xm_encryptor
=
Instance(Module(
Store(),
pathlib.Path(
"./xm_encryptor.wasm"
).read_bytes()
))
def
encrypt(data, key):
stack_pointer
=
xm_encryptor.exports.a(
-
16
)
assert
isinstance
(stack_pointer,
int
)
de_data_offset
=
xm_encryptor.exports.c(
len
(data))
assert
isinstance
(de_data_offset,
int
)
track_id_offset
=
xm_encryptor.exports.c(
len
(key))
assert
isinstance
(track_id_offset,
int
)
memory_i
=
xm_encryptor.exports.i
memview_unit8:Uint8Array
=
memory_i.uint8_view(offset
=
de_data_offset)
for
i,b
in
enumerate
(data):
memview_unit8[i]
=
b
memview_unit8: Uint8Array
=
memory_i.uint8_view(offset
=
track_id_offset)
for
i,b
in
enumerate
(key):
memview_unit8[i]
=
b
xm_encryptor.exports.h(stack_pointer,de_data_offset,
len
(data),track_id_offset,
len
(key))
memview_int32: Int32Array
=
memory_i.int32_view(offset
=
stack_pointer
/
/
4
)
result_pointer
=
memview_int32[
0
]
result_length
=
memview_int32[
1
]
assert
memview_int32[
2
]
=
=
0
, memview_int32[
3
]
=
=
0
result_data
=
bytearray(memory_i.
buffer
)[result_pointer:result_pointer
+
result_length].decode()
return
result_data
fillup
=
[]
for
missing
in
range
(
1
,
0x18
+
1
):
data
=
b
'A'
*
0x10
+
b
"CCCCCCCC"
+
b
"DDDDDDDD"
key
=
b
'\x41'
*
(
0x18
-
missing)
for
i
in
range
(
256
):
test_byte
=
i.to_bytes(
1
,
"little"
)
filledup_key
=
b''.join(fillup)
+
test_byte
+
key
try
:
result_data
=
encrypt(data,key)
cipher
=
AES.new(filledup_key, AES.MODE_CBC, filledup_key[:
16
])
decoded_data
=
unpad(cipher.decrypt(base64.b64decode(result_data)),
16
)
assert
data
=
=
decoded_data
fillup.append(test_byte)
print
(
"found"
, fillup)
break
except
Exception as e:
pass
assert
len
(fillup)
=
=
missing
print
(
"found filled up: "
, b''.join(fillup))