[求助]这个是什么算法？-密码应用-看雪-安全社区|安全招聘|kanxue.com

[求助]这个是什么算法？

发表于: 2012-11-3 12:28 3787

[求助]这个是什么算法？

songzero

2012-11-3 12:28

3787

44227530   > \8B4424 04     mov     eax, dword ptr [esp+4]                                                  
44227534   .  8B08          mov     ecx, dword ptr [eax]
44227536   .  53            push    ebx
44227537   .  8B5C24 0C     mov     ebx, dword ptr [esp+C]
4422753B   .  55            push    ebp
4422753C   .  8B6C24 14     mov     ebp, dword ptr [esp+14]
44227540   .  8BD3          mov     edx, ebx
44227542   .  56            push    esi
44227543   .  8B70 04       mov     esi, dword ptr [eax+4]
44227546   .  C1EA 03       shr     edx, 3
44227549   .  57            push    edi
4422754A   .  8B7C24 20     mov     edi, dword ptr [esp+20]
4422754E   .  895424 14     mov     dword ptr [esp+14], edx
44227552   .  85D2          test    edx, edx
44227554   .  0F84 AA010000 je      44227704
4422755A   .  8D9B 00000000 lea     ebx, dword ptr [ebx]
44227560   >  41            inc     ecx
44227561   .  81E1 FF000000 and     ecx, 0FF
44227567   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
4422756B   .  03F2          add     esi, edx
4422756D   .  81E6 FF000000 and     esi, 0FF
44227573   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
44227577   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
4422757B   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
4422757F   .  03DA          add     ebx, edx
44227581   .  81E3 FF000000 and     ebx, 0FF
44227587   .  0FB65498 08   movzx   edx, byte ptr [eax+ebx*4+8]
4422758C   .  3255 00       xor     dl, byte ptr [ebp]
4422758F   .  41            inc     ecx
44227590   .  8817          mov     byte ptr [edi], dl
44227592   .  81E1 FF000000 and     ecx, 0FF
44227598   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
4422759C   .  03F2          add     esi, edx
4422759E   .  81E6 FF000000 and     esi, 0FF
442275A4   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
442275A8   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
442275AC   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
442275B0   .  03DA          add     ebx, edx
442275B2   .  81E3 FF000000 and     ebx, 0FF
442275B8   .  0FB65498 08   movzx   edx, byte ptr [eax+ebx*4+8]
442275BD   .  3255 01       xor     dl, byte ptr [ebp+1]
442275C0   .  41            inc     ecx
442275C1   .  8857 01       mov     byte ptr [edi+1], dl
442275C4   .  81E1 FF000000 and     ecx, 0FF
442275CA   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
442275CE   .  03F2          add     esi, edx
442275D0   .  81E6 FF000000 and     esi, 0FF
442275D6   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
442275DA   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
442275DE   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
442275E2   .  03DA          add     ebx, edx
442275E4   .  81E3 FF000000 and     ebx, 0FF
442275EA   .  0FB65498 08   movzx   edx, byte ptr [eax+ebx*4+8]
442275EF   .  3255 02       xor     dl, byte ptr [ebp+2]
442275F2   .  41            inc     ecx
442275F3   .  8857 02       mov     byte ptr [edi+2], dl
442275F6   .  81E1 FF000000 and     ecx, 0FF
442275FC   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
44227600   .  03F2          add     esi, edx
44227602   .  81E6 FF000000 and     esi, 0FF
44227608   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
4422760C   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
44227610   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
44227614   .  03DA          add     ebx, edx
44227616   .  81E3 FF000000 and     ebx, 0FF
4422761C   .  0FB65498 08   movzx   edx, byte ptr [eax+ebx*4+8]
44227621   .  3255 03       xor     dl, byte ptr [ebp+3]
44227624   .  41            inc     ecx
44227625   .  8857 03       mov     byte ptr [edi+3], dl
44227628   .  81E1 FF000000 and     ecx, 0FF
4422762E   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
44227632   .  03F2          add     esi, edx
44227634   .  81E6 FF000000 and     esi, 0FF
4422763A   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
4422763E   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
44227642   .  03DA          add     ebx, edx
44227644   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
44227648   .  81E3 FF000000 and     ebx, 0FF
4422764E   .  0FB65498 08   movzx   edx, byte ptr [eax+ebx*4+8]
44227653   .  3255 04       xor     dl, byte ptr [ebp+4]
44227656   .  41            inc     ecx
44227657   .  8857 04       mov     byte ptr [edi+4], dl
4422765A   .  81E1 FF000000 and     ecx, 0FF
44227660   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
44227664   .  03F2          add     esi, edx
44227666   .  81E6 FF000000 and     esi, 0FF
4422766C   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
44227670   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
44227674   .  03DA          add     ebx, edx
44227676   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
4422767A   .  81E3 FF000000 and     ebx, 0FF
44227680   .  0FB65498 08   movzx   edx, byte ptr [eax+ebx*4+8]
44227685   .  3255 05       xor     dl, byte ptr [ebp+5]
44227688   .  41            inc     ecx
44227689   .  81E1 FF000000 and     ecx, 0FF
4422768F   .  8857 05       mov     byte ptr [edi+5], dl
44227692   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
44227696   .  03F2          add     esi, edx
44227698   .  81E6 FF000000 and     esi, 0FF
4422769E   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
442276A2   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
442276A6   .  03DA          add     ebx, edx
442276A8   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
442276AC   .  81E3 FF000000 and     ebx, 0FF
442276B2   .  0FB65498 08   movzx   edx, byte ptr [eax+ebx*4+8]
442276B7   .  3255 06       xor     dl, byte ptr [ebp+6]
442276BA   .  41            inc     ecx
442276BB   .  8857 06       mov     byte ptr [edi+6], dl
442276BE   .  81E1 FF000000 and     ecx, 0FF
442276C4   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
442276C8   .  03F2          add     esi, edx
442276CA   .  81E6 FF000000 and     esi, 0FF
442276D0   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
442276D4   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
442276D8   .  03DA          add     ebx, edx
442276DA   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
442276DE   .  81E3 FF000000 and     ebx, 0FF
442276E4   .  0FB65498 08   movzx   edx, byte ptr [eax+ebx*4+8]
442276E9   .  3255 07       xor     dl, byte ptr [ebp+7]
442276EC   .  83C5 08       add     ebp, 8
442276EF   .  8857 07       mov     byte ptr [edi+7], dl
442276F2   .  83C7 08       add     edi, 8
442276F5   .  836C24 14 01  sub     dword ptr [esp+14], 1
442276FA   .^ 0F85 60FEFFFF jnz     44227560
44227700   .  8B5C24 18     mov     ebx, dword ptr [esp+18]
44227704   >  83E3 07       and     ebx, 7
