首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 峰会 看雪商城 证书查询
  1. 社区
  2. Android安全
    3. 发新帖
1
[分享][原创]新手学习还原APP算法的随手笔记
发表于: 2025-3-10 22:29 11918

[分享][原创]新手学习还原APP算法的随手笔记

兆兆的罩罩 活跃值
2025-3-10 22:29
11918

shield8.32.0版本
学习了如画佬的文章,关上教程复现的笔记
1.jstring NewStringUTF(JNIEnv *env, const char *bytes);
在汇编中第二个参数X1存储的是加密字符串,将cstring转成java字符串,从而拿到加密结果

mx1 ==> x1=RW@0x40461018 只需要弄清楚 x1存储的这个部分的值是怎么来的即可
[11:09:16 607]x1=RW@0x40461018, md5=992e3fffb0a5d31387be3ead9ecc9d5d, hex=58594141414141514141414145414141425441414141557a5557456530784731496244392f632b71434c4f6c4b476d547446612b6c473433344e66754651544b52427a4932796e654e6b4835332b724f594b7a384d693163782b324b5933515177595257574c4e372f7a31533031314f
size: 112
0000: 58 59 41 41 41 41 41 51 41 41 41 41 45 41 41 41 XYAAAAAQAAAAEAAA
0010: 42 54 41 41 41 41 55 7A 55 57 45 65 30 78 47 31 BTAAAAUzUWEe0xG1
0020: 49 62 44 39 2F 63 2B 71 43 4C 4F 6C 4B 47 6D 54 IbD9/c+qCLOlKGmT
0030: 74 46 61 2B 6C 47 34 33 34 4E 66 75 46 51 54 4B tFa+lG434NfuFQTK
0040: 52 42 7A 49 32 79 6E 65 4E 6B 48 35 33 2B 72 4F RBzI2yneNkH53+rO
0050: 59 4B 7A 38 4D 69 31 63 78 2B 32 4B 59 33 51 51 YKz8Mi1cx+2KY3QQ
0060: 77 59 52 57 57 4C 4E 37 2F 7A 31 53 30 31 31 4F wYRWWLN7/z1S011O
len("XYAAAAAQAAAAEAAABTAAAAUzUWEe0xG1IbD9/c+qCLOlKGmTtFa+lG434NfuFQTKRBzI2yneNkH53+rOYKz8Mi1cx+2KY3QQwYRWWLN7/z1S011O") = 112
len("XYAAAAAQAAAAEAAABTAAAAUzUWEe0xG1IbD9/c+qCLOlKGmTtFa+lG434NfuFQTKRBzI2yneNkH53+rOYKz8Mi1cx+2KY3QQwYRWWLN7/z1S011Oc8PZAcZStVDuw6DCul1soQ") == 134

只需要研究 "XY" + 后132字节 将字符串转成十六进制的数组 0x57557a5541414141
XY AAAAAQAA AAEAAABT AAAAUzUW Ee0xG1Ib D9/c+qCL OlKGmTtFa+lG434NfuFQTKRBzI2yneNkH53+rOYKz8Mi1cx+2KY3QQwYRWWLN7/z1S011Oc8PZAcZStVDuw6DCul1soQ"
5859 4141414141514141 4141454141414254 41414141557a5557 4565307847314962 44 39 2f 63 2b 71 43 4c 4f 6c 4b 47 6d 54 74 46 61 2b 6c 47 34 33 34 4e 66 75 46 51 54 4b 52 42 7a 49 32 79 6e 65 4e 6b 48 35 33 2b 72 4f 59 4b 7a 38 4d 69 31 63 78 2b 32 4b 59 33 51 51 77 59 52 57 57 4c 4e 37 2f 7a 31 53 30 31 31 4f 63 38 50 5a 41 63 5a 53 74 56 44 75 77 36 44 43 75 6c 31 73 6f 51
[11:08:54 278] Memory WRITE at 0x4046101a, data size = 8, data value = 0x4141514141414141, PC=RX@0x4028c1f8[libc.so]0x1c1f8, LR=RX@0x4009f0f0[libshield.so]0x9f0f0
PC指向程序执行的位置 LR指向函数调用的位置(PC指向当前执行到标准库的逻辑, LR指向在shield.so文件中逻辑) 跳转到0x9f0f0找到上方的memcpy
void *memcpy(void *dest, const void *src, size_t n); dest:目标地址 src:源地址 n:要复制的字节数 查看mX1 数据的来源

注:直接打断点找不到memcpy操作的内存地址,查看trace日志发现有三处经过了0x9f0f0的操作
[09:33:29 304][libshield.so 0x09eff0] [4100148b] 0x4009eff0: "add x1, x2, x20" x2=0x40453048 x20=0x0 => x1=0x40453048
[09:33:29 328][libshield.so 0x09eff0] [4100148b] 0x4009eff0: "add x1, x2, x20" x2=0x404530a8 x20=0x0 => x1=0x404530a8
[09:33:31 978][libshield.so 0x09eff0] [4100148b] 0x4009eff0: "add x1, x2, x20" x2=0x4059a018 x20=0x0 => x1=0x4059a018
控制台使用c命令操作跳到第三次断点成功打印mx1=0x4059a018 此处记录的也是完整的shield值

2.继续监视0x4059a018处的内容 截取一段日志
[10:29:23 862] Memory WRITE at 0x4059a01a, data size = 1, data value = 0x41, PC=RX@0x4004bf64[libshield.so]0x4bf64, LR=RX@0x40049b98[libshield.so]0x49b98
[10:29:23 862] Memory WRITE at 0x4059a01c, data size = 1, data value = 0x41, PC=RX@0x4004bf84[libshield.so]0x4bf84, LR=RX@0x40049b98[libshield.so]0x49b98
[10:29:23 862] Memory WRITE at 0x4059a01f, data size = 1, data value = 0x41, PC=RX@0x4004bf84[libshield.so]0x4bf84, LR=RX@0x40049b98[libshield.so]0x49b98
[10:29:23 862] Memory WRITE at 0x4059a01d, data size = 1, data value = 0x51, PC=RX@0x4004bf84[libshield.so]0x4bf84, LR=RX@0x40049b98[libshield.so]0x49b98
[10:29:23 862] Memory WRITE at 0x4059a01e, data size = 1, data value = 0x41, PC=RX@0x4004bf84[libshield.so]0x4bf84, LR=RX@0x40049b98[libshield.so]0x49b98
[10:29:23 862] Memory WRITE at 0x4059a020, data size = 1, data value = 0x41, PC=RX@0x4004bf84[libshield.so]0x4bf84, LR=RX@0x40049b98[libshield.so]0x49b98
[10:29:23 862] Memory WRITE at 0x4059a023, data size = 1, data value = 0x41, PC=RX@0x4004bf84[libshield.so]0x4bf84, LR=RX@0x40049b98[libshield.so]0x49b98
[10:29:23 863] Memory WRITE at 0x4059a021, data size = 1, data value = 0x41, PC=RX@0x4004bf84[libshield.so]0x4bf84, LR=RX@0x40049b98[libshield.so]0x49b98

分析:PC指向当前执行的代码(处于libshield.so中) (LR跳转回调用的地方也处于libshield.so中),这两处都要在IDA中查看一下是啥情况,PC处于函数sub_4BF44中的一段逻辑,0x49b98处于sub_4BF44执行完的下一段指令
说明shield每一个字母的生成与sub_4BF44中的细节有关系, 通过观察细节或者使用gpt分析sub_4BF44发现这是将每3个字节的二进制数据编码为4个Base64字符,是进行了base64操作。
于是尝试从sub_4BF44中查找base64编码前的源数据,把这个源数据的值找到继续分析即可。

v5 = *(unsigned __int8 *)(a2 + v3);
v6 = *(unsigned __int8 *)(a2 + v3 + 1);
v7 = *(unsigned __int8 *)(a2 + v3 + 2); 由此发现a2是base64操作的输入参数,且a2是__int64 __fastcall sub_4BF44(_BYTE *a1, __int64 a2, int a3)第二个参数,猜测就是shield编码前的值,hook验证一下
从地址 a2 + v3 读取一个字节,并将其存储在变量 v5 中。
从地址 a2 + v3 + 1 读取一个字节,并将其存储在变量 v6 中。
从地址 a2 + v3 + 2 读取一个字节,并将其存储在变量 v7 中。

debugger.addBreakPoint(module.base+0x49B94); 查看,依旧要通过trace去判断是否这个断点被命中。 hook如下,使用cyberchef去验证
[10:49:26 396]x1=RW@0x40456098, md5=af80e1f3f4b54f45c169046d847b9b98, hex=00000001000000010000005300000053351611ed311b521b0fdfdcfaa08b3a5286993b456be946e37e0d7ee1504ca441cc8db29de3641f9dfeace60acfc322d5cc7ed8a637410c1845658b37bff3d52d35d4e73c3d901c652b550eec3a0c2ba5d6ca1000000000000000000000000000
size: 112 112-13=99字节的数据
0000: 00 00 00 01 00 00 00 01 00 00 00 53 00 00 00 53 ...........S...S
0010: 35 16 11 ED 31 1B 52 1B 0F DF DC FA A0 8B 3A 52 5...1.R.......:R
0020: 86 99 3B 45 6B E9 46 E3 7E 0D 7E E1 50 4C A4 41 ..;Ek.F..PL.A
0030: CC 8D B2 9D E3 64 1F 9D FE AC E6 0A CF C3 22 D5 .....d........".
0040: CC 7E D8 A6 37 41 0C 18 45 65 8B 37 BF F3 D5 2D .~..7A..Ee.7...-
0050: 35 D4 E7 3C 3D 90 1C 65 2B 55 0E EC 3A 0C 2B A5 5..<=..e+U..:.+.
0060: D6 CA 10 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-------------------------------------------------------------------------- 注意使用fromhexdump而不是fromhex
转换为 AAAAAQAAAAEAAABTAAAAUzUWEe0xG1IbD9/c+qCLOlKGmTtFa+lG434NfuFQTKRBzI2yneNkH53+rOYKz8Mi1cx+2KY3QQwYRWWLN7/z1S011Oc8PZAcZStVDuw6DCul1soQ(截止到这,拼接上XY即可)AAAAAAAAAAAAAAAAAA==

3.找到了shield来源数据 继续分析每一个值 99字节 mx1=0x40456098,继续分析这里的每一个字节的生成,使用trace
0000: 00 00 00 01 00 00 00 01 00 00 00 53 00 00 00 53 ...........S...S
0010: 35 16 11 ED 31 1B 52 1B 0F DF DC FA A0 8B 3A 52 5...1.R.......:R
0020: 86 99 3B 45 6B E9 46 E3 7E 0D 7E E1 50 4C A4 41 ..;Ek.F..PL.A
0030: CC 8D B2 9D E3 64 1F 9D FE AC E6 0A CF C3 22 D5 .....d........".
0040: CC 7E D8 A6 37 41 0C 18 45 65 8B 37 BF F3 D5 2D .~..7A..Ee.7...-
0050: 35 D4 E7 3C 3D 90 1C 65 2B 55 0E EC 3A 0C 2B A5 5..<=..e+U..:.+.
0060: D6 CA 10

trace(0x40456098, 0x40456098+134) IDA查看0x9cdb4的情况
[11:18:10 339] Memory WRITE at 0x404560a0, data size = 8, data value = 0x5300000053000000, PC=RX@0x4028c148[libc.so]0x1c148, LR=RX@0x4009cdb4[libshield.so]0x9cdb4
[11:18:10 339] Memory WRITE at 0x404560a8, data size = 8, data value = 0x1b521b31ed111635, PC=RX@0x4028c148[libc.so]0x1c148, LR=RX@0x4009cdb4[libshield.so]0x9cdb4
[11:18:10 339] Memory WRITE at 0x404560b0, data size = 8, data value = 0x523a8ba0fadcdf0f, PC=RX@0x4028c148[libc.so]0x1c148, LR=RX@0x4009cdb4[libshield.so]0x9cdb4

0x9cdb4 => result = memcpy(v10, v9, a3); 说明这里的字符串也是被memcpy复制了一次,继续寻找源头,在下方memcpy出打断点,查看源数据 (打上断点后同样c跳转三次才行)
.text&ARM.extab:000000000009CDA8 MOV X0, X3 ; dest
.text&ARM.extab:000000000009CDAC MOV X2, X19 ; n
.text&ARM.extab:000000000009CDB0 BL memcpy

[11:38:32 172]x1=RW@0x40593000, md5=af80e1f3f4b54f45c169046d847b9b98, hex=00000001000000010000005300000053351611ed311b521b0fdfdcfaa08b3a5286993b456be946e37e0d7ee1504ca441cc8db29de3641f9dfeace60acfc322d5cc7ed8a637410c1845658b37bff3d52d35d4e73c3d901c652b550eec3a0c2ba5d6ca1000000000000000000000000000
size: 112
0000: 00 00 00 01 00 00 00 01 00 00 00 53 00 00 00 53 ...........S...S
0010: 35 16 11 ED 31 1B 52 1B 0F DF DC FA A0 8B 3A 52 5...1.R.......:R
0020: 86 99 3B 45 6B E9 46 E3 7E 0D 7E E1 50 4C A4 41 ..;Ek.F..PL.A
0030: CC 8D B2 9D E3 64 1F 9D FE AC E6 0A CF C3 22 D5 .....d........".
0040: CC 7E D8 A6 37 41 0C 18 45 65 8B 37 BF F3 D5 2D .~..7A..Ee.7...-
0050: 35 D4 E7 3C 3D 90 1C 65 2B 55 0E EC 3A 0C 2B A5 5..<=..e+U..:.+.
0060: D6 CA 10 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

4.分析这个新的base64源头数据 trace(0x40593000,0x40593000+134) 看看每一部分如何生成的
[11:42:15 779] Memory WRITE at 0x40593000, data size = 1, data value = 0x00, PC=RX@0x4004972c[libshield.so]0x4972c, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593001, data size = 1, data value = 0x00, PC=RX@0x40049734[libshield.so]0x49734, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593002, data size = 1, data value = 0x00, PC=RX@0x40049740[libshield.so]0x49740, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593003, data size = 1, data value = 0x01, PC=RX@0x40049748[libshield.so]0x49748, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593004, data size = 1, data value = 0x00, PC=RX@0x40049750[libshield.so]0x49750, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593005, data size = 1, data value = 0x00, PC=RX@0x40049758[libshield.so]0x49758, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593006, data size = 1, data value = 0x00, PC=RX@0x40049764[libshield.so]0x49764, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593007, data size = 1, data value = 0x01, PC=RX@0x4004976c[libshield.so]0x4976c, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593008, data size = 1, data value = 0x00, PC=RX@0x40049774[libshield.so]0x49774, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593009, data size = 1, data value = 0x00, PC=RX@0x4004977c[libshield.so]0x4977c, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x4059300a, data size = 1, data value = 0x00, PC=RX@0x40049788[libshield.so]0x49788, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x4059300b, data size = 1, data value = 0x53, PC=RX@0x40049790[libshield.so]0x49790, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x4059300c, data size = 1, data value = 0x00, PC=RX@0x40049798[libshield.so]0x49798, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x4059300d, data size = 1, data value = 0x00, PC=RX@0x400497a0[libshield.so]0x497a0, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x4059300e, data size = 1, data value = 0x00, PC=RX@0x400497ac[libshield.so]0x497ac, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x4059300f, data size = 1, data value = 0x53, PC=RX@0x400497b4[libshield.so]0x497b4, LR=RX@0x400496e4[libshield.so]0x496e4
[11:42:15 779] Memory WRITE at 0x40593010, data size = 8, data value = 0x1b521b31ed111635, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 779] Memory WRITE at 0x40593018, data size = 8, data value = 0x523a8ba0fadcdf0f, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 779] Memory WRITE at 0x40593020, data size = 8, data value = 0xe346e96b453b9986, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 779] Memory WRITE at 0x40593028, data size = 8, data value = 0x41a44c50e17e0d7e, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593030, data size = 8, data value = 0x9d1f64e39db28dcc, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593038, data size = 8, data value = 0xd522c3cf0ae6acfe, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593040, data size = 8, data value = 0x180c4137a6d87ecc, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593048, data size = 8, data value = 0x2dd5f3bf378b6545, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593050, data size = 8, data value = 0x651c903d3ce7d435, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593058, data size = 8, data value = 0xa52b0c3aec0e552b, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593053, data size = 8, data value = 0x0e552b651c903d3c, PC=RX@0x4028c1a4[libc.so]0x1c1a4, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x4059305b, data size = 8, data value = 0x10cad6a52b0c3aec, PC=RX@0x4028c1a4[libc.so]0x1c1a4, LR=RX@0x400497dc[libshield.so]0x497dc
根据日志可以发现前16位和99-16=83位字节生成的地方不一样,需要通过IDA看看细节,到底分别用了什么方法生成的。前16条数据,PC执行的指令和最后LR跳转回的指令均指向libshield.so中的sub_49650
通过PC可以看到详细的逻辑 基于v4的内容 v4 = *a1; ==> void __usercall sub_49650(__int64 *a1@<X0>, __int64 a2@<X8>) 由此看出a1参数通过X0传递
*v10 = *(_BYTE *)(v4 + 11);
v10[1] = *(_WORD )(v4 + 10);
v10[2] = BYTE1((_DWORD *)(v4 + 8));
v10[3] = *(_DWORD *)(v4 + 8);
v10[4] = *(_BYTE *)(v4 + 15);
v10[5] = *(_WORD )(v4 + 14);
v10[6] = BYTE1((_DWORD *)(v4 + 12));
v10[7] = *(_DWORD *)(v4 + 12);
v10[8] = *(_BYTE *)(v4 + 19);
v10[9] = *(_WORD )(v4 + 18);
v10[10] = BYTE1((_DWORD *)(v4 + 16));
v10[11] = *(_DWORD *)(v4 + 16);
v10[12] = *(_BYTE *)(v4 + 23);
v10[13] = *(_WORD )(v4 + 22);
v10[14] = BYTE1((_DWORD *)(v4 + 20));
v10[15] = *(_DWORD *)(v4 + 20);

故hook sub_49650的X0探索前十六字节的值

-----------------------------------------------------------------------------<
[14:16:38 419]x0=unidbg@0xbffff530, md5=5192356b16181dc583c59dd2f7302705, hex=9031454000000000803145400000000010e058400000000000e05840000000009031454000000000803145400000000018a0454000000000389045400000000010e058400000000000e05840000000003831454000000000383145400000000008314540000000000000000000000000
size: 112
0000: 90 31 45 40 00 00 00 00 80 31 45 40 00 00 00 00 .1E@.....1E@....
0010: 10 E0 58 40 00 00 00 00 00 E0 58 40 00 00 00 00 ..X@......X@....
0020: 90 31 45 40 00 00 00 00 80 31 45 40 00 00 00 00 .1E@.....1E@....
0030: 18 A0 45 40 00 00 00 00 38 90 45 40 00 00 00 00 ..E@....8.E@....
0040: 10 E0 58 40 00 00 00 00 00 E0 58 40 00 00 00 00 ..X@......X@....
0050: 38 31 45 40 00 00 00 00 38 31 45 40 00 00 00 00 81E@....81E@....
0060: 08 31 45 40 00 00 00 00 00 00 00 00 00 00 00 00 .1E@............
^-----------------------------------------------------------------------------^

为了验证是不是命中对应的sub_49650的位置,搜索x0=0xbffff530,找到了调用sub_49650的逻辑,故确认是这里
[09:33:31 914][libshield.so 0x0bce40] [e0030191] 0x400bce40: "add x0, sp, #0x40" sp=0xbffff4f0 => x0=0xbffff530
[09:33:31 914][libshield.so 0x0bce44] [0332fe97] 0x400bce44: "bl #0x40049650"

解释: x0=unidbg@0xbffff530 和 x1=RW@0x40593000的区别?
unidbg@0xbffff530 表示该寄存器的值是一个指向内存地址的指针,需要读取内存中的内容拿到该指针指向的内存地址(小端序) -> 0x40453190
0xbffff530 是一个十六进制表示的内存地址,可能是一个函数调用栈中的某个位置,或者是一个特定的内存区域。

故 m0x40453190拿到指针指向的内容

-----------------------------------------------------------------------------<
[14:29:03 639]RW@0x40453190, md5=3df7798f10b205454d00aa228ccb2704, hex=18581040000000000100000001000000530000005300000060e04540000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: 18 58 10 40 00 {00 00 00 01 00 00 00 01 00 00 00 .X.@............
0010: 53 00 00 00 53} 00 00 00 60 E0 45 40 00 00 00 00 S...S...`.E@....
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^
这里就是前十六字节具体的来源了,大括号括起来的就是前十六字节,需要通过trace(0x40453196, 0x40453196 + 16)查看一下具体咋生成的
[14:38:38 180] Memory WRITE at 0x40453198, data size = 4, data value = 0x00000001, PC=RX@0x400492f0[libshield.so]0x492f0, LR=RX@0x400492ec[libshield.so]0x492ec
[14:38:38 181] Memory WRITE at 0x4045319c, data size = 4, data value = 0x00000001, PC=RX@0x400492f0[libshield.so]0x492f0, LR=RX@0x400492ec[libshield.so]0x492ec
[14:38:38 181] Memory WRITE at 0x404531a4, data size = 4, data value = 0x00000053, PC=RX@0x4004930c[libshield.so]0x4930c, LR=RX@0x400492ec[libshield.so]0x492ec
[14:38:38 184] Memory WRITE at 0x404531a0, data size = 4, data value = 0x00000053, PC=RX@0x40049574[libshield.so]0x49574, LR=RX@0x40049570[libshield.so]0x49570
依旧通过PC或者LR去查看一下代码执行的地方和执行完跳转回去的地方。

查看IDA代码片段 4个部分 前两部分都是写死赋值为1 后两部分都基于v7,v7与如下a1参数有关 v7 = (unsigned int)(*(_DWORD *)(*a1 + 20LL) + *(_DWORD *)(*a1 + 24LL) + *(_DWORD *)(*a1 + 28LL) + 24);
void __usercall sub_4926C(_QWORD *a1@<X0>, _QWORD *a2@<X8>)

v5 = (_DWORD *)*a2;
v5[2] = 1;
v5[3] = 1;
v6 = a1;
v7 = (unsigned int)((_DWORD *)(*a1 + 20LL) + *(_DWORD *)(*a1 + 24LL) + *(_DWORD *)(*a1 + 28LL) + 24);
v5[5] = v7;

v20 = (_DWORD *) * a2;
*(_QWORD *)(*a2 + 24LL) = v19;
sub_51698(v21, 13LL, & qword_10B508);
sub_511E0(v21, (unsigned int)
v7, v8, v19);
v20[4] = v7;

于是打断点sub_4926C拿到x0的参数 查看trace确认该函数只在0xBCD6C处调用(多次调用的地方记得反复翻阅trace确认寻找命中点)

-----------------------------------------------------------------------------<
[14:59:38 020]x0=unidbg@0xbffff540, md5=43d7feda9b1b909b055506e5e5fc9dbf, hex=10e058400000000000e058400000000078792d0000000000f0f4ffbf0000000018a0454000000000389045400000000010e058400000000000e0584000000000383145400000000038314540000000000831454000000000000000000000000000000000000000006030454000000000
size: 112
0000: 10 E0 58 40 00 00 00 00 00 E0 58 40 00 00 00 00 ..X@......X@....
0010: 78 79 2D 00 00 00 00 00 F0 F4 FF BF 00 00 00 00 xy-.............
0020: 18 A0 45 40 00 00 00 00 38 90 45 40 00 00 00 00 ..E@....8.E@....
0030: 10 E0 58 40 00 00 00 00 00 E0 58 40 00 00 00 00 ..X@......X@....
0040: 38 31 45 40 00 00 00 00 38 31 45 40 00 00 00 00 81E@....81E@....
0050: 08 31 45 40 00 00 00 00 00 00 00 00 00 00 00 00 .1E@............
0060: 00 00 00 00 00 00 00 00 60 30 45 40 00 00 00 00 ........`0E@....
^-----------------------------------------------------------------------------^

根据之前了解的规则,x0=unidbg@0xbffff540这里依旧是一个指针 指向0x4058e010(小端序) 通过m0x4058e010拿到如下内容 (不要忘了这里是为了追溯与v7相关的参数a1,拿到53这个值)

-----------------------------------------------------------------------------<
[15:01:21 051]RW@0x4058e010, md5=b6a05095480f6c61e02ef52ea62aad46, hex=38581040000000000100000001affaec020000000700000024000000100000001070454000000000503145400000000000e04740000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: 38 58 10 40 00 00 00 00 01 00 00 00 01 AF FA EC 8X.@............
0010: 02 00 00 00 07 00 00 00 24 00 00 00 10 00 00 00 ........$.......
0020: 10 70 45 40 00 00 00 00 50 31 45 40 00 00 00 00 .pE@....P1E@....
0030: 00 E0 47 40 00 00 00 00 00 00 00 00 00 00 00 00 ..G@............
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

思考(*(*a1 + 20LL) + *(*a1 + 24LL) + *(a1 + 28LL) + 24);这行代码的结果是0x53怎么来的? 由刚才的操作我们已经知道了a1就是上述这片内存区域了,直接取如上位置对应值进行计算看
是否为53即可(验证是写死的还是变化的)
10+0+50+24 -> 84 -> 0x54(看样子是写死的,继续分析其本质是啥)

*******************************(细节探索)
继续分析指针指向的地址0x4058e010看看是什么东西 -> emulator.traceWrite(0x4058e024,0x4058e024+9);(目的是查看20 24 28这三个位置的内容)
[15:16:33 394] Memory WRITE at 0x4058e024, data size = 4, data value = 0x00000007, PC=RX@0x40049138[libshield.so]0x49138, LR=RX@0x40049128[libshield.so]0x49128
[15:16:33 395] Memory WRITE at 0x4058e028, data size = 4, data value = 0x00000024, PC=RX@0x40049154[libshield.so]0x49154, LR=RX@0x40049140[libshield.so]0x49140
[15:16:33 395] Memory WRITE at 0x4058e02c, data size = 4, data value = 0x00000010, PC=RX@0x40049160[libshield.so]0x49160, LR=RX@0x4004915c[libshield.so]0x4915c
IDA查看0x49154 -> 地址为0xBCCDC 查询a2 a5 a7 -> mx1 mx4 mx5
void *__usercall sub_4908C@<X0>( int a1@<W0>,const char **a2@<X1>,int a3@<W2>,int a4@<W3>,const char **a5@<X4>,const void *a6@<X5>,unsigned int a7@<W6>,__int64 *a8@<X8>)
略...

-----------------------------------------------------------------------------<
[15:39:38 557]RW@0x4045a018, md5=852c37585df595b765f26ab3730bbe86, hex=33393932336533632d366336652d333839312d393435612d66643033633437393665623300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: 33 39 39 32 33 65 33 63 2D 36 63 36 65 2D 33 38 39923e3c-6c6e-38
0010: 39 31 2D 39 34 35 61 2D 66 64 30 33 63 34 37 39 91-945a-fd03c479
0020: 36 65 62 33 00 00 00 00 00 00 00 00 00 00 00 00 6eb3............
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^ 这里是deviceid

5.后0x53字节(继续之前的日志)
[11:42:15 779] Memory WRITE at 0x40593010, data size = 8, data value = 0x1b521b31ed111635, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 779] Memory WRITE at 0x40593018, data size = 8, data value = 0x523a8ba0fadcdf0f, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 779] Memory WRITE at 0x40593020, data size = 8, data value = 0xe346e96b453b9986, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 779] Memory WRITE at 0x40593028, data size = 8, data value = 0x41a44c50e17e0d7e, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593030, data size = 8, data value = 0x9d1f64e39db28dcc, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593038, data size = 8, data value = 0xd522c3cf0ae6acfe, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593040, data size = 8, data value = 0x180c4137a6d87ecc, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593048, data size = 8, data value = 0x2dd5f3bf378b6545, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593050, data size = 8, data value = 0x651c903d3ce7d435, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593058, data size = 8, data value = 0xa52b0c3aec0e552b, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x40593053, data size = 8, data value = 0x0e552b651c903d3c, PC=RX@0x4028c1a4[libc.so]0x1c1a4, LR=RX@0x400497dc[libshield.so]0x497dc
[11:42:15 780] Memory WRITE at 0x4059305b, data size = 8, data value = 0x10cad6 a52b0c3aec, PC=RX@0x4028c1a4[libc.so]0x1c1a4, LR=RX@0x400497dc[libshield.so]0x497dc
通过LR返回的地址0x497dc 发现memcpy(v10 + 16, *(const void **)(v4 + 24), v14); 需要据此溯源找到原本的位置
查看trace[09:33:31 927][libshield.so 0x0497d8] [f622ff97] 0x400497d8: "bl #0x400123b0" -> 0x497d8的参数
void memcpy(voiddest, const void *src, size_t n); src源地址

mx1结果如下 每8个字节小端序与上述trace日志对比一致

-----------------------------------------------------------------------------<
[16:17:11 469]x1=RW@0x4045e060, md5=4a9f34aa55fe47d93444292936fbe440, hex=351611ed311b521b0fdfdcfaa08b3a5286993b456be946e37e0d7ee1504ca441cc8db29de3641f9dfeace60acfc322d5cc7ed8a637410c1845658b37bff3d52d35d4e73c3d901c652b550eec3a0c2ba5d6ca100000000000000000000000000000000000000000000000000000000000
size: 112
0000: 35 16 11 ED 31 1B 52 1B 0F DF DC FA A0 8B 3A 52 5...1.R.......:R
0010: 86 99 3B 45 6B E9 46 E3 7E 0D 7E E1 50 4C A4 41 ..;Ek.F..PL.A
0020: CC 8D B2 9D E3 64 1F 9D FE AC E6 0A CF C3 22 D5 .....d........".
0030: CC 7E D8 A6 37 41 0C 18 45 65 8B 37 BF F3 D5 2D .~..7A..Ee.7...-
0040: 35 D4 E7 3C 3D 90 1C 65 2B 55 0E EC 3A 0C 2B A5 5..<=..e+U..:.+.
0050: D6 CA 10 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^
trace(0x4045e060,0x4045e060+83) 查看这83字节具体生成的方式
16:23:39 690] Memory WRITE at 0x4045e060, data size = 1, data value = 0x35, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 690] Memory WRITE at 0x4045e061, data size = 1, data value = 0x16, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 690] Memory WRITE at 0x4045e062, data size = 1, data value = 0x11, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 690] Memory WRITE at 0x4045e063, data size = 1, data value = 0xed, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 690] Memory WRITE at 0x4045e064, data size = 1, data value = 0x31, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 690] Memory WRITE at 0x4045e065, data size = 1, data value = 0x1b, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 690] Memory WRITE at 0x4045e066, data size = 1, data value = 0x52, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 690] Memory WRITE at 0x4045e067, data size = 1, data value = 0x1b, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e068, data size = 1, data value = 0x0f, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e069, data size = 1, data value = 0xdf, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e06a, data size = 1, data value = 0xdc, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e06b, data size = 1, data value = 0xfa, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e06c, data size = 1, data value = 0xa0, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e06d, data size = 1, data value = 0x8b, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e06e, data size = 1, data value = 0x3a, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e06f, data size = 1, data value = 0x52, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e070, data size = 1, data value = 0x86, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e071, data size = 1, data value = 0x99, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e072, data size = 1, data value = 0x3b, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e073, data size = 1, data value = 0x45, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e074, data size = 1, data value = 0x6b, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e075, data size = 1, data value = 0xe9, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e076, data size = 1, data value = 0x46, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e077, data size = 1, data value = 0xe3, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 691] Memory WRITE at 0x4045e078, data size = 1, data value = 0x7e, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e079, data size = 1, data value = 0x0d, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e07a, data size = 1, data value = 0x7e, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e07b, data size = 1, data value = 0xe1, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e07c, data size = 1, data value = 0x50, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e07d, data size = 1, data value = 0x4c, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e07e, data size = 1, data value = 0xa4, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e07f, data size = 1, data value = 0x41, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e080, data size = 1, data value = 0xcc, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e081, data size = 1, data value = 0x8d, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e082, data size = 1, data value = 0xb2, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e083, data size = 1, data value = 0x9d, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e084, data size = 1, data value = 0xe3, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e085, data size = 1, data value = 0x64, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e086, data size = 1, data value = 0x1f, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e087, data size = 1, data value = 0x9d, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e088, data size = 1, data value = 0xfe, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e089, data size = 1, data value = 0xac, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e08a, data size = 1, data value = 0xe6, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e08b, data size = 1, data value = 0x0a, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e08c, data size = 1, data value = 0xcf, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e08d, data size = 1, data value = 0xc3, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e08e, data size = 1, data value = 0x22, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e08f, data size = 1, data value = 0xd5, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e090, data size = 1, data value = 0xcc, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e091, data size = 1, data value = 0x7e, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e092, data size = 1, data value = 0xd8, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e093, data size = 1, data value = 0xa6, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e094, data size = 1, data value = 0x37, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e095, data size = 1, data value = 0x41, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e096, data size = 1, data value = 0x0c, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e097, data size = 1, data value = 0x18, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e098, data size = 1, data value = 0x45, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e099, data size = 1, data value = 0x65, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 692] Memory WRITE at 0x4045e09a, data size = 1, data value = 0x8b, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e09b, data size = 1, data value = 0x37, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e09c, data size = 1, data value = 0xbf, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e09d, data size = 1, data value = 0xf3, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e09e, data size = 1, data value = 0xd5, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e09f, data size = 1, data value = 0x2d, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a0, data size = 1, data value = 0x35, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a1, data size = 1, data value = 0xd4, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a2, data size = 1, data value = 0xe7, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a3, data size = 1, data value = 0x3c, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a4, data size = 1, data value = 0x3d, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a5, data size = 1, data value = 0x90, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a6, data size = 1, data value = 0x1c, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a7, data size = 1, data value = 0x65, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a8, data size = 1, data value = 0x2b, PC=RX@0x4005126c[libshield.so]0x5126c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0a9, data size = 1, data value = 0x55, PC=RX@0x400512ac[libshield.so]0x512ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0aa, data size = 1, data value = 0x0e, PC=RX@0x400512ec[libshield.so]0x512ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0ab, data size = 1, data value = 0xec, PC=RX@0x4005132c[libshield.so]0x5132c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0ac, data size = 1, data value = 0x3a, PC=RX@0x4005136c[libshield.so]0x5136c, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0ad, data size = 1, data value = 0x0c, PC=RX@0x400513ac[libshield.so]0x513ac, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0ae, data size = 1, data value = 0x2b, PC=RX@0x400513ec[libshield.so]0x513ec, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0af, data size = 1, data value = 0xa5, PC=RX@0x40051424[libshield.so]0x51424, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0b0, data size = 1, data value = 0xd6, PC=RX@0x40051490[libshield.so]0x51490, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0b1, data size = 1, data value = 0xca, PC=RX@0x400514d8[libshield.so]0x514d8, LR=RX@0x40049570[libshield.so]0x49570
[16:23:39 693] Memory WRITE at 0x4045e0b2, data size = 1, data value = 0x10, PC=RX@0x40051520[libshield.so]0x51520, LR=RX@0x40049570[libshield.so]0x49570

通过PC找到了RC4加密函数_DWORD *__fastcall sub_511E0(_DWORD *result, unsigned int a2, _BYTE *a3, _BYTE *a4) -> 调用地址0x04956C
result -> S-box(256)
a2 -> 秘钥长度或操作模式(应该函数内部定义传参) mx2拿不到
a3 -> 明文数据的指针(入参)
a4 -> 密文数据的指针

RC4的加密前的数据如下(对此进行RC4加密) 在分析前十六位字节的本质时候也遇到过
size: 112 (其中后十六位是md5加密)
0000: 00 00 00 01 EC FA AF 01 00 00 00 02 00 00 00 07 ................
0010: 00 00 00 24 00 00 00 10 38 33 32 30 36 38 39 33 ...$....83206893
0020: 39 39 32 33 65 33 63 2D 36 63 36 65 2D 33 38 39 9923e3c-6c6e-389
0030: 31 2D 39 34 35 61 2D 66 64 30 33 63 34 37 39 36 1-945a-fd03c4796
0040: 65 62 33 A9 EC EC C3 C7 90 C4 E7 78 41 37 63 F3 eb3........xA7c.
0050: F5 3D AB 00 00 00 00 00 00 00 00 00 00 00 00 00 .=..............
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

