Last active
December 19, 2015 15:49
-
-
Save robvinson/5979449 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
To be used with an output file created by breaking | |
on the encrypt function with gdb, and grabbing it's | |
parameter: | |
attach --waitfor SomeProgram | |
break encrypt | |
commands | |
silent | |
printf "encrypt called\n" | |
if $r1==0 | |
set $f = (void *)fopen("/tmp/encrypt_dump", "a") | |
call (int)fwrite((char *)$r0, 1, 64, (void *)$f) | |
call (int)fclose((void *)$f) | |
else | |
printf "\tdecrypting\n" | |
end | |
c | |
end | |
*/ | |
#include <stdio.h> | |
#include <string.h> | |
#include <stdlib.h> | |
/* usage: | |
* ./parse_dump_file dump_file out_file | |
*/ | |
int main(int argc, char **argv) { | |
FILE *enc_dump = NULL; | |
FILE *out_file = NULL; | |
long out_file_size = 0; | |
char *parsed_buff = NULL; | |
/* open dump file and find it's size */ | |
enc_dump = fopen(argv[1], "r"); | |
fseek(enc_dump, 0L, SEEK_END); | |
out_file_size = ftell(enc_dump)/8; | |
fseek(enc_dump, 0L, SEEK_SET); | |
/* allocate some memory to put our results in */ | |
parsed_buff = (char *) malloc((size_t)out_file_size); | |
char working_chars[8]; | |
int pos = 0; | |
while(fread(working_chars, 1, 8, enc_dump) > 0) { | |
/* iterate through 8 dump chars to pull out the bits */ | |
int bit_shift = 7; | |
int i; | |
for(i=0; i<8; i++) { /* iterate through the working chars */ | |
parsed_buff[pos] = (parsed_buff[pos] | (working_chars[i] << bit_shift)); | |
bit_shift--; | |
} | |
pos++; | |
memset(working_chars, 0, 8); | |
} | |
fclose(enc_dump); | |
out_file = fopen(argv[2], "w"); | |
fwrite(parsed_buff, 1, out_file_size, out_file); | |
fclose(out_file); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment