首页
社区
课程
招聘
[原创]BASE64解密代码(ASM)
发表于: 2013-8-28 23:54 13002

[原创]BASE64解密代码(ASM)

2013-8-28 23:54
13002

全部自己编写,所以bug多多
CrackBase64 proc

xor ecx,ecx
xor ebx,ebx
xor edx,edx
xor ebp,ebp

.while(ecx<Hex_sum) ;Hex_sum 密文长度
  shr ecx,2;寄存器不够用,经此而已
  
  mov eax,[lpBuffer] ;lpBuffer密文字符串地址(指针)
  mov eax,[eax+ecx*4]
  xor edx,edx
  xor ebx,ebx
  .while(edx<4)
   .if(al>=41h && al<=5ah)
    sub al,41h
   .elseif (al>=61h && al<=7ah)
    sub al,47h
   .elseif (al>=30h && al<=39h)
    add al,4
   .elseif(al==2bh)
    mov al,3eh
   .elseif (al==2fh)
    mov al,3fh
   .elseif(al==3dh)
    mov al,00h
   .else
   
   .endif
   mov ebp,eax
   and ebp,3FH
   add ebx,ebp
   rol ebx,6
   ror eax,8
   inc edx
  .endw
  shr ebx,6
  mov ebp,ecx
  add ebp,ecx
  add ebp,ecx
  
  add ebp,lpBufferTemp (目标地址) (指针)
  rol ebx ,10H
  mov [ebp],bl
  rol ebx,8
  
  inc ebp
  
  mov [ebp],bl
  rol ebx,8
  
  inc ebp
  mov [ebp],bl
  
  inc ebp
  
  inc ecx
  shl ecx,2
.endw

ret
CrackBase64 endp


[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

收藏
免费 5
支持
分享
最新回复 (4)
雪    币: 6580
活跃值: (4536)
能力值: ( LV7,RANK:110 )
在线值:
发帖
回帖
粉丝
2
感谢分享,
2013-8-29 07:39
0
雪    币: 11086
活跃值: (17612)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
支持楼主分享汇编源代码
2013-8-29 08:54
0
雪    币: 3
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
4
楼主好人啊~
2013-8-29 09:47
0
雪    币: 45
活跃值: (55)
能力值: ( LV3,RANK:30 )
在线值:
发帖
回帖
粉丝
5
正巧刚刚在做一个Base64的CrackMe。逆出来的代码太难看了 ,呵呵
#include <stdio.h>

unsigned char Table[500]={0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x3E,0xFF,0xFF,0xFF,0x3F,0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF
,0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF
,0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF
,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
,0x02,0x00,0x00,0x00,0x57,0xF6,0x84,0xDC,0xA8,0x09,0x7B,0x23,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF};

void Base64(char *szUserName, char *szResult);
void main()
{
	char szUser[]={"QUFodHRwOi8vbWRsMTAubXlkb3duLmNvbS95dWxlLzIwMDcwMS8yMDA3bXQuV01WWlo="};
	char szResult[20]={""};
	Base64(szUser,szResult);
	printf("%s\n",szResult);
}

void Base64(char *szUserName, char *szResult)
{
	unsigned int i,j=0,k;
	unsigned int eax,ebx,ecx,edx,ebp;
	unsigned char al,ah,bl,bh,cl,ch,dl,dh;
	unsigned char c;
	
	i=0;
	
	while(c!=0)
	{
		c=szUserName[i];
		i=i+4;
	}
	eax=0x3D;
	al=eax & 0xFF;
	ah=(eax & 0xFF00)>>8;

	ebp=i-4;
	if(ebp==0)
		return;
	if(al==szUserName[ebp-1])
	{
		dl=1;
		szUserName[ebp-1]=ah;
	}
	else{dl=0;}
	if(al==szUserName[ebp-2])
	{
		al=1;
		szUserName[ebp-1]=ah;
	}
	else{al=0;}
	al=al+dl;
	eax=al;
	ebp=ebp/4;
	edx=ebp+ebp*2;
	edx=edx-eax;
	while(ebp!=0)
	{
		ecx=*((int*)szUserName);

		cl=ecx & 0xFF;
		ch=(ecx & 0xFF00)>>8;
		al=Table[cl];
		ah=Table[ch];
		
		ecx=ecx>>16;
		cl=ecx & 0x000000FF;
		ch=(ecx & 0x0000FF00)>>8;

		szUserName=szUserName+4;
		
		bl=Table[cl];
		bh=Table[ch];
		
		dl=ah;
		dh=bl;
		
		al=al<<2;
		bl=bl>>2;
		dh=dh<<6;
		ah=ah<<4;
		dl=dl>>4;
		
		bh=bh | dh;
		al=al | dl;
		ah=ah | bl;
		
		szResult[j]=al;
		szResult[j+2]=bh;
		szResult[j+1]=ah;
		j=j+3;
		
		ebp--;
	}
	szResult[j]='\0';
}
2013-8-29 17:01
0
游客
登录 | 注册 方可回帖
返回
//