在cyberchef中使用 from hexdump + rc4 + to hexdump 三个模块就能直观看到加密的效果,但是还缺少rc4的加密key,因此接下来的关键是分析sub_511E0
拿到加密key
再次分析sub_511E0 发现result参数 是一个指向 RC4 状态数组的指针,通常用于存储 RC4 算法的内部状态。RC4 算法的核心是一个 256 字节的 S 盒(S-box),用于生成伪随机流,与明文进行异或操作以实现加密或解密。
打印断点输出mx0 得到result传参 rc4的S-box通常长度为256

-----------------------------------------------------------------------------<
[22:36:26 337]x0=unidbg@0xbffff090, md5=5236eb5b920a73ee6795b593a28b7cf0, hex=00000000000000007c0000002e0000000e0000003d0000000900000032000000e30000001c00000087000000c9000000b30000002d000000b10000002b000000dd000000200000000b000000c3000000280000005c0000000f0000007b00000012000000530000000c0000002f000000
size: 112
0000: 00 00 00 00 00 00 00 00 7C 00 00 00 2E 00 00 00 ........|.......
0010: 0E 00 00 00 3D 00 00 00 09 00 00 00 32 00 00 00 ....=.......2...
0020: E3 00 00 00 1C 00 00 00 87 00 00 00 C9 00 00 00 ................
0030: B3 00 00 00 2D 00 00 00 B1 00 00 00 2B 00 00 00 ....-.......+...
0040: DD 00 00 00 20 00 00 00 0B 00 00 00 C3 00 00 00 .... ...........
0050: 28 00 00 00 5C 00 00 00 0F 00 00 00 7B 00 00 00 (..........{...
0060: 12 00 00 00 53 00 00 00 0C 00 00 00 2F 00 00 00 ....S......./...
^-----------------------------------------------------------------------------^

注:如果要表示一个存储的是指针的内存地址,通常会使用 unidbg@<address> 这样的表示方式
.text&ARM.extab:000000000004955C MOV X0, SP
.text&ARM.extab:0000000000049560 MOV W1, W20
.text&ARM.extab:0000000000049564 MOV X2, X21
.text&ARM.extab:0000000000049568 MOV X3, X22
.text&ARM.extab:000000000004956C BL sub_511E0
根据IDA中的汇编 发现这里的X0传的SP,属于栈内存,因此x0=unidbg@0xbffff090 这块内存是栈内存 -> emulator.traceWrite(0xbffff099L,0xbffff090+5);
思考:为什么用栈传递S-box?
局部变量的存储:即在算法函数内部存储了S-box,S-box是RC4算法的临时数据接口,通常在函数执行期间使用,并且因为是局部变量不会出现线程安全问题,且访问速度快提升算法性能
因此通过trace(0xbffff090, 0xbffff090+256) -> len(S-box) = 256

T = [0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61
, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29
, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a
, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28
, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a
, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74
, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64
, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72
, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74
, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f
, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73
, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62
, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72, 0x74, 0x28, 0x29, 0x3b
, 0x73, 0x74, 0x64, 0x3a, 0x3a, 0x61, 0x62, 0x6f, 0x72]
def bytes_to_hex(bytes):
return ''.join(f'{byte:02x}' for byte in bytes)
print(bytes_to_hex(T))

在cyberchef中验证需要将13位扩充到256位的秘钥数组转成长度为512的秘钥字符串才能得出正确结果
key = "7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f72"

RC4会将我们拿到的 key=7374643a3a61626f727428293b (13位) 复制扩充至 -> 256位 如上述所示

=================================从打印trace栈内存这里开始重新研究 先还原算法

xxx ="7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f727428293b7374643a3a61626f72"
print(len(xxx))

6.由此继续分析RC4加密的源数据
把之前的数据拿下来继续分析
[14:15:23 990]x2=RW@0x4045e000, md5=4e595c010a71e5f94ac96e1146e01f23, hex=00000001ecfaaf01000000020000000700000024000000103833323036383933393932336533632d366336652d333839312d393435612d666430336334373936656233a9ececc3c790c4e778413763f3f53dab0000000000000000000000000000000000000000000000000000000000
size: 112
0000: 00 00 00 01 EC FA AF 01 00 00 00 02 00 00 00 07 ................
0010: 00 00 00 24 00 00 00 10 38 33 32 30 36 38 39 33 ...$....83206893
0020: 39 39 32 33 65 33 63 2D 36 63 36 65 2D 33 38 39 9923e3c-6c6e-389
0030: 31 2D 39 34 35 61 2D 66 64 30 33 63 34 37 39 36 1-945a-fd03c4796
0040: 65 62 33 A9 EC EC C3 C7 90 C4 E7 78 41 37 63 F3 eb3........xA7c.
0050: F5 3D AB 00 00 00 00 00 00 00 00 00 00 00 00 00 .=..............
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

怎么看出来是md5的? 通常在数据末尾32位的十六进制数,还得结合上下文观察
打印了上述RC4加密函数的 源数据(mx2) trace(0x4045e000, 0x4045e000+256)

[14:20:16 036] Memory WRITE at 0x4045e003, data size = 1, data value = 0x01, PC=RX@0x4004938c[libshield.so]0x4938c, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 036] Memory WRITE at 0x4045e004, data size = 1, data value = 0xec, PC=RX@0x40049394[libshield.so]0x49394, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 036] Memory WRITE at 0x4045e005, data size = 1, data value = 0xfa, PC=RX@0x4004939c[libshield.so]0x4939c, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 036] Memory WRITE at 0x4045e006, data size = 1, data value = 0xaf, PC=RX@0x400493a8[libshield.so]0x493a8, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 036] Memory WRITE at 0x4045e007, data size = 1, data value = 0x01, PC=RX@0x400493b0[libshield.so]0x493b0, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 036] Memory WRITE at 0x4045e008, data size = 1, data value = 0x00, PC=RX@0x400493b8[libshield.so]0x493b8, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 036] Memory WRITE at 0x4045e009, data size = 1, data value = 0x00, PC=RX@0x400493c0[libshield.so]0x493c0, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e00a, data size = 1, data value = 0x00, PC=RX@0x400493cc[libshield.so]0x493cc, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e00b, data size = 1, data value = 0x02, PC=RX@0x400493d4[libshield.so]0x493d4, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e00c, data size = 1, data value = 0x00, PC=RX@0x400493dc[libshield.so]0x493dc, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e00d, data size = 1, data value = 0x00, PC=RX@0x400493e4[libshield.so]0x493e4, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e00e, data size = 1, data value = 0x00, PC=RX@0x400493f0[libshield.so]0x493f0, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e00f, data size = 1, data value = 0x07, PC=RX@0x400493f8[libshield.so]0x493f8, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e010, data size = 1, data value = 0x00, PC=RX@0x40049400[libshield.so]0x49400, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e011, data size = 1, data value = 0x00, PC=RX@0x40049408[libshield.so]0x49408, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e012, data size = 1, data value = 0x00, PC=RX@0x40049414[libshield.so]0x49414, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e013, data size = 1, data value = 0x24, PC=RX@0x4004941c[libshield.so]0x4941c, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e014, data size = 1, data value = 0x00, PC=RX@0x40049424[libshield.so]0x49424, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e015, data size = 1, data value = 0x00, PC=RX@0x4004942c[libshield.so]0x4942c, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e016, data size = 1, data value = 0x00, PC=RX@0x40049438[libshield.so]0x49438, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e017, data size = 1, data value = 0x10, PC=RX@0x40049440[libshield.so]0x49440, LR=RX@0x4004932c[libshield.so]0x4932c
[14:20:16 037] Memory WRITE at 0x4045e018, data size = 4, data value = 0x30323338, PC=RX@0x4028c1c0[libc.so]0x1c1c0, LR=RX@0x40049470[libshield.so]0x49470
[14:20:16 037] Memory WRITE at 0x4045e01c, data size = 2, data value = 0x3836, PC=RX@0x4028c1cc[libc.so]0x1c1cc, LR=RX@0x40049470[libshield.so]0x49470
[14:20:16 037] Memory WRITE at 0x4045e01e, data size = 1, data value = 0x39, PC=RX@0x4028c1d8[libc.so]0x1c1d8, LR=RX@0x40049470[libshield.so]0x49470
[14:20:16 037] Memory WRITE at 0x4045e01f, data size = 8, data value = 0x6333653332393933, PC=RX@0x4028c184[libc.so]0x1c184, LR=RX@0x40049484[libshield.so]0x49484
[14:20:16 037] Memory WRITE at 0x4045e027, data size = 8, data value = 0x38332d653663362d, PC=RX@0x4028c184[libc.so]0x1c184, LR=RX@0x40049484[libshield.so]0x49484
[14:20:16 037] Memory WRITE at 0x4045e02f, data size = 8, data value = 0x2d613534392d3139, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x40049484[libshield.so]0x49484
[14:20:16 037] Memory WRITE at 0x4045e037, data size = 8, data value = 0x3937346333306466, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x40049484[libshield.so]0x49484
[14:20:16 037] Memory WRITE at 0x4045e033, data size = 8, data value = 0x333064662d613534, PC=RX@0x4028c1a4[libc.so]0x1c1a4, LR=RX@0x40049484[libshield.so]0x49484
[14:20:16 038] Memory WRITE at 0x4045e03b, data size = 8, data value = 0x3362653639373463, PC=RX@0x4028c1a4[libc.so]0x1c1a4, LR=RX@0x40049484[libshield.so]0x49484
[14:20:16 038] Memory WRITE at 0x4045e043, data size = 8, data value = 0xe7c490c7c3ececa9, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x40049498[libshield.so]0x49498
[14:20:16 038] Memory WRITE at 0x4045e04b, data size = 8, data value = 0xab3df5f363374178, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x40049498[libshield.so]0x49498
A9 EC EC C3 C7 90 C4 E7 78 41 37 63 F3 F5 3D AB 刚好是这最后两行日志,IDA查看调用和返回的地址发现其调用了
.text&ARM.extab:0000000000049494 BL memcpy

在memcpy调用处0x49494打断点,找到数据的源头(这里是当时想确定的后十六位的情况,继续trace(0x4047e000,0x4047e000+256)观察代码判断是否是加密参数)
[14:35:57 600]x1=RW@0x4047e000, md5=3f699753e1265c2cc58ed64435928820, hex=a9ececc3c790c4e778413763f3f53dab000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: A9 EC EC C3 C7 90 C4 E7 78 41 37 63 F3 F5 3D AB ........xA7c..=.
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

trace如下
[14:39:20 449] Memory WRITE at 0x4047e000, data size = 8, data value = 0xe7c490c7c3ececa9, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x4004919c[libshield.so]0x4919c
[14:39:20 449] Memory WRITE at 0x4047e008, data size = 8, data value = 0xab3df5f363374178, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x4004919c[libshield.so]0x4919c

IDA查询以后发现 依旧是调用了 .text&ARM.extab:0000000000049198 BL memcpy
继续打断点0x049198

-----------------------------------------------------------------------------<
[14:49:10 217]x1=RW@0x40453138, md5=028a08b66eafbfdec7f404e9f9791827, hex=a9ececc3c790c4e778413763f3f53dab000000000000000033393932336533632d366336652d333839312d393435612d66643033633437393665623300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: A9 EC EC C3 C7 90 C4 E7 78 41 37 63 F3 F5 3D AB ........xA7c..=.
0010: 00 00 00 00 00 00 00 00 33 39 39 32 33 65 33 63 ........39923e3c
0020: 2D 36 63 36 65 2D 33 38 39 31 2D 39 34 35 61 2D -6c6e-3891-945a-
0030: 66 64 30 33 63 34 37 39 36 65 62 33 00 00 00 00 fd03c4796eb3....
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

发现第一行也是那一串密文 继续trace(0x40453138,0x40453138+256)

[14:52:40 378] Memory WRITE at 0x40453138, data size = 8, data value = 0xe7c490c7c3ececa9, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x4009cdb4[libshield.so]0x9cdb4
[14:52:40 379] Memory WRITE at 0x40453140, data size = 8, data value = 0xab3df5f363374178, PC=RX@0x4028c18c[libc.so]0x1c18c, LR=RX@0x4009cdb4[libshield.so]0x9cdb4
IDA查看后 result = memcpy(v10, v9, a3); 继续打断点0x9CDB0 控制台c跳转到下一次断点才出现这个数据

-----------------------------------------------------------------------------<
[15:30:01 347]x1=unidbg@0xbffff478, md5=91abbf2e64095f4296c2c2751968d171, hex=a9ececc3c790c4e778413763f3f53dab000000000000000000c0104000000000ae7ff20d0000000000b0454000000000a0f5ffbf00000000000000000000000000c0104000000000040000000000000000c0104000000000f3929b31000000004016feff0000000000f7ffbf00000000
size: 112
0000: A9 EC EC C3 C7 90 C4 E7 78 41 37 63 F3 F5 3D AB ........xA7c..=.
0010: 00 00 00 00 00 00 00 00 00 C0 10 40 00 00 00 00 ...........@....
0020: AE 7F F2 0D 00 00 00 00 00 B0 45 40 00 00 00 00 ..........E@....
0030: A0 F5 FF BF 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 C0 10 40 00 00 00 00 04 00 00 00 00 00 00 00 ...@............
0050: 00 C0 10 40 00 00 00 00 F3 92 9B 31 00 00 00 00 ...@.......1....
0060: 40 16 FE FF 00 00 00 00 00 F7 FF BF 00 00 00 00 @...............
^-----------------------------------------------------------------------------^

继续trace(0xbffff478, 0xbffff478+256)溯源
[15:32:31 641] Memory WRITE at 0xbffff478, data size = 1, data value = 0xa9, PC=RX@0x400546d8[libshield.so]0x546d8, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff479, data size = 1, data value = 0xec, PC=RX@0x400546dc[libshield.so]0x546dc, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff47a, data size = 1, data value = 0xec, PC=RX@0x400546e8[libshield.so]0x546e8, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff47b, data size = 1, data value = 0xc3, PC=RX@0x400546ec[libshield.so]0x546ec, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff47c, data size = 1, data value = 0xc7, PC=RX@0x400546f8[libshield.so]0x546f8, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff47d, data size = 1, data value = 0x90, PC=RX@0x400546fc[libshield.so]0x546fc, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff47e, data size = 1, data value = 0xc4, PC=RX@0x40054708[libshield.so]0x54708, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff47f, data size = 1, data value = 0xe7, PC=RX@0x4005470c[libshield.so]0x5470c, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff480, data size = 1, data value = 0x78, PC=RX@0x40054718[libshield.so]0x54718, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff481, data size = 1, data value = 0x41, PC=RX@0x4005471c[libshield.so]0x5471c, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff482, data size = 1, data value = 0x37, PC=RX@0x40054728[libshield.so]0x54728, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff483, data size = 1, data value = 0x63, PC=RX@0x4005472c[libshield.so]0x5472c, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff484, data size = 1, data value = 0xf3, PC=RX@0x40054738[libshield.so]0x54738, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff485, data size = 1, data value = 0xf5, PC=RX@0x4005473c[libshield.so]0x5473c, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff486, data size = 1, data value = 0x3d, PC=RX@0x40054748[libshield.so]0x54748, LR=RX@0x400546cc[libshield.so]0x546cc
[15:32:31 641] Memory WRITE at 0xbffff487, data size = 1, data value = 0xab, PC=RX@0x4005474c[libshield.so]0x5474c, LR=RX@0x400546cc[libshield.so]0x546cc

IDA根据PC指向的内容 追溯到__int64 __fastcall sub_54600(__int64 a1, int *a2)
mx0 -> a1

-----------------------------------------------------------------------------<
[23:35:34 588]x0=unidbg@0xbffff3d8, md5=87a1b7746d2b3919e4b5326d43067421, hex=1e000000000000001f00000000000000006031400000000060f4ffbf00000000f0f3ffbf00000000c0f3ffbf00000000d8ffffff80ffffff50f4ffbf000000000000000000000000ffffffff000000002ed2993d00000000939370320000000000104640000000004016feff00000000
size: 112
0000: 1E 00 00 00 00 00 00 00 1F 00 00 00 00 00 00 00 ................
0010: 00 60 31 40 00 00 00 00 60 F4 FF BF 00 00 00 00 .1@...........
0020: F0 F3 FF BF 00 00 00 00 C0 F3 FF BF 00 00 00 00 ................
0030: D8 FF FF FF 80 FF FF FF 50 F4 FF BF 00 00 00 00 ........P.......
0040: 00 00 00 00 00 00 00 00 FF FF FF FF 00 00 00 00 ................
0050: 2E D2 99 3D 00 00 00 00 93 93 70 32 00 00 00 00 ...=......p2....
0060: 00 10 46 40 00 00 00 00 40 16 FE FF 00 00 00 00 ..F@....@.......
^-----------------------------------------------------------------------------^

mx1 -> a2

-----------------------------------------------------------------------------<
[23:35:52 971]x1=RW@0x40469300, md5=0b80a9160ce474c9b6e8bb994abe2ffe, hex=fdc766edab21b268d4dd98cc8f8033a7d02a0000000000006336652d333839312d393435612d66643033633437393665623300000000000000000000000000000000000000000000000000000000000000000000000000001a00000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: FD C7 66 ED AB 21 B2 68 D4 DD 98 CC 8F 80 33 A7 ..f..!.h......3.
0010: D0 2A 00 00 00 00 00 00 63 36 65 2D 33 38 39 31 .*......c6e-3891
0020: 2D 39 34 35 61 2D 66 64 30 33 63 34 37 39 36 65 -945a-fd03c4796e
0030: 62 33 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b3..............
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 1A 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

对于mx0,你看到的是x0寄存器对应的内存区域内容,这里的值代表了a1的实际内容。从输出可以看到,它包含了各种数据,这些数据实际上反映了a1参数的值或其引用的数据内容。
对于mx1,你查看的是x1寄存器指向的内存地址处的内容,即a2作为一个指针变量指向的实际内存位置的内容。在这个例子中,a2指向的内存包含了一些十六进制数值、可能的标识符(如c6e-3891-945a-fd03c4796eb3)
因为内部进行了一系列运算,由a1,a2参与,没法直接口算验证

