56 = (CHAR*) malloc((var_72 * var_72) << 0x2); | |
| CHAR* var_64 = (CHAR*) malloc(0x26); | |
| long long var_96 = (var_80 * var_80) << 0x2; | |
| loop(var_72, __randpad, var_56); | |
| long long var_104[] = {0x0003477c0b80aa0f,0x00008985a385bd8e,0x000371f572962c37,0x0001bec6d1d1f7a6,0x000060f32eb8e2d1,0x00017c9388cc842b,0x00032d90a11d5d21,0x000251507644d55f,0x00017c68d0574f1d,0x0000b8e89a3578ac,0x00000ca6feed8082,0x00019427cd14b5cc,0x0001a1a87d1bb359,0x00014faacfe5a0c8,0x0002c42a8dbeb737,0x00016f216470ceb3,0x000245315dfb25a4,0x0000efb06475b013,0x00025d89b8e236e3,0x0001f7662e82c9b5,0x00031ff7762b2aff,0x0003204571d5ab11,0x000223c745c63639,0x00029662377d9a29,0x00019ad590c4492a,0x00036a5b6796f49b,0x0000763f9c93ab15,0x00018d6630f23f04,0x0001e2a3b45862bc,0x00022308c7c061ae,0x00020bb0bf60bd0b,0x0000576670a02ce7,0x00019ba6d2a8b8ba,0x0002bf9e9862b54b,0x0000e6995ea0b0c0,0x0001e2c33725b271,0x00033a65d06136d0,0x0001505234d0f248}; | |
| int result[] = {0xc6,0x11,0x3e,0x93,0x67,0x6a,0xf2,0xcd,0xfe,0x29,0x0d,0x4d,0xf2,0x8a,0x87,0x48,0x2e,0x81,0x39,0xb7,0x20,0x88,0xc3,0x98,0x21,0x20,0xfb,0x51,0xdc,0xb4,0x2a,0x03,0x7f,0xb7,0x79,0xe6,0x34,0x25}; | |
| for (int var_16 = 0; var_16 < 38; var_16 ++) { | |
| cout << char((result[var_16] ^ LOBYTE(LODWORD(get_byte(*(var_104 + (LODWORD(var_16))), var_88, var_56))))%256); | |
| } | |
| cout<<endl; | |
| return 0; | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment