[求助]大神帮忙看看这个伪c代码，里面的加密是怎么做的？-付费问答-看雪-安全社区|安全招聘|kanxue.com

[旧帖] [求助]大神帮忙看看这个伪c代码，里面的加密是怎么做的？ 0.00雪花

发表于: 2016-6-20 21:03 1759

[旧帖] [求助]大神帮忙看看这个伪c代码，里面的加密是怎么做的？ 0.00雪花

wudandan

2016-6-20 21:03

1759

int Sign(int a1, int a2, int a3, int a4, int a5)
{
  int v5; // r3@3
  size_t v6; // r0@8
  int v7; // r6@8
  int v8; // r0@8
  int v9; // r6@10
  int v10; // r0@10
  int result; // r0@13
  int v12; // [sp+10h] [bp-1B24h]@1
  int v13; // [sp+14h] [bp-1B20h]@1
  int v14; // [sp+18h] [bp-1B1Ch]@1
  int v15; // [sp+1Ch] [bp-1B18h]@1
  int v16; // [sp+20h] [bp-1B14h]@8
  int v17; // [sp+24h] [bp-1B10h]@4
  const char *v18; // [sp+28h] [bp-1B0Ch]@4
  int v19; // [sp+2Ch] [bp-1B08h]@4
  int v20; // [sp+30h] [bp-1B04h]@8
  int v21; // [sp+34h] [bp-1B00h]@10
  int v22; // [sp+38h] [bp-1AFCh]@12
  int v23; // [sp+3Ch] [bp-1AF8h]@4
  int v24; // [sp+40h] [bp-1AF4h]@4
  int v25; // [sp+44h] [bp-1AF0h]@4
  int v26; // [sp+48h] [bp-1AECh]@4
  int v27; // [sp+4Ch] [bp-1AE8h]@4
  int v28; // [sp+50h] [bp-1AE4h]@4
  int v29; // [sp+54h] [bp-1AE0h]@4
  int v30; // [sp+58h] [bp-1ADCh]@4
  int v31; // [sp+5Ch] [bp-1AD8h]@4
  int v32; // [sp+60h] [bp-1AD4h]@4
  int v33; // [sp+64h] [bp-1AD0h]@4
  int v34; // [sp+68h] [bp-1ACCh]@4
  int v35; // [sp+6Ch] [bp-1AC8h]@4
  int v36; // [sp+70h] [bp-1AC4h]@4
  int v37; // [sp+74h] [bp-1AC0h]@4
  int v38; // [sp+78h] [bp-1ABCh]@4
  int v39; // [sp+7Ch] [bp-1AB8h]@4
  int v40; // [sp+80h] [bp-1AB4h]@4
  int v41; // [sp+84h] [bp-1AB0h]@4
  int v42; // [sp+88h] [bp-1AACh]@4
  int v43; // [sp+8Ch] [bp-1AA8h]@4
  int v44; // [sp+90h] [bp-1AA4h]@4
  int v45; // [sp+94h] [bp-1AA0h]@4
  int v46; // [sp+98h] [bp-1A9Ch]@4
  int v47; // [sp+9Ch] [bp-1A98h]@4
  int v48; // [sp+A0h] [bp-1A94h]@4
  int v49; // [sp+A4h] [bp-1A90h]@4
  int v50; // [sp+A8h] [bp-1A8Ch]@4
  int v51; // [sp+ACh] [bp-1A88h]@4
  int v52; // [sp+B0h] [bp-1A84h]@4
  int v53; // [sp+B4h] [bp-1A80h]@4
  int v54; // [sp+B8h] [bp-1A7Ch]@4
  int v55; // [sp+BCh] [bp-1A78h]@4
  int v56; // [sp+C0h] [bp-1A74h]@4
  int v57; // [sp+C4h] [bp-1A70h]@4
  int v58; // [sp+C8h] [bp-1A6Ch]@4
  int v59; // [sp+CCh] [bp-1A68h]@4
  int v60; // [sp+D0h] [bp-1A64h]@4
  int v61; // [sp+D4h] [bp-1A60h]@4
  int v62; // [sp+D8h] [bp-1A5Ch]@4
  int v63; // [sp+DCh] [bp-1A58h]@4
  int v64; // [sp+11Ch] [bp-1A18h]@4
  int v65; // [sp+31Ch] [bp-1818h]@4
  int v66; // [sp+51Ch] [bp-1618h]@4
  int v67; // [sp+71Ch] [bp-1418h]@4
  int v68; // [sp+91Ch] [bp-1218h]@4
  int v69; // [sp+B1Ch] [bp-1018h]@1
  int v70; // [sp+1B1Ch] [bp-18h]@1

  v15 = a1;
  v14 = a2;
  v13 = a3;
  v12 = a4;
  v70 = _stack_chk_guard;
  memset(&v69, 0, 0x1000u);
  if ( v12 && a5 )
  {
v23 = 0;
v24 = 0;
v25 = 0;
v26 = 0;
v27 = 0;
v28 = 0;
v29 = 0;
v30 = 0;
v31 = 0;
v32 = 0;
v33 = 0;
v34 = 0;
v35 = 0;
v36 = 0;
v37 = 0;
v38 = 0;
v39 = 0;
v40 = 0;
v41 = 0;
v42 = 0;
v43 = 0;
v44 = 0;
v45 = 0;
v46 = 0;
v47 = 0;
v48 = 0;
v49 = 0;
v50 = 0;
v51 = 0;
v52 = 0;
v53 = 0;
v54 = 0;
v55 = 0;
v56 = 0;
v57 = 0;
v58 = 0;
v59 = 0;
v60 = 0;
v61 = 0;
v62 = 0;
memset(&v63, 0, 0x40u);
memset(&v64, 0, 0x200u);
memset(&v65, 0, 0x200u);
memset(&v67, 0, 0x200u);
memset(&v66, 0, 0x200u);
memset(&v68, 0, 0x200u);
v17 = (*(int (__fastcall **)(int, int, _DWORD))(*(_DWORD *)v15 + 676))(v15, v12, 0);
v18 = (const char *)(*(int (__fastcall **)(int, int, _DWORD))(*(_DWORD *)v15 + 676))(v15, a5, 0);
v19 = getAndroidSubscribeID(v15, v14, v13, &v23);
if ( v19 )
{
   _android_log_write(5, "auth sign", "madana!!!!!!!!!");
   v5 = 0;
}
else
{
   v19 = getAndroidDeviceID(v15, v14, v13, &v63);
   if ( v19 )
   {
      _android_log_write(5, "auth sign", "ooooop!!!!!!!!!!!");
      v5 = 0;
   }
   else
   {
      sprintf((char *)&v69, "%s&deviceid=%s&imsi=%s", v17, &v63, &v23);
      v6 = strlen(v18);
      v20 = hex_decode(v18, v6);
      v16 = 0;
      v7 = strlen((const char *)&v69);
      v8 = strlen((const char *)v20);
      v19 = EncryptData(v7, (int)&v69, v8, v20, (int)&v16, (int)&v65);
      if ( v19 )
      {
      _android_log_write(5, "auth sign", "crypt fail");
      v5 = 0;
      }
      else
      {
      base64_encode(&v65, v16, &v66);
      v16 = 0;
      v21 = hex_decode("61eaed2b815e4b878d6d9b20a60142b9", 32);
      v9 = strlen((const char *)&v66);
      v10 = strlen((const char *)v21);
      v19 = EncryptData(v9, (int)&v66, v10, v21, (int)&v16, (int)&v67);
      if ( v19 )
      {
         _android_log_write(5, "auth sign", "crypt fail");
         v5 = 0;
      }
      else
      {
         base64_encode(&v67, v16, &v68);
         v22 = (*(int (__fastcall **)(int, int *))(*(_DWORD *)v15 + 668))(v15, &v68);
         (*(void (__fastcall **)(int, int, int))(*(_DWORD *)v15 + 680))(v15, v12, v17);
         (*(void (__fastcall **)(int, int, const char *))(*(_DWORD *)v15 + 680))(v15, a5, v18);
         free((void *)v20);
         v20 = 0;
         free((void *)v21);
         v21 = 0;
         v5 = v22;
      }
      }
   }
}
  }
  else
  {
_android_log_write(5, "auth sign", "authSign invalid param");
v5 = 0;
  }
  result = v5;
  if ( v70 != _stack_chk_guard )
_stack_chk_fail(v5);
  return result;
}

int __fastcall EncryptData(int a1, int a2, int a3, int a4, int a5, int a6)
{
  div_t v6; // r0@1
  unsigned __int8 v7; // ST27_1@5
  int result; // r0@7
  int v9; // [sp+10h] [bp-5Ch]@1
  int v10; // [sp+14h] [bp-58h]@1
  int v11; // [sp+18h] [bp-54h]@1
  int v12; // [sp+28h] [bp-44h]@1
  int v13; // [sp+2Ch] [bp-40h]@1
  int v14; // [sp+2Ch] [bp-40h]@5
  int v15; // [sp+30h] [bp-3Ch]@1
  size_t n; // [sp+34h] [bp-38h]@4
  int dest; // [sp+38h] [bp-34h]@2
  int v18; // [sp+3Ch] [bp-30h]@2
  char v19; // [sp+40h] [bp-2Ch]@2
  int src; // [sp+44h] [bp-28h]@2
  signed int v21; // [sp+48h] [bp-24h]@2
  char v22; // [sp+4Ch] [bp-20h]@2
  int v23; // [sp+50h] [bp-1Ch]@1
  signed int v24; // [sp+54h] [bp-18h]@1
  char v25; // [sp+58h] [bp-14h]@1
  int v26; // [sp+5Ch] [bp-10h]@1