根据IDA中如下伪代码可以分析
result = 1LL;
v11 = (unsigned int) * a2 >> 8;
*(_BYTE *)
a1 = *a2;
*(_BYTE *)(a1 + 1) = v11;
*(_BYTE *)(a1 + 2) = BYTE2(v9);
*(_BYTE *)(a1 + 3) = HIBYTE(v9);
*(_DWORD *)(a1 + 4) = a2[1];
*(_DWORD *)(a1 + 8) = a2[2];
*(_DWORD *)(a1 + 12) = a2[3];

====>
v11 = 169 = 0xFD >> 8 -> 0x40469300 >> 8 = 4212371

可以大致确定32位的MD5值由sub)54600以及其内部实现得到,当下需要拆分其内部结构与标准HMAC MD5进行对照
简单的hook其内部实现就能发现 sub_539DC这个函数有MD5的核心实现异或运算以及分块update进行内外部哈希运算的操作
(需要先去了解MD5源码特征 把MD5对应的核心函数如update等打印日志 寻找各种特征值 寻找魔改点)

int *__fastcall sub_539DC(int *result, unsigned __int8 *a2, __int64 a3) -> 对比update函数
代码分析:
1.
result:指向一个整数数组的指针,通常用于存储MD5的中间状态(即A、B、C、D四个32位寄存器)
a2:指向输入数据的指针,通常是待处理的数据块。
a3:表示数据块的长度或处理的次数
2.解释说明
MD5的核心操作:将输入数据分层512位(64字节)的块,每个块经过四轮处理,每轮包含16次操作。(代码循环结构do-while)
MD5的轮函数:
代码中的HIDWORD(v26)和LODWORD(v26)操作类似于MD5中的轮函数操作,用于更新MD5的中间状态。
代码中的v3、v4、v5、v6等变量可能对应MD5的四个寄存器(A、B、C、D)。
常量加法:
MD5算法中使用了大量的常量(如正弦函数的整数部分),这些常量在代码中可能被硬编码为result数组中的某些值。
数据块处理:
代码中从a2指针读取数据,并将其分成多个32位的字进行处理,这与MD5算法中对输入数据的分块处理方式一致。

遇到难以分析的函数,先看断点看输入输出
debugger.addBreakPoint(module.base+0x539DC, new BreakPointCallback() {
int num = 0;
@Override
public boolean onHit(Emulator<?> emulator, long address) { RegisterContext context = emulator.getContext(); Pointer src1 = context.getPointerArg(0); Pointer src2 = context.getPointerArg(1); num+=1; System.out.println("num==================================="+num); Inspector.inspect(src1.getByteArray(0,0x70), "0x539DC onenter arg0 "+num); Inspector.inspect(src2.getByteArray(0,0x70), "0x539DC onenter arg1 "+num); emulator.attach().addBreakPoint(context.getLRPointer().peer, new BreakPointCallback() { @Override public boolean onHit(Emulator<?> emulator, long address) {
Inspector.inspect(src1.getByteArray(0,0x70), "0x539DC onleave arg0 "+num);
Inspector.inspect(src2.getByteArray(0,0x70), "0x539DC onleave arg1 "+num);
return true;
}
});
return true;
}
});

根据md5那个教学视频 md5需要关注的模块大致就那么几个 总结一下。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。

根据上述分析得知,arg0存储的是a0 b0 c0 d0四个md5状态数组的中间态
arg1存储的是数据
arg2存储的是数据长度或者计算次数相关
该断点打印的日志 可以得到md5的状态数组 一步一步对照着看即可
a0 = 0x67452301
b0 = 0xEFCDAB89
c0 = 0x98BADCFE
d0 = 0x10325476

根据HMAC MD5的公式去推测下方日志的各部分功能
HMAC(K,M) = H((outer_key ^opad) || H((inner_key ^ ipad) || M))
K 是原始秘钥
M 是消息
H 是哈希函数(MD5)
inner_key 和 outer_key是内外哈希秘钥
ipad和opad是固定填充值
|| 表示字符串连接

num===================================1

-----------------------------------------------------------------------------<
[09:18:53 204]0x539DC onenter arg0 1, md5=2391e90a328d7d9e29b58b37a6e9e379, hex=76543210fedcba9889abcdef012345670002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: 76 54 32 10 FE DC BA 98 89 AB CD EF 01 23 45 67 vT2..........#Eg ====> 初始化魔数 这一行存储的刚好就是a0 b0 c0 d0的标准初始化状态
0010: 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 207]0x539DC onenter arg1 1, md5=ad3961e36853d36706ed11d40f2d0de0, hex=c09939459c1ac1550dfabde8604cd5579c5c68927a0ed2ded626c05bc0515f98c7b34ff058fcb9a8944e9bcd743a6afd9ad6bb5ac65bb201a7427f30819fd0ea363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636
size: 112
0000: C0 99 39 45 9C 1A C1 55 0D FA BD E8 60 4C D5 57 ..9E...U....`L.W ====> self.inner_key = self.xor_bytes(key, b'\x36' * self.block_size) 猜测是md5 内部哈希使用的秘钥
0010: 9C 5C 68 92 7A 0E D2 DE D6 26 C0 5B C0 51 5F 98 .\h.z....&.[.Q_. ====> 或者说 inner_key ^ ipad
0020: C7 B3 4F F0 58 FC B9 A8 94 4E 9B CD 74 3A 6A FD ..O.X....N..t:j.
0030: 9A D6 BB 5A C6 5B B2 01 A7 42 7F 30 81 9F D0 EA ...Z.[...B.0....
0040: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 6666666666666666
0050: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 6666666666666666
0060: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 6666666666666666
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 210]0x539DC onleave arg0 1, md5=7b848a1c211f5427f9387de097314fe0, hex=95f2e683b60384c3dab6f917341ee4130002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: 95 F2 E6 83 B6 03 84 C3 DA B6 F9 17 34 1E E4 13 ............4... ====> 运算后 魔数的状态定为 context1
0010: 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 210]0x539DC onleave arg1 1, md5=ad3961e36853d36706ed11d40f2d0de0, hex=c09939459c1ac1550dfabde8604cd5579c5c68927a0ed2ded626c05bc0515f98c7b34ff058fcb9a8944e9bcd743a6afd9ad6bb5ac65bb201a7427f30819fd0ea363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636
size: 112
0000: C0 99 39 45 9C 1A C1 55 0D FA BD E8 60 4C D5 57 ..9E...U....`L.W ====> inner_key ^ ipad未发生变化
0010: 9C 5C 68 92 7A 0E D2 DE D6 26 C0 5B C0 51 5F 98 .\h.z....&.[.Q_.
0020: C7 B3 4F F0 58 FC B9 A8 94 4E 9B CD 74 3A 6A FD ..O.X....N..t:j.
0030: 9A D6 BB 5A C6 5B B2 01 A7 42 7F 30 81 9F D0 EA ...Z.[...B.0....
0040: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 6666666666666666
0050: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 6666666666666666
0060: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 6666666666666666
^-----------------------------------------------------------------------------^
num===================================2

-----------------------------------------------------------------------------<
[09:18:53 211]0x539DC onenter arg0 2, md5=2391e90a328d7d9e29b58b37a6e9e379, hex=76543210fedcba9889abcdef012345670002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: 76 54 32 10 FE DC BA 98 89 AB CD EF 01 23 45 67 vT2..........#Eg ====> 第二次使用初始化的魔数
0010: 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 211]0x539DC onenter arg1 2, md5=c7da11f9893ecb4646005feb5d3aa43d, hex=aaf3532ff670ab3f6790d7820a26bf3df63602f81064b8b4bc4caa31aa3b35f2add9259a3296d3c2fe24f1a71e500097f0bcd130ac31d86bcd28155aebf5ba805c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c
size: 112
0000: AA F3 53 2F F6 70 AB 3F 67 90 D7 82 0A 26 BF 3D ..S/.p.?g....&.= ====> 发生改变 self.outer_key = self.xor_bytes(key, b'\x5c' * self.block_size) 猜测是外部哈希的秘钥
0010: F6 36 02 F8 10 64 B8 B4 BC 4C AA 31 AA 3B 35 F2 .6...d...L.1.;5. ====> 猜测是outer_key ^opad
0020: AD D9 25 9A 32 96 D3 C2 FE 24 F1 A7 1E 50 00 97 ..%.2....$...P..
0030: F0 BC D1 30 AC 31 D8 6B CD 28 15 5A EB F5 BA 80 ...0.1.k.(.Z....
0040: 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C \\\\\\\\ ====> 0x5c -> ''
0050: 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C \\\\\\\\
0060: 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C \\\\\\\\
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 211]0x539DC onleave arg0 2, md5=977c2480839d0eef219e44792f4be455, hex=4dce5e546813c11e6c9d64b5eee2c4d10002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: 4D CE 5E 54 68 13 C1 1E 6C 9D 64 B5 EE E2 C4 D1 M.^Th...l.d..... ====> 定为context2 a0 b0 c0 d0状态发生改变
0010: 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 211]0x539DC onleave arg1 2, md5=c7da11f9893ecb4646005feb5d3aa43d, hex=aaf3532ff670ab3f6790d7820a26bf3df63602f81064b8b4bc4caa31aa3b35f2add9259a3296d3c2fe24f1a71e500097f0bcd130ac31d86bcd28155aebf5ba805c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c
size: 112
0000: AA F3 53 2F F6 70 AB 3F 67 90 D7 82 0A 26 BF 3D ..S/.p.?g....&.= ====> outer_key 未变化
0010: F6 36 02 F8 10 64 B8 B4 BC 4C AA 31 AA 3B 35 F2 .6...d...L.1.;5.
0020: AD D9 25 9A 32 96 D3 C2 FE 24 F1 A7 1E 50 00 97 ..%.2....$...P..
0030: F0 BC D1 30 AC 31 D8 6B CD 28 15 5A EB F5 BA 80 ...0.1.k.(.Z....
0040: 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C \\\\\\\\
0050: 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C \\\\\\\\
0060: 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C 5C \\\\\\\\
^-----------------------------------------------------------------------------^
JNIEnv->CallIntMethodV(okio.Buffer@551aa95a, read([B@3cef309d) => 0x51a) was called from RX@0x40013d54[libshield.so]0x13d54
JNIEnv->GetByteArrayElements(false) => [B@3cef309d was called from RX@0x40016048[libshield.so]0x16048
num===================================3

-----------------------------------------------------------------------------<
[09:18:53 218]0x539DC onenter arg0 3, md5=82c7d92b94e9396afef90915f4f6285c, hex=95f2e683b60384c3dab6f917341ee413d02a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: 95 F2 E6 83 B6 03 84 C3 DA B6 F9 17 34 1E E4 13 ............4... ====> 魔数使用的是context1 95 F2 E6 83 B6 03 84 C3 DA B6 F9 17 34 1E E4 13这是一轮运算后的a0 b0 c0 d0状态
0010: D0 2A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .*..............
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 219]0x539DC onenter arg1 3, md5=904e35cfd0569c51b3e8544e3ade61f5, hex=2f6170692f736e732f76362f686f6d65666565646f69643d686f6d65666565645f7265636f6d6d656e6426637572736f725f73636f72653d313731333833323536332e393638302667656f3d65794a73595852706448566b5a5349364d4334774d4441774d444173496d7876626d6470
size: 112
0000: 2F 61 70 69 2F 73 6E 73 2F 76 36 2F 68 6F 6D 65 /api/sns/v6/home ====> 猜测H((outer_key ^opad) || H((inner_key ^ ipad) || M))中的 M(原始消息)
0010: 66 65 65 64 6F 69 64 3D 68 6F 6D 65 66 65 65 64 feedoid=homefeed 入参用的url(去掉协议和问号) + xy-common-params + xy-direction + xy-platform-info,也对应着update过程
0020: 5F 72 65 63 6F 6D 6D 65 6E 64 26 63 75 72 73 6F _recommend&curso ====> 使用# m0x40151000 0x1000可以查看url全部内容
0030: 72 5F 73 63 6F 72 65 3D 31 37 31 33 38 33 32 35 r_score=17138325
0040: 36 33 2E 39 36 38 30 26 67 65 6F 3D 65 79 4A 73 63.9680&geo=eyJs
0050: 59 58 52 70 64 48 56 6B 5A 53 49 36 4D 43 34 77 YXRpdHVkZSI6MC4w
0060: 4D 44 41 77 4D 44 41 73 49 6D 78 76 62 6D 64 70 MDAwMDAsImxvbmdp
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 219]0x539DC onleave arg0 3, md5=4928acd31fa5b37e556d1b0373c9cf5f, hex=fdc766edab21b268d4dd98cc8f8033a7d02a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: FD C7 66 ED AB 21 B2 68 D4 DD 98 CC 8F 80 33 A7 ..f..!.h......3. ====> FD C7 66 ED AB 21 B2 68 D4 DD 98 CC 8F 80 33 A7 达到最开始hook sub_54600时arg1的状态
0010: D0 2A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .*..............
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 219]0x539DC onleave arg1 3, md5=904e35cfd0569c51b3e8544e3ade61f5, hex=2f6170692f736e732f76362f686f6d65666565646f69643d686f6d65666565645f7265636f6d6d656e6426637572736f725f73636f72653d313731333833323536332e393638302667656f3d65794a73595852706448566b5a5349364d4334774d4441774d444173496d7876626d6470
size: 112
0000: 2F 61 70 69 2F 73 6E 73 2F 76 36 2F 68 6F 6D 65 /api/sns/v6/home
0010: 66 65 65 64 6F 69 64 3D 68 6F 6D 65 66 65 65 64 feedoid=homefeed
0020: 5F 72 65 63 6F 6D 6D 65 6E 64 26 63 75 72 73 6F _recommend&curso
0030: 72 5F 73 63 6F 72 65 3D 31 37 31 33 38 33 32 35 r_score=17138325
0040: 36 33 2E 39 36 38 30 26 67 65 6F 3D 65 79 4A 73 63.9680&geo=eyJs
0050: 59 58 52 70 64 48 56 6B 5A 53 49 36 4D 43 34 77 YXRpdHVkZSI6MC4w
0060: 4D 44 41 77 4D 44 41 73 49 6D 78 76 62 6D 64 70 MDAwMDAsImxvbmdp
^-----------------------------------------------------------------------------^
JNIEnv->CallIntMethodV(okio.Buffer@551aa95a, read([B@32709393) => 0xffffffff) was called from RX@0x40013d54[libshield.so]0x13d54
num===================================4

-----------------------------------------------------------------------------<
[09:18:53 220]0x539DC onenter arg0 4, md5=3703657ab7de0a79075c1adef0d9fb96, hex=fdc766edab21b268d4dd98cc8f8033a7d02a0000000000006336652d333839312d393435612d666430336334373936656233800000000000000000000000000000000000000000000000000000000000d02a0000000000001a00000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: FD C7 66 ED AB 21 B2 68 D4 DD 98 CC 8F 80 33 A7 ..f..!.h......3. ====> 是第三次填充结果的update 看到有0x80想到填充,得到第一个md5的结果
0010: D0 2A 00 00 00 00 00 00 63 36 65 2D 33 38 39 31 .......c6e-3891
0020: 2D 39 34 35 61 2D 66 64 30 33 63 34 37 39 36 65 -945a-fd03c4796e ====> 这里update 传入的数据不够512还需要填充0x80 再填充0x00
0030: 62 33 80 00 00 00 00 00 00 00 00 00 00 00 00 00 b3..............
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: D0 2A 00 00 00 00 00 00 1A 00 00 00 56 B7 C9 E9 ...........V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^
填充
def pad_message(message): # 填充
original_length_bits = len(message) * 8
message += b'\x80'
while (len(message) + 8) % 64 != 0:
message += b'\x00'
message += struct.pack('<Q', original_length_bits)
return message

-----------------------------------------------------------------------------<
[09:18:53 220]0x539DC onenter arg1 4, md5=58f35f1e6adedcab6edcdf162a0b7409, hex=6336652d333839312d393435612d666430336334373936656233800000000000000000000000000000000000000000000000000000000000d02a0000000000001a00000056b7c9e979a41bd7db811024d9881068aff7149bb15b1fffbed71c8822616666936166f69e6319a621091449
size: 112
0000: 63 36 65 2D 33 38 39 31 2D 39 34 35 61 2D 66 64 c6e-3891-945a-fd
0010: 30 33 63 34 37 39 36 65 62 33 80 00 00 00 00 00 03c4796eb3......
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 D0 2A 00 00 00 00 00 00 .........*......
0040: 1A 00 00 00 56 B7 C9 E9 79 A4 1B D7 DB 81 10 24 ....V...y......$
0050: D9 88 10 68 AF F7 14 9B B1 5B 1F FF BE D7 1C 88 ...h.....[......
0060: 22 61 66 66 93 61 66 F6 9E 63 19 A6 21 09 14 49 "aff.af..c..!..I
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 221]0x539DC onleave arg0 4, md5=bc25db9ecb4d17f74c073d412e7ac5d4, hex=52b5e275188da27ee6aa771bcc702836d02a0000000000006336652d333839312d393435612d666430336334373936656233800000000000000000000000000000000000000000000000000000000000d02a0000000000001a00000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: 52 B5 E2 75 18 8D A2 7E E6 AA 77 1B CC 70 28 36 R..u...~..w..p(6
0010: D0 2A 00 00 00 00 00 00 63 36 65 2D 33 38 39 31 .......c6e-3891
0020: 2D 39 34 35 61 2D 66 64 30 33 63 34 37 39 36 65 -945a-fd03c4796e
0030: 62 33 80 00 00 00 00 00 00 00 00 00 00 00 00 00 b3..............
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: D0 2A 00 00 00 00 00 00 1A 00 00 00 56 B7 C9 E9 ...........V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 221]0x539DC onleave arg1 4, md5=58f35f1e6adedcab6edcdf162a0b7409, hex=6336652d333839312d393435612d666430336334373936656233800000000000000000000000000000000000000000000000000000000000d02a0000000000001a00000056b7c9e979a41bd7db811024d9881068aff7149bb15b1fffbed71c8822616666936166f69e6319a621091449
size: 112
0000: 63 36 65 2D 33 38 39 31 2D 39 34 35 61 2D 66 64 c6e-3891-945a-fd
0010: 30 33 63 34 37 39 36 65 62 33 80 00 00 00 00 00 03c4796eb3......
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 D0 2A 00 00 00 00 00 00 .........*......
0040: 1A 00 00 00 56 B7 C9 E9 79 A4 1B D7 DB 81 10 24 ....V...y......$
0050: D9 88 10 68 AF F7 14 9B B1 5B 1F FF BE D7 1C 88 ...h.....[......
0060: 22 61 66 66 93 61 66 F6 9E 63 19 A6 21 09 14 49 "aff.af..c..!..I
^-----------------------------------------------------------------------------^
num===================================5