44227707   .  895C24 14     mov     dword ptr [esp+14], ebx
4422770B   .  0F84 DA010000 je      442278EB
44227711   .  41            inc     ecx
44227712   .  81E1 FF000000 and     ecx, 0FF
44227718   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
4422771C   .  03F2          add     esi, edx
4422771E   .  81E6 FF000000 and     esi, 0FF
44227724   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
44227728   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
4422772C   .  03DA          add     ebx, edx
4422772E   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
44227732   .  81E3 FF000000 and     ebx, 0FF
44227738   .  8A5498 08     mov     dl, byte ptr [eax+ebx*4+8]
4422773C   .  3255 00       xor     dl, byte ptr [ebp]
4422773F   .  836C24 14 01  sub     dword ptr [esp+14], 1
44227744   .  8817          mov     byte ptr [edi], dl
44227746   .  0F84 9F010000 je      442278EB
4422774C   .  8D6424 00     lea     esp, dword ptr [esp]
44227750   >  41            inc     ecx
44227751   .  81E1 FF000000 and     ecx, 0FF
44227757   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
4422775B   .  03F2          add     esi, edx
4422775D   .  81E6 FF000000 and     esi, 0FF
44227763   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
44227767   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
4422776B   .  03DA          add     ebx, edx
4422776D   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
44227771   .  81E3 FF000000 and     ebx, 0FF
44227777   .  8A5498 08     mov     dl, byte ptr [eax+ebx*4+8]
4422777B   .  3255 01       xor     dl, byte ptr [ebp+1]
4422777E   .  836C24 14 01  sub     dword ptr [esp+14], 1
44227783   .  8857 01       mov     byte ptr [edi+1], dl
44227786   .  0F84 5F010000 je      442278EB
4422778C   .  41            inc     ecx
4422778D   .  81E1 FF000000 and     ecx, 0FF
44227793   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
44227797   .  03F2          add     esi, edx
44227799   .  81E6 FF000000 and     esi, 0FF
4422779F   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
442277A3   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
442277A7   .  03DA          add     ebx, edx
442277A9   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
442277AD   .  81E3 FF000000 and     ebx, 0FF
442277B3   .  8A5498 08     mov     dl, byte ptr [eax+ebx*4+8]
442277B7   .  3255 02       xor     dl, byte ptr [ebp+2]
442277BA   .  836C24 14 01  sub     dword ptr [esp+14], 1
442277BF   .  8857 02       mov     byte ptr [edi+2], dl
442277C2   .  0F84 23010000 je      442278EB
442277C8   .  41            inc     ecx
442277C9   .  81E1 FF000000 and     ecx, 0FF
442277CF   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
442277D3   .  03F2          add     esi, edx
442277D5   .  81E6 FF000000 and     esi, 0FF
442277DB   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
442277DF   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
442277E3   .  03DA          add     ebx, edx
442277E5   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
442277E9   .  81E3 FF000000 and     ebx, 0FF
442277EF   .  8A5498 08     mov     dl, byte ptr [eax+ebx*4+8]
442277F3   .  3255 03       xor     dl, byte ptr [ebp+3]
442277F6   .  836C24 14 01  sub     dword ptr [esp+14], 1
442277FB   .  8857 03       mov     byte ptr [edi+3], dl
442277FE   .  0F84 E7000000 je      442278EB
44227804   .  41            inc     ecx
44227805   .  81E1 FF000000 and     ecx, 0FF
4422780B   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
4422780F   .  03F2          add     esi, edx
44227811   .  81E6 FF000000 and     esi, 0FF
44227817   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
4422781B   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
4422781F   .  03DA          add     ebx, edx
44227821   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
44227825   .  81E3 FF000000 and     ebx, 0FF
4422782B   .  8A5498 08     mov     dl, byte ptr [eax+ebx*4+8]
4422782F   .  3255 04       xor     dl, byte ptr [ebp+4]
44227832   .  836C24 14 01  sub     dword ptr [esp+14], 1
44227837   .  8857 04       mov     byte ptr [edi+4], dl
4422783A   .  0F84 AB000000 je      442278EB
44227840   .  41            inc     ecx
44227841   .  81E1 FF000000 and     ecx, 0FF
44227847   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
4422784B   .  03F2          add     esi, edx
4422784D   .  81E6 FF000000 and     esi, 0FF
44227853   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
44227857   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
4422785B   .  03DA          add     ebx, edx
4422785D   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
44227861   .  81E3 FF000000 and     ebx, 0FF
44227867   .  8A5498 08     mov     dl, byte ptr [eax+ebx*4+8]
4422786B   .  3255 05       xor     dl, byte ptr [ebp+5]
4422786E   .  836C24 14 01  sub     dword ptr [esp+14], 1
44227873   .  8857 05       mov     byte ptr [edi+5], dl
44227876   .  74 73         je      short 442278EB
44227878   .  41            inc     ecx
44227879   .  81E1 FF000000 and     ecx, 0FF
4422787F   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
44227883   .  03F2          add     esi, edx
44227885   .  81E6 FF000000 and     esi, 0FF
4422788B   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
4422788F   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
44227893   .  03DA          add     ebx, edx
44227895   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
44227899   .  81E3 FF000000 and     ebx, 0FF
4422789F   .  8A5498 08     mov     dl, byte ptr [eax+ebx*4+8]
442278A3   .  3255 06       xor     dl, byte ptr [ebp+6]
442278A6   .  836C24 14 01  sub     dword ptr [esp+14], 1
442278AB   .  8857 06       mov     byte ptr [edi+6], dl
442278AE   .  74 3B         je      short 442278EB
442278B0   .  41            inc     ecx
442278B1   .  81E1 FF000000 and     ecx, 0FF
442278B7   .  8B5488 08     mov     edx, dword ptr [eax+ecx*4+8]
442278BB   .  03F2          add     esi, edx
442278BD   .  81E6 FF000000 and     esi, 0FF
442278C3   .  8B5CB0 08     mov     ebx, dword ptr [eax+esi*4+8]
442278C7   .  895C88 08     mov     dword ptr [eax+ecx*4+8], ebx
442278CB   .  03DA          add     ebx, edx
442278CD   .  8954B0 08     mov     dword ptr [eax+esi*4+8], edx
442278D1   .  81E3 FF000000 and     ebx, 0FF
442278D7   .  8A5498 08     mov     dl, byte ptr [eax+ebx*4+8]
442278DB   .  3255 00       xor     dl, byte ptr [ebp]
442278DE   .  836C24 14 01  sub     dword ptr [esp+14], 1
442278E3   .  8817          mov     byte ptr [edi], dl
442278E5   .^ 0F85 65FEFFFF jnz     44227750
442278EB   >  5F            pop     edi
442278EC   .  8970 04       mov     dword ptr [eax+4], esi
442278EF   .  5E            pop     esi
442278F0   .  5D            pop     ebp
442278F1   .  8908          mov     dword ptr [eax], ecx
442278F3   .  5B            pop     ebx
442278F4   .  C3            retn

