arg1 是一个内存大小为288的指针
arg2 暂时不确定,大概是一个类似秘钥的结构体
arg3 是256
__int64 sub_(signed int *a1, __int64 a2, unsigned int a3)
{
__int64 v3; // x3@1
__int64 v4; // x10@2
signed int v5; // w11@2
signed int v6; // w15@4
__int64 v7; // x10@7
int v8; // w11@7
signed int v9; // w14@9
signed __int64 v10; // x13@12
unsigned int v11; // w17@13
unsigned int v12; // w3@13
int v13; // w4@13
int v14; // w3@13
unsigned int v15; // w5@13
signed int v16; // w17@13
__int64 v17; // x12@14
int v18; // w13@14
int v19; // w17@14
int v20; // w15@14
int v21; // w4@14
unsigned int v22; // w26@15
int v23; // w25@15
int v24; // w27@15
int v25; // w28@15
signed int v26; // w30@16
int v27; // w9@18
unsigned int v28; // w30@18
int v29; // w8@18
int v30; // w8@19
unsigned __int64 v31; // t2@20
int v32; // w8@20
int v33; // w9@20
signed int v34; // w8@25
unsigned int *v35; // x8@28
unsigned int v36; // w10@28
unsigned __int8 *v37; // x11@28
unsigned int v38; // w9@29
unsigned __int8 v39; // t1@29
int v40; // w10@30
signed __int64 v41; // x8@32
__int64 v42; // x8@33
int v43; // w13@33
int *v44; // x10@33
int v45; // w14@34
unsigned int v46; // w15@34
int v47; // w9@34
int v48; // w9@34
unsigned int v49; // w9@34
int v50; // w9@34
int v51; // w9@34
int v52; // w9@34
__int64 v53; // x8@37
int v54; // w13@37
int *v55; // x12@37
int v56; // w14@38
unsigned int v57; // w15@38
int v58; // w9@38
int v59; // w9@38
__int64 v60; // x8@40
int v61; // w13@40
int *v62; // x10@40
int v63; // w14@41
unsigned int v64; // w15@41
int v65; // w16@41
int v66; // w9@41
int v67; // w9@41
int v68; // w9@41
int v69; // w9@41
char v71[36]; // [xsp+8h] [xbp-858h]@3
int v72; // [xsp+2Ch] [xbp-834h]@14
int v73; // [xsp+34h] [xbp-82Ch]@14
int v74; // [xsp+3Ch] [xbp-824h]@14
int v75; // [xsp+40h] [xbp-820h]@14
char v76[1024]; // [xsp+408h] [xbp-458h]@3
__int64 v77; // [xsp+808h] [xbp-58h]@1
v3 = *(_QWORD *)__stack_chk_guard_ptr;
v77 = *(_QWORD *)__stack_chk_guard_ptr;
if ( !(byte_100E1A218 & 1) )
{
v4 = 0LL;
v5 = 1;
do
{
*(_DWORD *)&v76[4 * v4] = v5;
*(_DWORD *)&v71[4 * v5] = v4;
if ( v5 & 0x80 )
v6 = 27;
else
v6 = 0;
v5 ^= 2 * (v5 & 0x7F) ^ v6;
++v4;
}
while ( v4 != 256 );
v7 = 0LL;
v8 = 1;
do
{
*(_DWORD *)((char *)&unk_100E1A21C + v7) = v8;
if ( v8 & 0x80 )
v9 = 27;
else
v9 = 0;
v8 = v9 ^ 2 * (v8 & 0x7F);
v7 += 4LL;
}
while ( v7 != 40 );
byte_100E1A244[0] = 99;
byte_100E1B3A7 = 0;
v10 = 1LL;
do
{
v11 = *(_DWORD *)&v76[4 * (255LL - *(signed int *)&v71[4 * v10])];
v12 = 2 * v11 | (v11 >> 7);
v13 = (unsigned __int8)v12;
v14 = (v12 >> 7) & 1 | 2 * (v12 & 0x7F);
v15 = ((unsigned int)(2 * v13) >> 7) & 1 | 2 * (v14 & 0x7F);
v16 = v11 ^ v13 ^ v14 ^ v15 ^ (((unsigned int)(2 * v14) >> 7) & 1 | 2 * (v15 & 0x7F)) ^ 0x63;
byte_100E1A244[v10] = v16;
byte_100E1B344[v16] = v10++;
}
while ( v10 != 256 );
v17 = 0LL;
v19 = v74;
v18 = v75;
v20 = v72;
v21 = v73;
do
{
v22 = 0;
BYTE1(v23) = 0;
v24 = 0;
v25 = (unsigned __int8)byte_100E1A244[v17];
if ( v25 & 0x80 )
v26 = 27;
else
v26 = 0;
v27 = v26 ^ 2 * (v25 & 0x7F);
dword_100E1B444[v17] = ((v25 << 8) & 0xFF00FFFF | ((unsigned __int8)v25 << 16) | v27) & 0xFFFFFF | ((unsigned __int8)(v27 ^ v25) << 24);
v28 = (unsigned __int8)(v27 ^ v25) | (((v25 << 8) & 0xFF00FFFF | ((unsigned __int8)v25 << 16) | v27) << 8);
dword_100E1B844[v17] = v28;
v29 = (unsigned __int8)v25 | (v28 << 8);
dword_100E1BC44[v17] = v29;
dword_100E1C044[v17] = (unsigned __int8)v25 | (v29 << 8);