-----------------------------------------------------------------------------<
[09:18:53 221]0x539DC onenter arg0 5, md5=1a011536c1b536274d283d0babbfa549, hex=4dce5e546813c11e6c9d64b5eee2c4d1800200000000000052b5e275188da27ee6aa771bcc7028368000000000000000000000000000000000000000000000000000000000000000000000000000000080020000000000001000000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: 4D CE 5E 54 68 13 C1 1E 6C 9D 64 B5 EE E2 C4 D1 M.^Th...l.d..... ====> 使用的是魔数context2
0010: 80 02 00 00 00 00 00 00 52 B5 E2 75 18 8D A2 7E ........R..u...~
0020: E6 AA 77 1B CC 70 28 36 80 00 00 00 00 00 00 00 ..w..p(6........
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 80 02 00 00 00 00 00 00 10 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 222]0x539DC onenter arg1 5, md5=7575b2d8a8ec66c4c66355573efcf7ce, hex=52b5e275188da27ee6aa771bcc7028368000000000000000000000000000000000000000000000000000000000000000000000000000000080020000000000001000000056b7c9e979a41bd7db811024d9881068aff7149bb15b1fffbed71c8822616666936166f69e6319a621091449
size: 112
0000: 52 B5 E2 75 18 8D A2 7E E6 AA 77 1B CC 70 28 36 R..u...~..w..p(6
0010: 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 80 02 00 00 00 00 00 00 ................
0040: 10 00 00 00 56 B7 C9 E9 79 A4 1B D7 DB 81 10 24 ....V...y......$
0050: D9 88 10 68 AF F7 14 9B B1 5B 1F FF BE D7 1C 88 ...h.....[......
0060: 22 61 66 66 93 61 66 F6 9E 63 19 A6 21 09 14 49 "aff.af..c..!..I
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 222]0x539DC onleave arg0 5, md5=8021334153e21214731a90b8cf4bdb1b, hex=a9ececc3c790c4e778413763f3f53dab800200000000000052b5e275188da27ee6aa771bcc7028368000000000000000000000000000000000000000000000000000000000000000000000000000000080020000000000001000000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: A9 EC EC C3 C7 90 C4 E7 78 41 37 63 F3 F5 3D AB ........xA7c..=. ====> a0 b0 c0 d0的最终状态就是 md5最终的生成
0010: 80 02 00 00 00 00 00 00 52 B5 E2 75 18 8D A2 7E ........R..u...~
0020: E6 AA 77 1B CC 70 28 36 80 00 00 00 00 00 00 00 ..w..p(6........
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 80 02 00 00 00 00 00 00 10 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

-----------------------------------------------------------------------------<
[09:18:53 222]0x539DC onleave arg1 5, md5=7575b2d8a8ec66c4c66355573efcf7ce, hex=52b5e275188da27ee6aa771bcc7028368000000000000000000000000000000000000000000000000000000000000000000000000000000080020000000000001000000056b7c9e979a41bd7db811024d9881068aff7149bb15b1fffbed71c8822616666936166f69e6319a621091449
size: 112
0000: 52 B5 E2 75 18 8D A2 7E E6 AA 77 1B CC 70 28 36 R..u...~..w..p(6
0010: 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 80 02 00 00 00 00 00 00 ................
0040: 10 00 00 00 56 B7 C9 E9 79 A4 1B D7 DB 81 10 24 ....V...y......$
0050: D9 88 10 68 AF F7 14 9B B1 5B 1F FF BE D7 1C 88 ...h.....[......
0060: 22 61 66 66 93 61 66 F6 9E 63 19 A6 21 09 14 49 "aff.af..c..!..I
^-----------------------------------------------------------------------------^

由上述日志可以看出是标准的hmac

继续分析int *__fastcall sub_539DC(int *result, unsigned __int8 *a2, __int64 a3)的内部实现
对照着标准的md5 观察k表 魔数 循环左移被改成循环右移 需要用32减去 同时循环左移的位数也改了 不是标准的32

int *__fastcall sub_539DC(int *result, unsigned __int8 *a2, __int64 a3) result:存储魔数状态 a2:存储计算结果(update中间态) a3:计算轮次
{ // 省略IDA中无用内容
if ( a3 ) // a3传参记录计算轮次(是upate的次数吗?) result -> 0000: 76 54 32 10 FE DC BA 98 89 AB CD EF 01 23 45 67
{
v3 = result[2]; 89 AB CD EF // b0 ====> 魔改点1: 魔数顺序不一样?
v4 = result[3]; 01 23 45 67 // a0
v6 = *result; 76 54 32 10 // d0
v5 = result[1]; FE DC BA 98 // c0
do // 开始进行 4大轮 每一大轮16小轮的运算
{
// 以下属于MD5的消息分组处理逻辑,将输入消息分成512位(64字节)的块,每个块进一步划分为16个32位(4字节)的子块。
// 这段代码作用就是从输入的512位消息快中提取这些32位子块,并将它们存储到变量中,以便后续的压缩函数使用.
// 代码通过a2[i] | (a2[i+1] << 8) | (a2[i+2] << 16) | (a2[i+3] << 24)的方式将4个字节组合成一个32位的整数 (unsigned int8代表1字节) a2指针指向传入的数据
// v7 v171...等,如同标准MD5中M[0]...M[15]共16个压缩模块参与加密运算

以上应该是初始化数据 还没有进入Round1,根据源码逻辑,第一轮计算需要v3,v4,v5,v6四个魔数进行计算

}
return result;
}

1.跟踪到sub_539DC,查看函数调用发现有五处,三个函数 sub_538CC sub_545F8 sub_54600
2.查看trace发现仅有sub_538CC和sub_54600被调用

3.理解整个函数的流程,update和final是被暴露出来的函数接口,用于更新数据和计算最终值
而整体的代码实现被封装在了MD5的内部,这么理解再去还原算法可能就清晰的多
import hmac
import hashlib

class MyHMAC:
def init(self, key):
# 确保key是bytes类型
if isinstance(key, str):
key = key.encode('utf-8')
self.key = key
self.hmac_obj = None

if name == 'main':
key = "secret_key" # 密钥
my_hmac = MyHMAC(key)
my_hmac.update("Hello, ")
my_hmac.update("World!")
print("Final HMAC-MD5 digest:", my_hmac.final())

if name == 'main':
my_md5 = MyMD5()
my_md5.update("Hello, ")
my_md5.update("World!")
print("Final MD5 digest:", my_md5.final())

4.因此通过hook算法和查看IDA发现sub_538CC就类似update的功能,其中还对key进行填充的逻辑,获得outer_key和inner_key

self.outer_key = self.xor_bytes(key, b'\x5c' * self.block_size)
self.inner_key = self.xor_bytes(key, b'\x36' * self.block_size)

5.sub_54600的作用就是MD5算法的最终处理部分,对数据填充,处理最后一块数据块得到MD5值

对sub_539DC重新跟踪,参数1是result第一行存储了4个魔数,但是根据函数具体逻辑,发现result[26],result[55]类似的
逻辑参与了运算,猜测是将256字节的k表memcpy到了魔数后面,组成了一个result
于是继续跟踪,打印trace

-----------------------------------------------------------------------------<
[14:34:11 427]x0=RW@0x40469000, md5=2391e90a328d7d9e29b58b37a6e9e379, hex=76543210fedcba9889abcdef012345670002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000056b7c9e979a41bd7db811024d9881068aff7149b
size: 112
0000: 76 54 32 10 FE DC BA 98 89 AB CD EF 01 23 45 67 vT2..........#Eg
0010: 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 56 B7 C9 E9 ............V...
0060: 79 A4 1B D7 DB 81 10 24 D9 88 10 68 AF F7 14 9B y......$...h....
^-----------------------------------------------------------------------------^

trace(0x40469000,0x40469000+256) -> LR=0x547a4 IDA跳转查看
__int64 __fastcall sub_54760(_OWORD *a1, const void *a2)
{
void *v4; // x0

memset(a1 + 1, 0, 0x14CuLL);
*a1 = xmmword_C36F0;
v4 = (char *)a1 + 92;
if ( a2 )
memcpy(v4, a2, 0x100uLL);
else
memset(v4, 0, 0x100uLL);
return 1LL;
}

复制了100uLL的值到v4内存,0x100恰好就是256字节,猜测这里就是K表被复制了,继续跟踪查看内存值
对0x54760打断点
mx1 -> *a2

-----------------------------------------------------------------------------<
[14:39:16 446]x1=RW@0x4010c4d4[libshield.so]0x10c4d4, md5=82cf206d8b605d4abca8a361ddc672ed, hex=56b7c9e979a41bd7db811024d9881068aff7149bb15b1fffbed71c8822616666936166f69e6319a621091449eece1dc1af0f1cf52ac61747134610a9019516fd62251ef65314740291e621d2c9fb13e2e6cd6122970dd5f2ed145a4205e977a2f9a377f2d9126f629a4c2a9240b340c0
size: 112
0000: 56 B7 C9 E9 79 A4 1B D7 DB 81 10 24 D9 88 10 68 V...y......$...h
0010: AF F7 14 9B B1 5B 1F FF BE D7 1C 88 22 61 66 66 .....[......"aff
0020: 93 61 66 F6 9E 63 19 A6 21 09 14 49 EE CE 1D C1 .af..c..!..I....
0030: AF 0F 1C F5 2A C6 17 47 13 46 10 A9 01 95 16 FD ......G.F......
0040: 62 25 1E F6 53 14 74 02 91 E6 21 D2 C9 FB 13 E2 b%..S.t...!.....
0050: E6 CD 61 22 97 0D D5 F2 ED 14 5A 42 05 E9 77 A2 ..a"......ZB..w.
0060: F9 A3 77 F2 D9 12 6F 62 9A 4C 2A 92 40 B3 40 C0 ..w...ob.L.@.@.
^-----------------------------------------------------------------------------^

x1=RW@0x4010c4d4[libshield.so]0x10c4d4代表在libshield.so可以查到内存中的值,是DCQ写死的静态值,
跳过去复制下来,就是K表的值

int *__fastcall sub_539DC(int *result, unsigned __int8 *a2, __int64 a3)
{
if ( a3 )
{
v3 = result[2]; // MD5初始化魔数 C
v4 = result[3]; // D
v6 = *result; // A
v5 = result[1]; // B
do
{
// 从数据指针a2中取数据块,通过<< 8 << 16 << 24进行数据分割重新拼成小端序 实际上无需0xFFFFFF(可能只是格式需要)
// 这段代码将 64 字节的 a2 数组 按 非连续索引分组 转换为多个 32 位整数,可能用于:
// 自定义哈希算法(如修改 MD5 的消息分组顺序)。
v7 = (unsigned __int16)(*a2 | (a2[1] << 8)) | (a2[2] << 16) & 0xFFFFFF | (a2[3] << 24);
v8 = (unsigned __int16)(a2[4] | (a2[5] << 8)) | (a2[6] << 16) & 0xFFFFFF | (a2[7] << 24);
v9 = a2[12] | (unsigned __int16)(a2[13] << 8) | (a2[14] << 16) & 0xFFFFFF | (a2[15] << 24);
v10 = a2[8] | (unsigned __int16)(a2[9] << 8) | (a2[10] << 16) & 0xFFFFFF | (a2[11] << 24);
v171 = (unsigned __int16)(a2[16] | (a2[17] << 8)) | (a2[18] << 16) & 0xFFFFFF | (a2[19] << 24);
v11 = a2[28] | (unsigned __int16)(a2[29] << 8) | (a2[30] << 16) & 0xFFFFFF | (a2[31] << 24);
v12 = a2[24] | (unsigned __int16)(a2[25] << 8) | (a2[26] << 16) & 0xFFFFFF | (a2[27] << 24);
v13 = a2[56] | (unsigned __int16)(a2[57] << 8) | (a2[58] << 16) & 0xFFFFFF | (a2[59] << 24);
v14 = a2[40] | (unsigned __int16)(a2[41] << 8) | (a2[42] << 16) & 0xFFFFFF | (a2[43] << 24);
v15 = a2[60] | (unsigned __int16)(a2[61] << 8) | (a2[62] << 16) & 0xFFFFFF | (a2[63] << 24);
v16 = a2[32] | (unsigned __int16)(a2[33] << 8) | (a2[34] << 16) & 0xFFFFFF | (a2[35] << 24);
v17 = a2[36] | (unsigned __int16)(a2[37] << 8) | (a2[38] << 16) & 0xFFFFFF | (a2[39] << 24);
v18 = a2[44] | (unsigned __int16)(a2[45] << 8) | (a2[46] << 16) & 0xFFFFFF | (a2[47] << 24);
v19 = a2[48] | (unsigned __int16)(a2[49] << 8) | (a2[50] << 16) & 0xFFFFFF | (a2[51] << 24);
v20 = a2[52] | (unsigned __int16)(a2[53] << 8) | (a2[54] << 16) & 0xFFFFFF | (a2[55] << 24);

}
return result;
}

五次断点的打印日志,拿到了message等数据,最后发现最终需要逆向的是hmac的秘钥key
HMAC(K,M) = H((outer_key ^opad) || H((inner_key ^ ipad) || M))

-----------------------------------------------------------------------------<
[11:46:11 483]x1=unidbg@0xbffff3a0, md5=ad3961e36853d36706ed11d40f2d0de0, hex=c09939459c1ac1550dfabde8604cd5579c5c68927a0ed2ded626c05bc0515f98c7b34ff058fcb9a8944e9bcd743a6afd9ad6bb5ac65bb201a7427f30819fd0ea363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636
size: 112
0000: C0 99 39 45 9C 1A C1 55 0D FA BD E8 60 4C D5 57 ..9E...U....`L.W
0010: 9C 5C 68 92 7A 0E D2 DE D6 26 C0 5B C0 51 5F 98 .\h.z....&.[.Q_.
0020: C7 B3 4F F0 58 FC B9 A8 94 4E 9B CD 74 3A 6A FD ..O.X....N..t:j.
0030: 9A D6 BB 5A C6 5B B2 01 A7 42 7F 30 81 9F D0 EA ...Z.[...B.0....
0040: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 6666666666666666
0050: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 6666666666666666
0060: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 6666666666666666
^-----------------------------------------------------------------------------^

参考hmacMd5.py的逻辑
key = 'yangruhua'.encode()
padded_key = key.ljust(64, b'\x00') # 填充至64字节
ipad = bytes([0x36] * 64)
key1 = bytes([a ^ b for a, b in zip(padded_key, ipad)]).hex()
= '4f57585144435e435736363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636'
上述内存应该存储的就是所谓的inner_key = key1

由于a xor a = 0
可以得到还原秘钥的办法
key1 xor 0x36 = key2 xor 0x5C = key
得到秘钥如下
F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61
AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE
F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB
AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC

trace(0xbffff3a0L,0xbffff3a0+64)
[13:50:04 455] Memory WRITE at 0xbffff3a0, data size = 8, data value = 0x55c11a9c453999c0, PC=RX@0x40053170[libshield.so]0x53170, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3a8, data size = 8, data value = 0x57d54c60e8bdfa0d, PC=RX@0x40053170[libshield.so]0x53170, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3b0, data size = 8, data value = 0xded20e7a92685c9c, PC=RX@0x40053170[libshield.so]0x53170, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3b8, data size = 8, data value = 0x985f51c05bc026d6, PC=RX@0x40053170[libshield.so]0x53170, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3c0, data size = 8, data value = 0xa8b9fc58f04fb3c7, PC=RX@0x40053184[libshield.so]0x53184, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3c8, data size = 8, data value = 0xfd6a3a74cd9b4e94, PC=RX@0x40053184[libshield.so]0x53184, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3d0, data size = 8, data value = 0x01b25bc65abbd69a, PC=RX@0x40053184[libshield.so]0x53184, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3d8, data size = 8, data value = 0xead09f81307f42a7, PC=RX@0x40053184[libshield.so]0x53184, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3e0, data size = 8, data value = 0x3636363636363636, PC=RX@0x40053198[libshield.so]0x53198, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3e8, data size = 8, data value = 0x3636363636363636, PC=RX@0x40053198[libshield.so]0x53198, LR=RX@0x40053158[libshield.so]0x53158
[13:50:04 455] Memory WRITE at 0xbffff3f0, data size = 8, data value = 0x3636363636363636, PC=RX@0x40053198[libshield.so]0x53198, LR=RX@0x40053158[libshield.so]0x53158

IDA跟踪到函数sub_52F14,猜测这是hmac秘钥key处理(伪代码看不出来数据,使用汇编就能发现0x80与0x36等值)

