rc4 变形
int rc4(char *pSecret, int SecretLen, char *pOut)
{
int ia;
unsigned char i = 0, j = 0, t;
unsigned char s[256];
unsigned char k[256];
for (ia = 0; ia <= 255; ia++, i++)
s[ia] = i;
for (ia = 0; ia <= 255; ia++)
k[ia] = ((unsigned char *)pSecret)[ia%SecretLen];
for (ia = i = j = 0; ia <= 255; ia++, i++)
{
j = (j + s[i] + k[i]) % 256;
t = s[i]; s[i] = s[j]; s[j] = t;
}
unsigned char data[128] = {
0xF4, 0x12, 0x9D, 0x60, 0x45, 0xF8, 0x20, 0x6A, 0x6F, 0x67, 0x04, 0x71, 0xC0, 0x9B, 0x0C, 0x5A,
0x1D, 0x18, 0x6C, 0x96, 0x69, 0x01, 0x1C, 0xF4, 0x7F, 0x28, 0x5A, 0xFB, 0x29, 0x07, 0x40, 0x8B,
0xD3, 0xE1, 0xB1, 0x12, 0xFB, 0xCA, 0x7C, 0x89, 0xB9, 0x5A, 0x30, 0x70, 0x9D, 0x95, 0x2B, 0x95,
0x3C, 0x8D, 0x2E, 0x45, 0xEF, 0x70, 0xC6, 0xA3, 0xB9, 0xB2, 0x5A, 0x63, 0x5F, 0x03, 0x33, 0xB8,
0x64, 0x4A, 0x8F, 0xBC, 0xF7, 0x91, 0x69, 0x6A, 0x56, 0x2E, 0xD4, 0x6E, 0x82, 0x93, 0xE9, 0x76,
0xDC, 0xA3, 0x6C, 0x5E, 0x6B, 0x72, 0x64, 0x37, 0xE7, 0x15, 0x17, 0xAC, 0x64, 0x78, 0xD5, 0x4A,
0x60, 0x2D, 0xF0, 0x54, 0xA6, 0xF3, 0xE8, 0xE0, 0xE0, 0xB9, 0x8F, 0x85, 0x90, 0xE4, 0xEA, 0xD6,
0xBB, 0xB7, 0x15, 0x9E, 0x2A, 0x44, 0xE7, 0x31, 0x63, 0xAC, 0x80, 0x6C, 0x34, 0x82, 0xE9, 0xCF
};
for (int l = 0; l < 128; l++)
{
data[l] ^= s[l] + s[256 - l - 1];
}
// 以下部分为验证阶段使用
unsigned int res = 0;
for (int l = 0; l < 128; l++)
{
res += data[l];
}
if (res == 0x2979)
{
printf(pSecret);
getchar();
}
return 0;
}
穷举,直到满足res == 0x2979 即可,范围从0-9的字符
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