  v11 = a2;
  v10 = a3;
  v9 = a4;
  v26 = _stack_chk_guard;
  v6 = div((int)&v15, a1);
  v25 = 0;
  v23 = 67305985;
  v24 = 134678021;
  v12 = 0;
  v13 = 0;
  while ( v15 > v12 )
  {
dest = 0;
v18 = 0;
v19 = 0;
memcpy(&dest, (const void *)(v11 + 8 * v12), 8u);
src = 0;
v21 = 0;
v22 = 0;
En3DesCBC(8, (int)&dest, v10, (void *)v9, &v23, &src);
v23 = src;
v24 = v21;
memcpy((void *)(a6 + 8 * v13), &src, 8u);
++v12;
++v13;
  }
  if ( n )
  {
v7 = int_to_nibble(8 - n, v6.rem);
dest = 16843009 * v7;
v18 = 16843009 * v7;
memcpy(&dest, (const void *)(v11 + 8 * v15), n);
src = 0;
v21 = 0;
v22 = 0;
En3DesCBC(8, (int)&dest, v10, (void *)v9, &v23, &src);
v23 = src;
v24 = v21;
memcpy((void *)(a6 + 8 * v13), &src, 8u);
v14 = v13 + 1;
  }
  else
  {
dest = 134744072;
v18 = 134744072;
src = 0;
v21 = 0;
v22 = 0;
En3DesCBC(8, (int)&dest, v10, (void *)v9, &v23, &src);
v23 = src;
v24 = v21;
memcpy((void *)(a6 + 8 * v13), &src, 8u);
v14 = v13 + 1;
  }
  *(_DWORD *)a5 = 8 * v14;
  result = 0;
  if ( v26 != _stack_chk_guard )
_stack_chk_fail(0);
  return result;
}

signed int __fastcall En3DesCBC(int a1, int a2, int a3, void *a4, const void *a5, void *a6)
{
  signed int v6; // r3@2
  signed int result; // r0@13
  void *src; // [sp+8h] [bp-7Ch]@1
  int v9; // [sp+Ch] [bp-78h]@1
  int v10; // [sp+10h] [bp-74h]@1
  int i; // [sp+1Ch] [bp-68h]@6
  signed int j; // [sp+20h] [bp-64h]@7
  int v13; // [sp+24h] [bp-60h]@1
  int v14; // [sp+28h] [bp-5Ch]@1
  int dest; // [sp+2Ch] [bp-58h]@3
  int v16; // [sp+30h] [bp-54h]@3
  char v17; // [sp+34h] [bp-50h]@3
  int v18; // [sp+38h] [bp-4Ch]@3
  int v19; // [sp+3Ch] [bp-48h]@3
  char v20; // [sp+40h] [bp-44h]@3
  int v21; // [sp+44h] [bp-40h]@3
  int v22; // [sp+48h] [bp-3Ch]@3
  char v23; // [sp+4Ch] [bp-38h]@3
  int v24; // [sp+50h] [bp-34h]@7
  int v25; // [sp+54h] [bp-30h]@7
  char v26; // [sp+58h] [bp-2Ch]@7
  int v27; // [sp+5Ch] [bp-28h]@7
  int v28; // [sp+60h] [bp-24h]@7
  char v29; // [sp+64h] [bp-20h]@7
  int v30; // [sp+68h] [bp-1Ch]@6
  int v31; // [sp+6Ch] [bp-18h]@6
  char v32; // [sp+70h] [bp-14h]@6
  int v33; // [sp+74h] [bp-10h]@1
  char v34[12]; // [sp+78h] [bp-Ch]@8

  v10 = a2;
  v9 = a3;
  src = a4;
  v33 = _stack_chk_guard;
  div((int)&v13, a1);
  if ( v14 )
  {
v6 = -1;
  }
  else
  {
dest = 0;
v16 = 0;
v17 = 0;
v18 = 0;
v19 = 0;
v20 = 0;
v21 = 0;
v22 = 0;
v23 = 0;
memcpy(&dest, src, 8u);
memcpy(&v18, (char *)src + 8, 8u);
if ( v9 == 24 )
   memcpy(&v21, (char *)src + 16, 8u);
else
   memcpy(&v21, src, 8u);
v30 = 0;
v31 = 0;
v32 = 0;
memcpy(&v30, a5, 8u);
for ( i = 0; v13 > i; ++i )
{
   v24 = 0;
   v25 = 0;
   v26 = 0;
   v27 = 0;
   v28 = 0;
   v29 = 0;
   memcpy(&v24, (const void *)(v10 + 8 * i), 8u);
   for ( j = 0; j <= 7; ++j )
      v34[j - 40] ^= v34[j - 16];
   EnDesECB(8, &v24, &dest, &v27);
   UnDesECB(8, &v27, &v18, &v24);
   EnDesECB(8, &v24, &v21, &v27);
   memcpy(a6, &v27, 8u);
   v30 = v27;
   v31 = v28;
}
v6 = 0;
  }
  result = v6;
  if ( v33 != _stack_chk_guard )
_stack_chk_fail(v6);
  return result;
}

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课

收藏・0

免费・0

支持