.text&ARM.extab:0000000000053160 MOVI V2.16B, #0x36 ; '6'
.text&ARM.extab:0000000000053164 MOV X1, X20
.text&ARM.extab:0000000000053168 EOR V0.16B, V0.16B, V2.16B // V0 = V0 ^ V2(原始密钥前16字节异或0x36)
.text&ARM.extab:000000000005316C EOR V1.16B, V1.16B, V2.16B // V1 = V1 ^ V2(原始密钥后续16字节异或0x36)
.text&ARM.extab:0000000000053170 STP Q0, Q1, [SP,#0xE0+var_E0] // [SP,#0xE0+var_E0] ; 将Q0和Q1(即V0和V1)存入栈中(保存处理后的inner_key)
.text&ARM.extab:0000000000053174 LDUR Q0, [X19,#0x44] // 从X19+0x44加载16字节到Q0(原始密钥块)
.text&ARM.extab:0000000000053178 LDUR Q1, [X19,#0x54] // 从X19+0x54加载16字节到Q1(原始密钥块)
.text&ARM.extab:000000000005317C EOR V0.16B, V0.16B, V2.16B // 异或0x36
.text&ARM.extab:0000000000053180 EOR V1.16B, V1.16B, V2.16B // 异或0x36
.text&ARM.extab:0000000000053184 STP Q0, Q1, [SP,#0xE0+var_C0] // 保存到栈(inner_key的32-64字节)
.text&ARM.extab:0000000000053188 LDUR Q0, [X19,#0x64] // ; 继续加载后续块(偏移0x64)
.text&ARM.extab:000000000005318C LDUR Q1, [X19,#0x74]
.text&ARM.extab:0000000000053190 EOR V0.16B, V0.16B, V2.16B
.text&ARM.extab:0000000000053194 EOR V1.16B, V1.16B, V2.16B
.text&ARM.extab:0000000000053198 STP Q0, Q1, [SP,#0xE0+var_A0] // 保存(inner_key的64-96字节)
.text&ARM.extab:000000000005319C LDUR Q0, [X19,#0x84] // ; 偏移0x84
.text&ARM.extab:00000000000531A0 LDUR Q1, [X19,#0x94]
.text&ARM.extab:00000000000531A4 EOR V0.16B, V0.16B, V2.16B
.text&ARM.extab:00000000000531A8 EOR V1.16B, V1.16B, V2.16B
.text&ARM.extab:00000000000531AC STP Q0, Q1, [SP,#0xE0+var_80] // ; 保存(inner_key的96-128字节)
.text&ARM.extab:00000000000531B0 LDR X0, [X19,#0x10]
.text&ARM.extab:00000000000531B4 BL sub_52DC4

根据上述汇编分析
密钥来源:X19 是 原始密钥结构体基地址,偏移量(如 0x44, 0x54)指向密钥的不同分块。
在该段代码附近打断点,使用mx19查看数据发现
mx19

-----------------------------------------------------------------------------<
[15:48:27 718]x19=RW@0x40466000, md5=cbb741bf4d20f389ff68dc00df2080ba, hex=405a10400000000080904540000000004090454000000000609045400000000040000000f6af0f73aa2cf7633bcc8bde567ae361aa6a5ea44c38e4e8e010f66df66769aef18579c66eca8f9ea278adfb420c5ccbace08d6cf06d843791744906b7a9e6dc000000000000000000000000
size: 112
0000: 40 5A 10 40 00 00 00 00 80 90 45 40 00 00 00 00 @Z.@......E@....
0010: 40 90 45 40 00 00 00 00 60 90 45 40 00 00 00 00 @.E@....`.E@....
0020: 40 00 00 00 F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE @......s.,.c;...
0030: 56 7A E3 61 AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D Vz.a.j^.L8.....m
0040: F6 67 69 AE F1 85 79 C6 6E CA 8F 9E A2 78 AD FB .gi...y.n....x..
0050: 42 0C 5C CB AC E0 8D 6C F0 6D 84 37 91 74 49 06 B.....l.m.7.tI.
0060: B7 A9 E6 DC 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

0030: 56 7A E3 61 AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D Vz.a.j^.L8.....m
0040: F6 67 69 AE F1 85 79 C6 6E CA 8F 9E A2 78 AD FB .gi...y.n....x..
0050: 42 0C 5C CB AC E0 8D 6C F0 6D 84 37 91 74 49 06 B.....l.m.7.tI.
0060: B7 A9 E6 DC
以上就是AES的秘钥,故继续跟踪这一段秘钥的生成即可。

trace(0x40466000, 0x40466000 + 64)
[15:53:44 653] Memory WRITE at 0x40466024, data size = 8, data value = 0x63f72caa730faff6, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x40053134[libshield.so]0x53134
[15:53:44 653] Memory WRITE at 0x4046602c, data size = 8, data value = 0x61e37a56de8bcc3b, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x40053134[libshield.so]0x53134
[15:53:44 653] Memory WRITE at 0x40466034, data size = 8, data value = 0xe8e4384ca45e6aaa, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x40053134[libshield.so]0x53134
[15:53:44 653] Memory WRITE at 0x4046603c, data size = 8, data value = 0xae6967f66df610e0, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x40053134[libshield.so]0x53134
[15:53:44 653] Memory WRITE at 0x40466044, data size = 8, data value = 0x9e8fca6ec67985f1, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x40053134[libshield.so]0x53134
[15:53:44 653] Memory WRITE at 0x4046604c, data size = 8, data value = 0xcb5c0c42fbad78a2, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x40053134[libshield.so]0x53134
[15:53:44 653] Memory WRITE at 0x40466054, data size = 8, data value = 0x37846df06c8de0ac, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x40053134[libshield.so]0x53134
[15:53:44 653] Memory WRITE at 0x4046605c, data size = 8, data value = 0xdce6a9b706497491, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x40053134[libshield.so]0x53134

根据IDA跳转到
.text&ARM.extab:000000000005312C MOV X1, X22 ; src
.text&ARM.extab:0000000000053130 BL memcpy

打印断点 如下依旧是key

-----------------------------------------------------------------------------<
[15:57:39 091]x1=RW@0x40461000, md5=d6967120557c8ac1377392fb054562db, hex=f6af0f73aa2cf7633bcc8bde567ae361aa6a5ea44c38e4e8e010f66df66769aef18579c66eca8f9ea278adfb420c5ccbace08d6cf06d843791744906b7a9e6dc040000000000000000604640000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61 ...s.,.c;...Vz.a
0010: AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE .j^.L8.....m.gi.
0020: F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB ..y.n....x..B..
0030: AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC ...l.m.7.tI.....
0040: 04 00 00 00 00 00 00 00 00 60 46 40 00 00 00 00 .........`F@....
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

继续trace(0x40461000, 0x40461000 + 256)
[16:02:02 286] Memory WRITE at 0x40461000, data size = 8, data value = 0x63f72caa730faff6, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x4004af70[libshield.so]0x4af70
[16:02:02 286] Memory WRITE at 0x40461008, data size = 8, data value = 0x61e37a56de8bcc3b, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x4004af70[libshield.so]0x4af70
[16:02:02 287] Memory WRITE at 0x40461010, data size = 8, data value = 0xe8e4384ca45e6aaa, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x4004af70[libshield.so]0x4af70
[16:02:02 287] Memory WRITE at 0x40461018, data size = 8, data value = 0xae6967f66df610e0, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x4004af70[libshield.so]0x4af70
[16:02:02 287] Memory WRITE at 0x40461020, data size = 8, data value = 0x9e8fca6ec67985f1, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x4004af70[libshield.so]0x4af70
[16:02:02 287] Memory WRITE at 0x40461028, data size = 8, data value = 0xcb5c0c42fbad78a2, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x4004af70[libshield.so]0x4af70
[16:02:02 287] Memory WRITE at 0x40461030, data size = 8, data value = 0x37846df06c8de0ac, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x4004af70[libshield.so]0x4af70
[16:02:02 287] Memory WRITE at 0x40461038, data size = 8, data value = 0xdce6a9b706497491, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x4004af70[libshield.so]0x4af70

.text&ARM.extab:000000000004AF6C BL memcpy
.text&ARM.extab:000000000004AF70 LDR W8, [X19,#0x40]

继续打断点 0x4AF6C
mx1

-----------------------------------------------------------------------------<
[16:03:43 816]x1=RW@0x4045b290, md5=89a640863393cd5fdb4c97562f636096, hex=f6af0f73aa2cf7633bcc8bde567ae361aa6a5ea44c38e4e8e010f66df66769aef18579c66eca8f9ea278adfb420c5ccbace08d6cf06d843791744906b7a9e6dc010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61 ...s.,.c;...Vz.a
0010: AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE .j^.L8.....m.gi.
0020: F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB ..y.n....x..B..
0030: AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC ...l.m.7.tI.....
0040: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

trace(0x4045b290, 0x4045b290 + 256)
[16:04:45 501] Memory WRITE at 0x4045b290, data size = 8, data value = 0x63f72caa730faff6, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x4004b4e4[libshield.so]0x4b4e4
[16:04:45 502] Memory WRITE at 0x4045b298, data size = 8, data value = 0x61e37a56de8bcc3b, PC=RX@0x4028c220[libc.so]0x1c220, LR=RX@0x4004b4e4[libshield.so]0x4b4e4
[16:04:45 502] Memory WRITE at 0x4045b2a0, data size = 8, data value = 0xe8e4384ca45e6aaa, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x4004b4e4[libshield.so]0x4b4e4
[16:04:45 502] Memory WRITE at 0x4045b2a8, data size = 8, data value = 0xae6967f66df610e0, PC=RX@0x4028c224[libc.so]0x1c224, LR=RX@0x4004b4e4[libshield.so]0x4b4e4
[16:04:45 502] Memory WRITE at 0x4045b2b0, data size = 8, data value = 0x9e8fca6ec67985f1, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x4004b4e4[libshield.so]0x4b4e4
[16:04:45 502] Memory WRITE at 0x4045b2b8, data size = 8, data value = 0xcb5c0c42fbad78a2, PC=RX@0x4028c228[libc.so]0x1c228, LR=RX@0x4004b4e4[libshield.so]0x4b4e4
[16:04:45 502] Memory WRITE at 0x4045b2c0, data size = 8, data value = 0x37846df06c8de0ac, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x4004b4e4[libshield.so]0x4b4e4
[16:04:45 502] Memory WRITE at 0x4045b2c8, data size = 8, data value = 0xdce6a9b706497491, PC=RX@0x4028c22c[libc.so]0x1c22c, LR=RX@0x4004b4e4[libshield.so]0x4b4e4

.text&ARM.extab:000000000004B4E0 BL memcpy
.text&ARM.extab:000000000004B4E4 MOV X0, X21 ; ptr

继续打断点 0x4B4E0

mx1

-----------------------------------------------------------------------------<
[16:05:46 928]x1=RW@0x4045e010, md5=78094efa10b35cbdb33ac8ea058b505f, hex=f6af0f73aa2cf7633bcc8bde567ae361aa6a5ea44c38e4e8e010f66df66769aef18579c66eca8f9ea278adfb420c5ccbace08d6cf06d843791744906b7a9e6dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61 ...s.,.c;...Vz.a
0010: AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE .j^.L8.....m.gi.
0020: F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB ..y.n....x..B..
0030: AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC ...l.m.7.tI.....
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

trace(0x4045e010, 0x4045e010 + 256) // 这里就到了关键位置0x52A6C
[16:07:06 876] Memory WRITE at 0x4045e010, data size = 8, data value = 0x63f72caa730faff6, PC=RX@0x40052a6c[libshield.so]0x52a6c, LR=RX@0x40052998[libshield.so]0x52998
[16:07:06 877] Memory WRITE at 0x4045e018, data size = 8, data value = 0x61e37a56de8bcc3b, PC=RX@0x40052a6c[libshield.so]0x52a6c, LR=RX@0x40052998[libshield.so]0x52998
[16:07:06 877] Memory WRITE at 0x4045e020, data size = 8, data value = 0xe8e4384ca45e6aaa, PC=RX@0x40052a6c[libshield.so]0x52a6c, LR=RX@0x40052998[libshield.so]0x52998
[16:07:06 877] Memory WRITE at 0x4045e028, data size = 8, data value = 0xae6967f66df610e0, PC=RX@0x40052a6c[libshield.so]0x52a6c, LR=RX@0x40052998[libshield.so]0x52998
[16:07:06 877] Memory WRITE at 0x4045e030, data size = 8, data value = 0x9e8fca6ec67985f1, PC=RX@0x40052a6c[libshield.so]0x52a6c, LR=RX@0x40052998[libshield.so]0x52998
[16:07:06 877] Memory WRITE at 0x4045e038, data size = 8, data value = 0xcb5c0c42fbad78a2, PC=RX@0x40052a6c[libshield.so]0x52a6c, LR=RX@0x40052998[libshield.so]0x52998
[16:07:06 877] Memory WRITE at 0x4045e040, data size = 8, data value = 0x37846df06c8de0ac, PC=RX@0x40052a6c[libshield.so]0x52a6c, LR=RX@0x40052998[libshield.so]0x52998
[16:07:06 877] Memory WRITE at 0x4045e048, data size = 8, data value = 0xdce6a9b706497491, PC=RX@0x40052a6c[libshield.so]0x52a6c, LR=RX@0x40052998[libshield.so]0x52998

###########################################
初始轮密钥加(AddRoundKey)
数据块与首轮轮密钥进行按位异或(XOR)。

循环轮(共进行Nr−1轮,Nr由密钥长度决定)
每轮执行:

字节替换(SubBytes):通过S盒对每个字节进行非线性替换。
行移位(ShiftRows):每行循环左移(第0行不移,第1行移1位,第2行移2位,第3行移3位)。
列混淆(MixColumns):对每列进行矩阵乘法,实现线性混合变换。
轮密钥加(AddRoundKey):与当前轮密钥异或。

最终轮(省略列混淆)
执行:
SubBytes → ShiftRows → AddRoundKey。

注:有限域计算定义
1.GF(2^8 = 256) -> 包含2^8=256个元素的有限域,每个元素对应一个8次多项式,
字节0x57(01010111) 按照1的位数拆分 2^6 + 2^3 + 2^2 + 2^1 +2^0 = x^6 + x^3 + x^2 + x^1 +x^0

2.有限域运算规则
-加法
规则:多项式系数在模2下相加(xor 异或)
示例:(x^3 + x + 1) + (x^2 + x) = x^3 + x^2 + 1 => 1011 ^ 110 = 1101 => 0x0B ^ 0x06 = 0x0D
对应字节运算 0x0B ^ 0x06 = 0x0D(0b00001011 ^ 0b00000110 = 0b00001101)。

-乘法(多项式乘法后模不可约多项式)
步骤:
将两个多项式相乘。
对结果进行 模运算,使用固定的 不可约多项式(AES中为 ( x^8 + x^4 + x^3 + x + 1 ),十六进制 0x11B)。
最终结果仍为一个8次多项式(即一个字节)。
示例:
步骤1:将字节转换为多项式
0x57 → 01010111 → ( x^6 + x^4 + x^2 + x + 1 )。
0x02 → 00000010 → ( x )。
步骤2:多项式相乘
[
(x^6 + x^4 + x^2 + x + 1) \cdot x = x^7 + x^5 + x^3 + x^2 + x
]
对应二进制:10101110(十六进制 0xAE)。

步骤3:模不可约多项式
不可约多项式:( x^8 + x^4 + x^3 + x + 1 )(对应 0x11B,二进制 100011011)。
判断是否需要模运算:
若乘积的最高次项为 ( x^8 ) 或更高,则需模运算。
本例乘积为 ( x^7 ),未超过 ( x^8 ),因此 无需模运算。
结果仍为 0xAE。
步骤4:特殊情况(乘积超过8次项)
假设乘积为 ( x^8 ),则模运算过程如下:
[
x^8 \mod (x^8 + x^4 + x^3 + x + 1) = x^4 + x^3 + x + 1
]
对应十六进制 0x1B(即 00011011)。
#############################################

// 猜测这里是最后一轮 轮秘钥加
do {
// 1. 从地址 v8 + v19 读取128位(16字节)数据到 v20
v20 = *(_OWORD *)(v8 + v19);

} while ((-v34 & 0xFFFFFFFFFFFFFFF0LL) != v19); // 循环直到处理完所有对齐块

aes的值是从这里被生成的 veorq_s8是ARM NEON指令集的内联函数(代码直接被复制,无调用开销,适合简单高频操作) 所以这里直接看汇编更清晰
.text&ARM.extab:0000000000052A5C LDR Q0, [X24,X10] Q0 <- [X24,X10]
.text&ARM.extab:0000000000052A60 LDR Q1, [X19,X10] Q1 <- [X19,X10]
.text&ARM.extab:0000000000052A64 LDR Q2, [X20,X10] Q2 <- [X20,X10]
.text&ARM.extab:0000000000052A68 EOR V0.16B, V1.16B, V0.16B // Q1和Q0的每个字节(16字节)按异或存入Q0
.text&ARM.extab:0000000000052A6C STR Q0, [X21,X10] Q0 -> [X21,X10] //保存Q0 -> 中间态
.text&ARM.extab:0000000000052A70 STR Q2, [X19,X10] Q2 -> [X19,X10] // 将Q2的值覆盖已经被使用了的Q1值[X19,X10] -> 读数据提供下一次计算

对关键位置进行断点打印
num===================================1
hexString19===3101323404020861667A666607176639
hexString24===3501323404020861667A666607176639
num===================================2
hexString19===EE1755BFE9D97ECE5D3215AF401FA9E7
hexString24===18B85ACC43F589AD66FE9E7116654A86
num===================================3
hexString19===1782CBF447A784694A35EF2AF11CBEE5
hexString24===BDE895500B9F6081AA251947077BD74B
num===================================4
hexString19===41C7660DA56E2C7B7A06C9DCB060C802
hexString24===B0421FCBCBA4A3E5D87E6427F26C94C9
num===================================5
hexString19===5BAD0F98EC194491D4721E361895AFD4
hexString24===F74D82F41C74C0A645065730AF3C4908
num===================================6
hexString19===80BE29617AE4A27FB46CD2D9E4A4200A
hexString24===90AE39716AF4B26FA47CC2C9F4B4301A
发现进行了6次轮秘钥加 与标准的AES的10次不同