通过跟踪发现此函数是做加、解密数据操作的。但是实在不清楚是什么算法，哪位可以看出来么？

[课程]FART 脱壳王！加量不加价！FART作者讲授！

收藏・0

免费・0

支持

最新回复 (2)
gkdark 雪币： 199 活跃值： (65) 能力值： ( LV5，RANK：70 ) 在线值：发帖 22 回帖 308 粉丝 0 关注私信	gkdark 1 2 楼上来就一堆代码，谁愿意看啊！多少要讲讲这个函数有多少参数，参数的数据什么提供以下，提供以下加密前后的数据！ 2012-11-3 14:33 0
songzero 雪币： 0 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 3 回帖 4 粉丝 0 关注私信	songzero 3 楼搞出来了，是rc4算法 2012-11-5 12:30 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

songzero

发帖

回帖

RANK

关注

私信

他的文章

关于我们

联系我们

企业服务

看雪公众号

最新回复 (2)
gkdark 雪币： 199 活跃值： (65) 能力值： ( LV5，RANK：70 ) 在线值：发帖 22 回帖 308 粉丝 0 关注私信	gkdark 1 2 楼上来就一堆代码，谁愿意看啊！多少要讲讲这个函数有多少参数，参数的数据什么提供以下，提供以下加密前后的数据！ 2012-11-3 14:33 0
songzero 雪币： 0 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 3 回帖 4 粉丝 0 关注私信	songzero 3 楼搞出来了，是rc4算法 2012-11-5 12:30 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复