if ( byte_100E1B344[v17] )
{
v30 = *(_DWORD *)&v71[4 * byte_100E1B344[v17]];
v23 = *(_DWORD *)&v76[4 * ((v30 + v18) % 255)] ^ (*(_DWORD *)&v76[4 * ((v30 + v20) % 255)] << 8);
v22 = v23 ^ (*(_DWORD *)&v76[4 * ((v30 + v19) % 255)] << 16);
v24 = *(_DWORD *)&v76[4 * ((v30 + v21) % 255)];
}
dword_100E1A344[v17] = v22 ^ (v24 << 24);
HIDWORD(v31) = v22;
LODWORD(v31) = v22 ^ (v24 << 24);
v32 = v31 >> 24;
dword_100E1A744[v17] = v32;
v33 = (unsigned __int8)(v22 >> 16) | (v32 << 8);
dword_100E1AB44[v17] = v33;
dword_100E1AF44[v17++] = BYTE1(v23) | (v33 << 8);
}
while ( v17 != 256 );
byte_100E1A218 = 1;
v3 = *(_QWORD *)__stack_chk_guard_ptr;
}
if ( a3 == 256 )
{
v34 = 14;
}
else if ( a3 == 192 )
{
v34 = 12;
}
else
{
if ( a3 != 128 )
{
v41 = 4294967264LL;
goto LABEL_43;
}
v34 = 10;
}
*a1 = v34;
v35 = (unsigned int *)(a1 + 4);
*((_QWORD *)a1 + 1) = a1 + 4;
v36 = a3 >> 5;
v37 = (unsigned __int8 *)(a2 + 3);
do
{
v38 = (*(v37 - 3) | (*(v37 - 2) << 8)) & 0xFF00FFFF | (*(v37 - 1) << 16);
v39 = *v37;
v37 += 4;
*v35 = v38 & 0xFFFFFF | (v39 << 24);
++v35;
--v36;
}
while ( v36 );
v40 = *a1;
if ( *a1 == 10 )
{
v53 = 0LL;
v54 = a1[4];
v55 = a1 + 6;
do
{
v56 = *v55;
v57 = v55[1];
v54 ^= *(_DWORD *)((char *)&unk_100E1A21C + v53) ^ (unsigned __int8)byte_100E1A244[(unsigned __int16)v57 >> 8] ^ ((unsigned __int8)byte_100E1A244[(v57 >> 16) & 0xFF] << 8) ^ ((unsigned __int8)byte_100E1A244[v57 >> 24] << 16) ^ ((unsigned __int8)byte_100E1A244[(unsigned __int8)v57] << 24);
v58 = v54 ^ *(v55 - 1);
v55[2] = v54;
v55[3] = v58;
v59 = v56 ^ v58;
v55[4] = v59;
v55[5] = v57 ^ v59;
v55 += 4;
v53 += 4LL;
}
while ( v53 != 40 );
}
else if ( v40 == 12 )
{
v60 = 0LL;
v61 = a1[4];
v62 = a1 + 8;
do
{
v63 = *v62;
v64 = v62[1];
v61 ^= *(_DWORD *)((char *)&unk_100E1A21C + v60) ^ (unsigned __int8)byte_100E1A244[(unsigned __int16)v64 >> 8] ^ ((unsigned __int8)byte_100E1A244[(v64 >> 16) & 0xFF] << 8) ^ ((unsigned __int8)byte_100E1A244[v64 >> 24] << 16) ^ ((unsigned __int8)byte_100E1A244[(unsigned __int8)v64] << 24);
v65 = *(v62 - 2);
v66 = v61 ^ *(v62 - 3);
v62[2] = v61;
v62[3] = v66;
v67 = v65 ^ v66;
v62[4] = v67;
v68 = *(v62 - 1) ^ v67;
v62[5] = v68;
v69 = v63 ^ v68;
v62[6] = v69;
v62[7] = v64 ^ v69;
v62 += 6;
v60 += 4LL;
}
while ( v60 != 32 );
}
else
{
v41 = 0LL;
if ( v40 != 14 )
goto LABEL_43;
v42 = 0LL;
v43 = a1[4];
v44 = a1 + 10;
do
{
v45 = *v44;
v46 = v44[1];
v43 ^= *(_DWORD *)((char *)&unk_100E1A21C + v42) ^ (unsigned __int8)byte_100E1A244[(unsigned __int16)v46 >> 8] ^ ((unsigned __int8)byte_100E1A244[(v46 >> 16) & 0xFF] << 8) ^ ((unsigned __int8)byte_100E1A244[v46 >> 24] << 16) ^ ((unsigned __int8)byte_100E1A244[(unsigned __int8)v46] << 24);
v47 = v43 ^ *(v44 - 5);
v44[2] = v43;
v44[3] = v47;
v48 = *(v44 - 4) ^ v47;
v44[4] = v48;
v49 = *(v44 - 3) ^ v48;
v44[5] = v49;
a1 = (signed int *)(unsigned __int8)byte_100E1A244[(v49 >> 16) & 0xFF];
v50 = (unsigned __int8)byte_100E1A244[(unsigned __int8)v49] ^ *(v44 - 2) ^ ((unsigned __int8)byte_100E1A244[(unsigned __int16)v49 >> 8] << 8) ^ ((_DWORD)a1 << 16) ^ ((unsigned __int8)byte_100E1A244[v49 >> 24] << 24);
v44[6] = v50;
v51 = v50 ^ *(v44 - 1);
v44[7] = v51;
v52 = v45 ^ v51;
v44[8] = v52;
v44[9] = v46 ^ v52;
v44 += 8;
v42 += 4LL;
}
while ( v42 != 28 );
}
v41 = 0LL;
LABEL_43:
if ( v3 != v77 )
__stack_chk_fail(a1);
return v41;
}
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)