轮次 X19(前一个密文块) X24(当前明文块) 异或结果(AES输入) 特殊处理(输出) 更新后的X19(下一轮的前密文)
1 3101323404020861667A666607176639 (IV) 3501323404020861667A666607176639 04000000000000000000000000000000 f6af0f73aa2cf7633bcc8bde567ae361 EE1755BFE9D97ECE5D3215AF401FA9E7
2 EE1755BFE9D97ECE5D3215AF401FA9E7 18B85ACC43F589AD66FE9E7116654A86 F6AF0F73AA2CF7633BCC8BDE567AE361 AA6A5EA44C38E4E8E010F66DF66769AE 1782CBF447A784694A35EF2AF11CBEE5
3 1782CBF447A784694A35EF2AF11CBEE5 BDE895500B9F6081AA251947077BD74B AA6A5EA44C38E4E8E010F66DF66769AE F18579C66ECA8F9EA278ADFB420C5CCB 41C7660DA56E2C7B7A06C9DCB060C802
4 41C7660DA56E2C7B7A06C9DCB060C802 B0421FCBCBA4A3E5D87E6427F26C94C9 F18579C66ECA8F9EA278ADFB420C5CCB ACE08D6CF06D843791744906B7A9E6DC 5BAD0F98EC194491D4721E361895AFD4
5 5BAD0F98EC194491D4721E361895AFD4 F74D82F41C74C0A645065730AF3C4908 ACE08D6CF06D843791744906B7A9E6DC 10101010101010101010101010101010 80BE29617AE4A27FB46CD2D9E4A4200A
6 80BE29617AE4A27FB46CD2D9E4A4200A 90AE39716AF4B26FA47CC2C9F4B4301A 10101010101010101010101010101010 填充结束标志
由此看来与标准的AES最后直接异或得到的state有区别

print('0x0'+hex(0x3101323404020861667A666607176639^0x3501323404020861667A666607176639)[2:])
print(hex(0xEE1755BFE9D97ECE5D3215AF401FA9E7^0x18B85ACC43F589AD66FE9E7116654A86))
print(hex(0x1782CBF447A784694A35EF2AF11CBEE5^0xBDE895500B9F6081AA251947077BD74B))
print(hex(0x41C7660DA56E2C7B7A06C9DCB060C802^0xB0421FCBCBA4A3E5D87E6427F26C94C9))
print(hex(0x5BAD0F98EC194491D4721E361895AFD4^0xF74D82F41C74C0A645065730AF3C4908))
print(hex(0x80BE29617AE4A27FB46CD2D9E4A4200A^0x90AE39716AF4B26FA47CC2C9F4B4301A))

网上有文章说是魔改了AES,来看下findcrypt能不能找到

魔改了秘钥扩展部分,改了Rcon,s盒,
验证aes的加密方式(CBC)和填充方式(pkcs7)

JNI日志找到这一段
get key:main_hmac
JNIEnv->CallObjectMethodV(android.content.SharedPreferences@6ddf90b0, getString("main_hmac", "") => "7hdVv+nZfs5dMhWvQB+p5xeCy/RHp4RpSjXvKvEcvuVBx2YNpW4se3oGydywYMgCW60PmOwZRJHUch42GJWv1IC+KWF65KJ/tGzS2eSkIAqsWEna1k4ASav5AQAzgw0F") was called from RX@0x40013bf4[libshield.so]0x13bf4

7hdVv+nZfs5dMhWvQB+p5xeCy/RHp4RpSjXvKvEcvuVBx2YNpW4se3oGydywYMgCW60PmOwZRJHUch42GJWv1IC+KWF65KJ/tGzS2eSkIAqsWEna1k4ASav5AQAzgw0F
From Base64 -> To Hex
得到如下值 与打断点处的位运算计算hmac_key值有关系

ee1755bfe9d97ece5d3215af401fa9e7
1782cbf447a784694a35ef2af11cbee5
41c7660da56e2c7b7a06c9dcb060c802
5bad0f98ec194491d4721e361895afd4
80be29617ae4a27fb46cd2d9e4a4200a
ac5849dad64e0049abf9010033830d05

之前以为上一段异或运算的汇编是用来加密的,现在发现这是一个解密流程,得到的我们需要的key是被解密后的结果
执行的是AES-CBC模式的解密流程
其中Q0加载的是当前密文块解密后的中间数据
Q1是前一个密文块(IV)
EOR指令将解密后的数据与IV异或,得到原始明文(符合CBC特征)
STR Q2更新IV为当前密文块,为下一轮解密做准备

(AES最后一轮秘钥加用的异或,异或同样的值就能解密)
16进制的结果是0x60个字节,这一个就是加密的数据了,可以发现前16字节和第二轮的hexString19===EE1755BFE9D97ECE5D3215AF401FA9E7对的上,
后面的错开排列也对的上,这意思也很明显,上一组的密文异或一个东西得到解密的"明文",这个明文打个引号,
那不就是CBC模式吗?解密出的"明文"是最初的明文异或iv得到的,最初的iv是0x3101323404020861667A666607176639,
后续的iv用上一轮加密的结果,CBC模式可以防止替换某段密文来达到替换明文的效果.这里其实看汇编也能看懂
,X19是iv,X24是明文异或iv的结果,他两异或就是最原始明文
这个是AES解密,密文知道了,iv知道了,key是39923e3c-6c6e-3891-945a-fd03c4796eb3,36字节,
但是AES没有36字节的key,只有16,24和32字节的,跟踪下这个key的使用,
跟踪jni日志中的GetStringUtfChars,0x17d10,一路往下跟,来到秘钥编排的位置sub_51884,
上面我们说hook需要在callinitialize这个native函数执行前调用,原因就是在callinitialize函数已经完成了解密,
如果在最终的callintercept函数调用就好hook不上.

JNIEnv->GetStringUtfChars("39923e3c-6c6e-3891-945a-fd03c4796eb3") was called from RX@0x40017d10[libshield.so]0x17d10
JNIEnv->NewGlobalRef("platform=android&build=8320689&deviceId=39923e3c-6c6e-3891-945a-fd03c4796eb3") was called from RX@0x400be1dc[libshield.so]0xbe1dc

这里可以看到只使用了前16字节,填充方式也确认了,基本的都确认了,但是这个是魔改AES,魔改了秘钥扩展部分,改了Rcon,s盒,既然是魔改AES,
听说魔改程度很大,不建议对着代码标准AES来改,因为这个AES采用的是八个大的合并表,所以直接扣代码会比跟简单些,主要就是下断,跟汇编,
之前zh的x-96用的也魔改的表合并AES,那篇有讲过这么扣代码

************************************** 正式开始跟踪解密key **************************************
JNIEnv->GetStringUtfChars("39923e3c-6c6e-3891-945a-fd03c4796eb3") was called from RX@0x40017d10[libshield.so]0x17d10
一、
__int64 __fastcall sub_17BE0(__int64 *a1, __int64 a2, __int64 a3)
{
v15[27] = *(_QWORD )(_ReadStatusReg(ARM64_SYSREG(3, 3, 13, 0, 2)) + 40);
if ( !a2 ) // 检查a2(可能为Java对象或输入数据)是否为空
{
LABEL_5:
result = 0LL;
goto LABEL_6;
}
result = ((__int64 (__fastcall **)(__int64 *, __int64))(a1 + 1344))(a1, a2); // 调用JNI方法(如GetObjectClass/GetMethodID)
if ( (_DWORD)result )
{
v7 = sub_13A18(result); // 可能为异常检查或上下文获取
sub_14378(v7, v15); // 初始化局部引用或参数
v8 = sub_13F84(a1, v15[17], qword_10CA68, a2); // 获取方法ID或字段ID(如构造函数)
v9 = ((__int64 (__fastcall **)(__int64 *))(*a1 + 1824))(a1);
v10 = a1;
if ( !v9 )
{
v11 = ((__int64 (__fastcall **)(__int64 , __int64, _QWORD))(v10 + 1472))(a1, v8, 0LL); // 获取输入数据(如GetByteArrayElements)
v12 = ((__int64 (__fastcall **)(__int64 *, __int64))(a1 + 1368))(a1, v8); // 获取数据长度(如GetArrayLength)
v13 = ((__int64 (__fastcall **)(__int64 *, void *, _QWORD))(a1 + 1352))(a1, off_10CA78, 0LL); // 创建输出缓冲区(如NewByteArray)
v14 = ((__int64 (__fastcall **)(__int64 *, void *))(a1 + 1344))(a1, off_10CA78); // 调用解密函数
sub_4B39C(v11, v12, v13, v14, a3 + 652); // 解密函数 (如AES-CBC) a3 + 652 可能是存储解密结果的地址(输出到Java层或内存)
((void (__fastcall **)(__int64 *, void *, __int64))(a1 + 1360))(a1, off_10CA78, v13);
((void (__fastcall **)(__int64 *, __int64, __int64, _QWORD))(a1 + 1536))(a1, v8, v11, 0LL);
result = 1LL;
goto LABEL_6;
}
((void (__fastcall **)(__int64 ))(v10 + 128))(a1);
((void (__fastcall **)(__int64 *))(*a1 + 136))(a1);
goto LABEL_5;
}
LABEL_6:
_ReadStatusReg(ARM64_SYSREG(3, 3, 13, 0, 2));
return result;
}

Hook密钥的关键时机是在callinitialize初始化前捕获原始字符串

#######################################
#######################################
#######################################
二、打断点0x4B39C进行hook,发现了解密前后的参数(都是熟悉的值)
__int64 __fastcall sub_4B39C(__int64 a1, int a2, const void *a3, int a4, _DWORD *a5)
a1 -> 传入待解密的密文
a3 -> aes的秘钥key

mx0

-----------------------------------------------------------------------------<
[15:52:02 316]x0=RW@0x40152000[libc++.so]0x2000, md5=9b8f09a9cf5bab297a41e16745a45ff3, hex=ee1755bfe9d97ece5d3215af401fa9e71782cbf447a784694a35ef2af11cbee541c7660da56e2c7b7a06c9dcb060c8025bad0f98ec194491d4721e361895afd480be29617ae4a27fb46cd2d9e4a4200aac5849dad64e0049abf9010033830d0500000000000000000000000000000000
size: 112
0000: EE 17 55 BF E9 D9 7E CE 5D 32 15 AF 40 1F A9 E7 ..U...~.]2..@...
0010: 17 82 CB F4 47 A7 84 69 4A 35 EF 2A F1 1C BE E5 ....G..iJ5.*....
0020: 41 C7 66 0D A5 6E 2C 7B 7A 06 C9 DC B0 60 C8 02 A.f..n,{z....`.. ==> 这里是密文
0030: 5B AD 0F 98 EC 19 44 91 D4 72 1E 36 18 95 AF D4 [.....D..r.6....
0040: 80 BE 29 61 7A E4 A2 7F B4 6C D2 D9 E4 A4 20 0A ..)az....l.... .
0050: AC 58 49 DA D6 4E 00 49 AB F9 01 00 33 83 0D 05 .XI..N.I....3...
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

mx2

-----------------------------------------------------------------------------<
[15:51:53 725]x2=RW@0x40153000[libc++.so]0x3000, md5=852c37585df595b765f26ab3730bbe86, hex=33393932336533632d366336652d333839312d393435612d66643033633437393665623300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: 33 39 39 32 33 65 33 63 2D 36 63 36 65 2D 33 38 39923e3c-6c6e-38
0010: 39 31 2D 39 34 35 61 2D 66 64 30 33 63 34 37 39 91-945a-fd03c479
0020: 36 65 62 33 00 00 00 00 00 00 00 00 00 00 00 00 6eb3............
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ ==> 这里是key 39923e3c-6c6e-3891-945a-fd03c4796eb3
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ ==> 其实只用了 39923e3c6c6e3891945afd03c4796eb3(32位)
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

对函数中的第二个memcpy打断点 发现其src为解密后的值,故将sub_4B39C这个函数完全模拟就是我们想要的函数
void *memcpy(void *dest, const void *src, size_t n); dest:目标地址 src:源地址 n:要复制的字节数 查看mX1 数据的来源
memcpy(a5 + 1, v11 + 16, a2 - 16 - v13); -> v11 + 16是运算的结果

-----------------------------------------------------------------------------<
[11:55:04 437]x1=RW@0x4045e010, md5=78094efa10b35cbdb33ac8ea058b505f, hex=f6af0f73aa2cf7633bcc8bde567ae361aa6a5ea44c38e4e8e010f66df66769aef18579c66eca8f9ea278adfb420c5ccbace08d6cf06d843791744906b7a9e6dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61 ...s.,.c;...Vz.a
0010: AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE .j^.L8.....m.gi.
0020: F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB ..y.n....x..B..
0030: AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC ...l.m.7.tI.....
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

a1指向数据 a3指向秘钥key
__int64 __fastcall sub_4B39C(__int64 a1, int a2, const void *a3, int a4, _DWORD *a5)
{
__int64 result; // x0
unsigned __int8 *v11; // x21
__int64 v12; // x8
size_t v13; // x23
_QWORD v14[2]; // [xsp+0h] [xbp-160h] BYREF
__int128 v15; // [xsp+10h] [xbp-150h] BYREF
_BYTE v16[248]; // [xsp+20h] [xbp-140h] BYREF
__int64 v17; // [xsp+118h] [xbp-48h]

v17 = *(_QWORD *)(_ReadStatusReg(ARM64_SYSREG(3, 3, 13, 0, 2)) + 40);
if ( a2 >= 80 ) // 0x50 -> 80
{
v11 = (unsigned __int8 *)malloc(a2); // 动态分配a2的内存
if ( v11 )
{
if ( a3 )
{
LODWORD(v12) = a4 - 1;
v14[0] = 0LL;
v14[1] = 0LL;
v15 = xmmword_C0134;
if ( a4 >= 1 )
{
if ( (unsigned int)v12 >= 0xF )
v12 = 15LL;
else
v12 = (unsigned int)v12;
memcpy(v14, a3, v12 + 1); // 拷贝16字节
}

}
else
{
result = 0LL;
}
LABEL_13:
_ReadStatusReg(ARM64_SYSREG(3, 3, 13, 0, 2));
return result;
}

memset(&v11[a2 - v13], 0, v13);处打断点 v11处的前v13个字节设置为0

mx0

-----------------------------------------------------------------------------<
[16:50:35 473]x0=RW@0x4045e050, md5=194ac95fdfd90c0552838e3cb9fb6abd, hex=10101010101010101010101010101010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 ................ ==> 填充值 清零
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

在memcpy(a5 + 1, v11 + 16, a2 - 16 - (int)v13);处打断点
这里得到的是解密后的结果(是md5的hmac_key)

mx1 -> src

-----------------------------------------------------------------------------<
[16:44:45 254]x1=RW@0x4045e010, md5=78094efa10b35cbdb33ac8ea058b505f, hex=f6af0f73aa2cf7633bcc8bde567ae361aa6a5ea44c38e4e8e010f66df66769aef18579c66eca8f9ea278adfb420c5ccbace08d6cf06d843791744906b7a9e6dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61 ...s.,.c;...Vz.a
0010: AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE .j^.L8.....m.gi.
0020: F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB ..y.n....x..B..
0030: AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC ...l.m.7.tI.....
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

三、追溯到sub_51884(a1, a2, a3);

// a1 初始秘钥指针 a2 秘钥长度 a3 轮秘钥输出指针
__int64 __fastcall sub_51884(unsigned int *a1, int a2, unsigned int *a3)
{
unsigned int v3; // w8
int v4; // w8
unsigned int v5; // w8
__int64 v6; // x9
unsigned int *v7; // x10
int v8; // w16
int v9; // w18
int v10; // w17
int v11; // w17
__int64 v12; // x9
unsigned int *i; // x10
int v14; // w17
int v15; // w16
int v16; // w18
int v17; // w17
int v18; // w0
__int64 v19; // x9
unsigned int *j; // x10
unsigned int v21; // w17
int v22; // w18
int v23; // w0
int v24; // w16
int v25; // w18
int v26; // w17
int v27; // w0
unsigned int v28; // w17

v3 = 0;
if ( a1 )
{
if ( a3 )
{
if ( a2 == 128 || a2 == 256 || (v3 = 0, a2 == 192) )
{
if ( a2 == 128 )
{
v4 = 10; // 根据秘钥长度是否为128,192,256设置初始化轮数 10,12,14轮
}
else if ( a2 == 192 )
{
v4 = 12;
}
else
{
v4 = 14;
}
a3[60] = v4; // 初始化轮数 (保存轮数,如AES-128为10)==========================>以下属于原始秘钥处理
v5 = _byteswap_ulong(*a1) ^ 0xF1892131; // 对a1初始秘钥的字节序调整(_byteswap_ulong)并于固定值异或,初始化a3的前N个字
*a3 = v5;
a3[1] = _byteswap_ulong(a1[1]) ^ 0xFF001123;
a3[2] = _byteswap_ulong(a1[2]) ^ 0xF1001356; // 这里说明初始秘钥只用了前4个字节 unsign int = 4 字节 故使用了秘钥前16字节
a3[3] = _byteswap_ulong(a1[3]) ^ 0xF1234890;
// 即key = 0000: 33 39 39 32 33 65 33 63 2D 36 63 36 65 2D 33 38 39923e3c-6c6e-38

}
return v3;
}

关键逻辑:
1.字节序反转与初始化
*a3 = _byteswap_ulong(*a1) ^ 0xF1892131; // 处理初始密钥字
2.查表操作(SubWord/RotWord -> 这里是还原的关键
v5 ^= *((_DWORD *)qword_C15C0 + BYTE2(v8)) & 0xFF000000 ^ ... ; // 查表操作
通过多个预设计表(qword_C15C0、qword_C19C0、qword_C1DC0、qword_C21C0) 实现AES的SubBytes和ShiftRows步骤
每个表对应不同的字节位置(高位、次高位、此低位、低位)
3.轮常量(Rcon)应用
v5 ^= ... ^ *(_DWORD *)((char *)&unk_C25C0 + v6); // 异或轮常量
unk_C25C0 是轮常量数组(如 Rcon[i]),用于密钥扩展中的异或操作。

sub_51CB8(v14, 128LL, v16); -> v16是秘钥扩展后的值,通过打断点到sub_51868处,获取v16扩展后的值
sub_51868(a1, v11, a2, v16, &v15, 0);

sub_51868这里v16肯定传入的是扩展后的秘钥,只需要在sub_51CB8中验证推过来的流程
(这里的秘钥对不上因为这是正向加密的扩展秘钥,内部还进行了一次倒序变成解密的扩展秘钥,并作了其他处理)
mx3 300

