以下是汇编代码,经过分析后已经推出C++代码.但是无法反推加密算法.
汇编代码:
006AC550 /$ 51 push ecx
006AC551 |. 8B01 mov eax,dword ptr ds:[ecx] ; eax =data1
006AC553 |. 53 push ebx
006AC554 |. 55 push ebp
006AC555 |. 56 push esi
006AC556 |. 8902 mov dword ptr ds:[edx],eax ; [edx] =data1
006AC558 |. 8B71 04 mov esi,dword ptr ds:[ecx+4] ; esi = data2
006AC55B |. 57 push edi ; ntdll.7C930738
006AC55C |. 8B7C24 18 mov edi,dword ptr ss:[esp+18]
006AC560 |. 8972 04 mov dword ptr ds:[edx+4],esi ; [edx+4]=data2
006AC563 |. B9 909B77E3 mov ecx,E3779B90 ; ecx =m_key5
006AC568 |. C74424 10 100>mov dword ptr ss:[esp+10],10
006AC570 |> 8B02 /mov eax,dword ptr ds:[edx] ; eax =data1
006AC572 |. 8BD8 |mov ebx,eax ; c_data1_1 = data1
006AC574 |. C1EB 05 |shr ebx,5 ; shr c_data1_1,5
006AC577 |. 8BE8 |mov ebp,eax ; c_data1_2 = data1
006AC579 |. C1E5 04 |shl ebp,4 ; shl c_data1_2,4
006AC57C |. 33DD |xor ebx,ebp ; c_data1_1 xor c_data1_2
006AC57E |. 8BE9 |mov ebp,ecx ; ebp =m_key5
006AC580 |. C1ED 0B |shr ebp,0B ; shr m_key5,0B
006AC583 |. 83E5 03 |and ebp,3 ; m_key5 and 3
006AC586 |. 8B2CAF |mov ebp,dword ptr ds:[edi+ebp*4] ; ebp =edi + t_key5 *4
006AC589 |. 03D8 |add ebx,eax ; c_data1_1 = c_data1_1 + c_data1_3
006AC58B |. 03E9 |add ebp,ecx ; c_m_key5_1 = c_m_key5_1 + m_key5
006AC58D |. 33DD |xor ebx,ebp ; c_data1_1 = c_data1_1 Xor c_m_key5_1
006AC58F |. 2BF3 |sub esi,ebx ; c_data2_1 = c_data2_1 - c_data1_1
006AC591 |. 8BDE |mov ebx,esi ; c_data1_1 = c_data2_1
006AC593 |. C1EB 05 |shr ebx,5 ; shr c_data1_1, 5
006AC596 |. 8BEE |mov ebp,esi ; c_m_key5_1 = c_leu3_1
006AC598 |. C1E5 04 |shl ebp,4 ; shl c_m_key5_1, 4)
006AC59B |. 33DD |xor ebx,ebp ; c_data1_1 = c_data1_1 Xor c_m_key5_1
006AC59D |. 81C1 4786C861 |add ecx,61C88647 ; c_m_key5_1 = c_m_key5_1 + &H61C88647
006AC5A3 |. 8BE9 |mov ebp,ecx ; c_m_key5_2 = c_m_key5_1
006AC5A5 |. 83E5 03 |and ebp,3 ; c_m_key5_2 = c_m_key5_2 And 3
006AC5A8 |. 8972 04 |mov dword ptr ds:[edx+4],esi ; 写入data2
006AC5AB |. 8B2CAF |mov ebp,dword ptr ds:[edi+ebp*4] ; c_m_key5_2 = m_allkey(c_m_key5_2)
006AC5AE |. 03DE |add ebx,esi ; c_data1_1 = c_data1_1 + c_data2_1
006AC5B0 |. 03E9 |add ebp,ecx ; c_m_key5_2 = c_m_key5_2 + c_m_key5_1
006AC5B2 |. 33DD |xor ebx,ebp ; c_data1_1 = c_data1_1 Xor c_m_key5_2
006AC5B4 |. 2BC3 |sub eax,ebx
006AC5B6 |. 8902 |mov dword ptr ds:[edx],eax ; 写入data1
006AC5B8 |. FF4C24 10 |dec dword ptr ss:[esp+10]
006AC5BC |.^ 75 B2 \jnz short ProjectG.006AC570
-----------------------------------------------------------------------------------------------------------------------
C++代码:
long key[4];
long unok[2];
unok[0]=lKey[0];
unok[1]=lKey[2];
key[0]=0x486D88F;
key[1]=0x148C72B;
key[2]=0x27EEAFB;
key[3]=0x5A23814;
jiemeiFileName((long*)key,(long*)unok);
void jiameiFileName(long* i,long* unok)//加密函数
{
int inti =16; //循环运算16次
int t;
DWORD sum =0;
DWORD y=unok[0];
DWORD z=unok[1];
for (t=0;t<inti;t++)
{
z+=(((y<<4)^(y>>5))+y)^(i[(sum>>11)&3]+sum);
sum-=0x61c88647;
y+=(((z<<4)^(z>>5))+z)^(i[sum&3]+sum);
}
unok[0]=y;
unok[1]=z;
}
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课