robvinson/parse_encrypt_dump_file.c

## parse_encrypt_dump_file.c
/*

To be used with an output file created by breaking
on the encrypt function with gdb, and grabbing it's
parameter:

attach --waitfor SomeProgram
break encrypt
commands
silent
printf "encrypt called\n"
if $r1==0
set $f = (void *)fopen("/tmp/encrypt_dump", "a")
call (int)fwrite((char *)$r0, 1, 64, (void *)$f)
call (int)fclose((void *)$f)
else
printf "\tdecrypting\n"
end
c
end
*/


#include <stdio.h>
#include <string.h>
#include <stdlib.h>

/* usage:
 * ./parse_dump_file dump_file out_file
 */

int main(int argc, char **argv) {
  FILE *enc_dump = NULL;
	FILE *out_file = NULL;
	long out_file_size = 0;
	char *parsed_buff = NULL;

	/* open dump file and find it's size */
	enc_dump = fopen(argv[1], "r");

	fseek(enc_dump, 0L, SEEK_END);
	out_file_size = ftell(enc_dump)/8;
	fseek(enc_dump, 0L, SEEK_SET);

	/* allocate some memory to put our results in */
	parsed_buff = (char *) malloc((size_t)out_file_size);

	char working_chars[8];
	int pos = 0;
	while(fread(working_chars, 1, 8, enc_dump) > 0) {
		/* iterate through 8 dump chars to pull out the bits */
		int bit_shift = 7;
		int i;
		for(i=0; i<8; i++) { /* iterate through the working chars */
			parsed_buff[pos] = (parsed_buff[pos] | (working_chars[i] << bit_shift));
			bit_shift--;
		}
		pos++;
		memset(working_chars, 0, 8);
	}
	fclose(enc_dump);

	out_file = fopen(argv[2], "w");
	fwrite(parsed_buff, 1, out_file_size, out_file);
	fclose(out_file);
}
	/*

	To be used with an output file created by breaking
	on the encrypt function with gdb, and grabbing it's
	parameter:

	attach --waitfor SomeProgram
	break encrypt
	commands
	silent
	printf "encrypt called\n"
	if $r1==0
	set $f = (void *)fopen("/tmp/encrypt_dump", "a")
	call (int)fwrite((char )$r0, 1, 64, (void )$f)
	call (int)fclose((void *)$f)
	else
	printf "\tdecrypting\n"
	end
	c
	end
	*/


	#include <stdio.h>
	#include <string.h>
	#include <stdlib.h>

	/* usage:
	* ./parse_dump_file dump_file out_file
	*/

	int main(int argc, char **argv) {
	FILE *enc_dump = NULL;
	FILE *out_file = NULL;
	long out_file_size = 0;
	char *parsed_buff = NULL;

	/* open dump file and find it's size */
	enc_dump = fopen(argv[1], "r");

	fseek(enc_dump, 0L, SEEK_END);
	out_file_size = ftell(enc_dump)/8;
	fseek(enc_dump, 0L, SEEK_SET);

	/* allocate some memory to put our results in */
	parsed_buff = (char *) malloc((size_t)out_file_size);

	char working_chars[8];
	int pos = 0;
	while(fread(working_chars, 1, 8, enc_dump) > 0) {
	/* iterate through 8 dump chars to pull out the bits */
	int bit_shift = 7;
	int i;
	for(i=0; i<8; i++) { /* iterate through the working chars */
	parsed_buff[pos] = (parsed_buff[pos] \| (working_chars[i] << bit_shift));
	bit_shift--;
	}
	pos++;
	memset(working_chars, 0, 8);
	}
	fclose(enc_dump);

	out_file = fopen(argv[2], "w");
	fwrite(parsed_buff, 1, out_file_size, out_file);
	fclose(out_file);
	}