-----------------------------------------------------------------------------<
[16:17:48 097]x3=unidbg@0xbffff350, md5=a6f6eaa39d69a5476047742f1c6eb279, hex=49509d45c2e8ffd3875ccce9f8f5960dd9ef91a49dc3e178013a9c5fc33436a9915f8dbb442c70dc9cf97d27c20eaaf631554006d573fd67d8d50dfb5ef7d7d13b3aeacde426bd610da6f09c8622da2a1bae34eedf1c57ace9804dfd8b842ab670f31a3dc4b26342369c1a516204674b5b97006bb441797ff22e791354987d1a6dd29292efd67914466f006ca6b604099cbe5d5f8204eb86a9b97978e0d904650318b0c2402265cc607036dca87b0e94689f3540000000004ca73107000000000800000000000000808080800000000078f5ffbf000000005c3a642900000000a0f4ffbf0000000030f4ffbf000000000a000000000000000000000000000000000000000000000000c0104000000000003015400000000060000000000000000020154000000000de3ae65a
size: 300
0000: 49 50 9D 45 C2 E8 FF D3 87 5C CC E9 F8 F5 96 0D IP.E...........
0010: D9 EF 91 A4 9D C3 E1 78 01 3A 9C 5F C3 34 36 A9 .......x.:..46.
0020: 91 5F 8D BB 44 2C 70 DC 9C F9 7D 27 C2 0E AA F6 ...D,p...}'....
0030: 31 55 40 06 D5 73 FD 67 D8 D5 0D FB 5E F7 D7 D1 1U@..s.g....^...
0040: 3B 3A EA CD E4 26 BD 61 0D A6 F0 9C 86 22 DA 2A ;:...&.a.....".*
0050: 1B AE 34 EE DF 1C 57 AC E9 80 4D FD 8B 84 2A B6 ..4...W...M...*.
0060: 70 F3 1A 3D C4 B2 63 42 36 9C 1A 51 62 04 67 4B p..=..cB6..Qb.gK
0070: 5B 97 00 6B B4 41 79 7F F2 2E 79 13 54 98 7D 1A [..k.Ay...y.T.}.
0080: 6D D2 92 92 EF D6 79 14 46 6F 00 6C A6 B6 04 09 m.....y.Fo.l....
0090: 9C BE 5D 5F 82 04 EB 86 A9 B9 79 78 E0 D9 04 65 ..]_......yx...e
00A0: 03 18 B0 C2 40 22 65 CC 60 70 36 DC A8 7B 0E 94 ....@"e.`p6..{..
^-----------------------------------------------------------------------------^

验证:
初始秘钥 本来就是小端序再_byteswap_ulong一下,读出来就不变(易混的地方)
33 39 39 32
33 65 33 63
2D 36 63 36
65 2D 33 38 39923e3c-6c6e-38

v5 = _byteswap_ulong(*a1) ^ 0xF1892131; 0x33393932 ^ 0xF1892131 -> 0xc2b01803
a3[1] = _byteswap_ulong(a1[1]) ^ 0xFF001123; 0x33653363 ^ 0xFF001123 -> 0xcc652240
a3[2] = _byteswap_ulong(a1[2]) ^ 0xF1001356; 0x2D366336 ^ 0xF1001356 -> 0xdc367060
a3[3] = _byteswap_ulong(a1[3]) ^ 0xF1234890; 0x652D3339 ^ 0xF1234890 -> 0x940e7ba9

sub_51CB8 => sub1884(秘钥扩展或初始化函数,生成正向轮秘钥)
sub_51CB8函数作用:
秘钥逆序处理:扩展后的加密轮秘钥按解密重新排列
v5 = a3[60]; // 获取轮数(如AES-256为14)
if ( v5 >= 1 ) {
v6 = &a3[4 * v5]; // 定位到轮密钥末尾
v7 = 4 * v5 - 4; // 计算交换范围
// 通过指针v9和v10交换轮密钥首尾部分
do {
// 交换4个int(对应128位块的轮密钥)
*(v9 - 2) = *(v10 - 2);
*(v10 - 2) = v12;
// ...类似操作处理其他位置
} while (v13);
}

轮操作:执行解密所需的逆字节替换、逆列混淆
if (a3[60] >= 2) {
v17 = (a3 + 7);
do {
// 查表操作(T表或逆T表)
v19 = *(&loc_C29E8 + ...) ^ *(&unk_C25E8 + ...)
^ *(&unk_C2DE8 + ...) ^ *(&unk_C31E8 + ...);
// 类似处理v20, v21
// 更新轮密钥中的值
*(v17 - 3) = ...; // 逆列混淆(InvMixColumns)
*(v17 - 2) = v19;
*(v17 - 1) = v20;
*v17 = v21;
} while (v18 < a3[60]);
}

正向扩展秘钥0xbffff330

-----------------------------------------------------------------------------<
[16:36:20 019]x2=unidbg@0xbffff350, md5=08b9b49e235143cebd82759c2971ca0c, hex=0318b0c2402265cc607036dca87b0e9421daa07b61f8c5b70188f36ba9f3fdff3708ad2d56f0689a57789bf1fe8b660e9cb3921aca43fa809d3b617163b0077f4e4a77d784098d571932ec267a82eb5985b0742e01b9f979188b155f6209fe06ea1e77a5eba78edcf32c9b83912565857dbf48a89618c67465345df7f41138723d20ca2fab380c5bce0c51ac3a1d69de20806ecd8bb8629645b4333a7fa95ae449509d45c2e8ffd3875ccce9f8f5960d689f3540000000004ca73107000000000800000000000000808080800000000078f5ffbf000000005c3a642900000000a0f4ffbf0000000030f4ffbf000000000a000000000000000000000000000000000000000000000000c0104000000000003015400000000060000000000000000020154000000000de3ae65a
size: 300
0000: 03 18 B0 C2 40 22 65 CC 60 70 36 DC A8 7B 0E 94 ....@"e.`p6..{..
0010: 21 DA A0 7B 61 F8 C5 B7 01 88 F3 6B A9 F3 FD FF !..{a......k....
0020: 37 08 AD 2D 56 F0 68 9A 57 78 9B F1 FE 8B 66 0E 7..-V.h.Wx....f.
0030: 9C B3 92 1A CA 43 FA 80 9D 3B 61 71 63 B0 07 7F .....C...;aqc...
0040: 4E 4A 77 D7 84 09 8D 57 19 32 EC 26 7A 82 EB 59 NJw....W.2.&z..Y
0050: 85 B0 74 2E 01 B9 F9 79 18 8B 15 5F 62 09 FE 06 ..t....y..._b...
0060: EA 1E 77 A5 EB A7 8E DC F3 2C 9B 83 91 25 65 85 ..w......,...%e.
0070: 7D BF 48 A8 96 18 C6 74 65 34 5D F7 F4 11 38 72 }.H....te4]...8r
0080: 3D 20 CA 2F AB 38 0C 5B CE 0C 51 AC 3A 1D 69 DE = ./.8.[..Q.:.i.
0090: 20 80 6E CD 8B B8 62 96 45 B4 33 3A 7F A9 5A E4 .n...b.E.3:..Z.
00A0: 49 50 9D 45 C2 E8 FF D3 87 5C CC E9 F8 F5 96 0D IP.E...........
^-----------------------------------------------------------------------------^

v5 = _byteswap_ulong(*a1) ^ 0xF1892131; 0x33393932 ^ 0xF1892131 -> 0xc2b01803
a3[1] = _byteswap_ulong(a1[1]) ^ 0xFF001123; 0x33653363 ^ 0xFF001123 -> 0xcc652240
a3[2] = _byteswap_ulong(a1[2]) ^ 0xF1001356; 0x2D366336 ^ 0xF1001356 -> 0xdc367060
a3[3] = _byteswap_ulong(a1[3]) ^ 0xF1234890; 0x652D3338 ^ 0xF1234890 -> 0x940e7ba8

由此能确定第一段的逻辑是初始化秘钥 开始推理之后的每一段是否为轮秘钥

进入秘钥扩展循环,开始对查表进行还原
qword_C15C0
.text&ARM.extab:00000000000519D0 11 5E 10 53 UBFX W17, W16, #0x10, #8
.text&ARM.extab:00000000000519D4 71 59 71 B8 LDR W17, [X11,W17,UXTW#2]

观察qword_C15C0对应的DCQ定义发现有一些缺失的值
.text&ARM.extab:00000000000C1911 90 D8 48 03 06 05 03 DCB 0x90, 0xD8, 0x48, 3, 6, 5, 3
.text&ARM.extab:00000000000C1918 F6 F7 01 F6 0E 1C 12 0E 61 C2…DCQ 0xE121C0EF601F7F6, 0x355F6A3561A3C261, 0xB9D069B957F9AE57, 0xC15899C186911786, 0x9EB9279E1D273A1D
这些都是dump so没有修复的内容,需要在IDA查看汇编打印对应的值,对照着IDA看看长度,最后得到1024的内容刚好是全部的内容

mx11 1024

-----------------------------------------------------------------------------<
[10:27:49 332]x11=RX@0x400c15c0[libshield.so]0xc15c0, hex=63c6a5637cf8847c77ee99777bf68d7bf2ff0df26bd6bd6b6fdeb16fc59154c5306050300102030167cea9672b567d2bfee719fed7b562d7ab4de6ab76ec9a76ca8f45ca821f9d82c98940c97dfa877dfaef15fa59b2eb59478ec947f0fb0bf0ad41ecadd4b367d4a25ffda2af45eaaf9c23bf9ca453f7a472e49672c09b5bc0b775c2b7fde11cfd933dae93264c6a26366c5a363f7e413ff7f502f7cc834fcc34685c34a551f4a5e5d134e5f1f908f171e29371d8ab73d831625331152a3f1504080c04c79552c723466523c39d5ec3183028189637a196050a0f059a2fb59a070e090712243612801b9b80e2df3de2ebcd26eb274e6927b27fcdb275ea9f7509121b09831d9e832c58742c1a342e1a1b362d1b6edcb26e5ab4ee5aa05bfba052a4f6523b764d3bd6b761d6b37dceb329527b29e3dd3ee32f5e712f8413978453a6f553d1b968d100000000edc12ced20406020fce31ffcb179c8b15bb6ed5b6ad4be6acb8d46cbbe67d9be39724b394a94de4a4c98d44c58b0e858cf854acfd0bb6bd0efc52aefaa4fe5aafbed16fb4386c5434d9ad74d3366553385119485458acf45f9e910f9020406027ffe817f50a0f0503c78443c9f25ba9fa84be3a851a2f351a35dfea34080c0408f058a8f923fad929d21bc9d38704838f5f104f5bc63dfbcb677c1b6daaf75da2142632110203010ffe51afff3fd0ef3d2bf6dd2cd814ccd0c18140c13263513ecc32fec5fbee15f9735a2974488cc44172e3917c49357c4a755f2a77efc827e3d7a473d64c8ac645dbae75d19322b1973e6957360c0a060811998814f9ed14fdca37fdc224466222a547e2a903bab90880b8388468cca46eec729eeb86bd3b814283c14dea779de5ebce25e0b161d0bdbad76dbe0db3be0326456323a744e3a0a141e0a4992db49060c0a0624486c245cb8e45cc29f5dc2d3bd6ed3ac43efac62c4a6629139a8919531a495e4d337e479f28b79e7d532e7c88b43c8376e59376ddab76d8d018c8dd5b164d54e9cd24ea949e0a96cd8b46c56acfa56f4f307f4eacf25ea65caaf657af48e7aae47e9ae08101808ba6fd5ba78f08878254a6f252e5c722e1c38241ca657f1a6b473c7b4c69751c6e8cb23e8dda17cdd74e89c741f3e211f4b96dd4bbd61dcbd8b0d868b8a0f858a70e090703e7c423eb571c4b566ccaa664890d84803060503f6f701f60e1c120e61c2a361356a5f3557aef957b969d0b986179186c19958c11d3a271d9e27b99ee1d938e1f8eb13f8982bb3981122331169d2bb69d9a970d98e07898e9433a7949b2db69b1e3c221e87159287e9c920e9ce8749ce55aaff5528507828dfa57adf8c038f8ca159f8a1890980890d1a170dbf65dabfe6d731e64284c64268d0b8684182c3419929b0992d5a772d0f1e110fb07bcbb054a8fc54bb6dd6bb162c3a16, md5=1d9992b2b7b6d3158709a9d8bb494d6d
size: 1024
0000: 63 C6 A5 63 7C F8 84 7C 77 EE 99 77 7B F6 8D 7B c..c|..|w..w{..{
0010: F2 FF 0D F2 6B D6 BD 6B 6F DE B1 6F C5 91 54 C5 ....k..ko..o..T.
0020: 30 60 50 30 01 02 03 01 67 CE A9 67 2B 56 7D 2B 0P0....g..g+V}+ 0030: FE E7 19 FE D7 B5 62 D7 AB 4D E6 AB 76 EC 9A 76 ......b..M..v..v 0040: CA 8F 45 CA 82 1F 9D 82 C9 89 40 C9 7D FA 87 7D ..E.......@.}..} 0050: FA EF 15 FA 59 B2 EB 59 47 8E C9 47 F0 FB 0B F0 ....Y..YG..G.... 0060: AD 41 EC AD D4 B3 67 D4 A2 5F FD A2 AF 45 EA AF .A....g.._...E.. 0070: 9C 23 BF 9C A4 53 F7 A4 72 E4 96 72 C0 9B 5B C0 .#...S..r..r..[. 0080: B7 75 C2 B7 FD E1 1C FD 93 3D AE 93 26 4C 6A 26 .u.......=..&Lj& 0090: 36 6C 5A 36 3F 7E 41 3F F7 F5 02 F7 CC 83 4F CC 6lZ6?~A?......O. 00A0: 34 68 5C 34 A5 51 F4 A5 E5 D1 34 E5 F1 F9 08 F1 4h\4.Q....4..... 00B0: 71 E2 93 71 D8 AB 73 D8 31 62 53 31 15 2A 3F 15 q..q..s.1bS1.*?. 00C0: 04 08 0C 04 C7 95 52 C7 23 46 65 23 C3 9D 5E C3 ......R.#Fe#..^. 00D0: 18 30 28 18 96 37 A1 96 05 0A 0F 05 9A 2F B5 9A .0(..7......./.. 00E0: 07 0E 09 07 12 24 36 12 80 1B 9B 80 E2 DF 3D E2 .....$6.......=. 00F0: EB CD 26 EB 27 4E 69 27 B2 7F CD B2 75 EA 9F 75 ..&.'Ni'....u..u 0100: 09 12 1B 09 83 1D 9E 83 2C 58 74 2C 1A 34 2E 1A ........,Xt,.4.. 0110: 1B 36 2D 1B 6E DC B2 6E 5A B4 EE 5A A0 5B FB A0 .6-.n..nZ..Z.[.. 0120: 52 A4 F6 52 3B 76 4D 3B D6 B7 61 D6 B3 7D CE B3 R..R;vM;..a..}.. 0130: 29 52 7B 29 E3 DD 3E E3 2F 5E 71 2F 84 13 97 84 )R{)..>./^q/.... 0140: 53 A6 F5 53 D1 B9 68 D1 00 00 00 00 ED C1 2C ED S..S..h.......,. 0150: 20 40 60 20 FC E3 1F FC B1 79 C8 B1 5B B6 ED 5B @ .....y..[..[
0160: 6A D4 BE 6A CB 8D 46 CB BE 67 D9 BE 39 72 4B 39 j..j..F..g..9rK9
0170: 4A 94 DE 4A 4C 98 D4 4C 58 B0 E8 58 CF 85 4A CF J..JL..LX..X..J.
0180: D0 BB 6B D0 EF C5 2A EF AA 4F E5 AA FB ED 16 FB ..k...*..O......
0190: 43 86 C5 43 4D 9A D7 4D 33 66 55 33 85 11 94 85 C..CM..M3fU3....
01A0: 45 8A CF 45 F9 E9 10 F9 02 04 06 02 7F FE 81 7F E..E............
01B0: 50 A0 F0 50 3C 78 44 3C 9F 25 BA 9F A8 4B E3 A8 P..P<xD<.%...K..
01C0: 51 A2 F3 51 A3 5D FE A3 40 80 C0 40 8F 05 8A 8F Q..Q.]..@..@....
01D0: 92 3F AD 92 9D 21 BC 9D 38 70 48 38 F5 F1 04 F5 .?...!..8pH8....
01E0: BC 63 DF BC B6 77 C1 B6 DA AF 75 DA 21 42 63 21 .c...w....u.!Bc!
01F0: 10 20 30 10 FF E5 1A FF F3 FD 0E F3 D2 BF 6D D2 . 0...........m.
0200: CD 81 4C CD 0C 18 14 0C 13 26 35 13 EC C3 2F EC ..L......&5.../.
0210: 5F BE E1 5F 97 35 A2 97 44 88 CC 44 17 2E 39 17 _.._.5..D..D..9.
0220: C4 93 57 C4 A7 55 F2 A7 7E FC 82 7E 3D 7A 47 3D ..W..U..=zG=
0230: 64 C8 AC 64 5D BA E7 5D 19 32 2B 19 73 E6 95 73 d..d]..].2+.s..s
0240: 60 C0 A0 60 81 19 98 81 4F 9E D1 4F DC A3 7F DC ......O..O....
0250: 22 44 66 22 2A 54 7E 2A 90 3B AB 90 88 0B 83 88 "Df"T~.;......
0260: 46 8C CA 46 EE C7 29 EE B8 6B D3 B8 14 28 3C 14 F..F..)..k...(<.
0270: DE A7 79 DE 5E BC E2 5E 0B 16 1D 0B DB AD 76 DB ..y.^..^......v.
0280: E0 DB 3B E0 32 64 56 32 3A 74 4E 3A 0A 14 1E 0A ..;.2dV2:tN:....
0290: 49 92 DB 49 06 0C 0A 06 24 48 6C 24 5C B8 E4 5C I..I....accK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4M7K6i4K6u0W2L8%4u0Y4i4K6u0r3x3e0V1&6z5q4)9J5c8V1#2S2N6r3S2Q4x3V1k6y4j5i4c8Z5e0f1H3`.">HlHlHl..
02A0: C2 9F 5D C2 D3 BD 6E D3 AC 43 EF AC 62 C4 A6 62 ..]...n..C..b..b
02B0: 91 39 A8 91 95 31 A4 95 E4 D3 37 E4 79 F2 8B 79 .9...1....7.y..y
02C0: E7 D5 32 E7 C8 8B 43 C8 37 6E 59 37 6D DA B7 6D ..2...C.7nY7m..m
02D0: 8D 01 8C 8D D5 B1 64 D5 4E 9C D2 4E A9 49 E0 A9 ......d.N..N.I..
02E0: 6C D8 B4 6C 56 AC FA 56 F4 F3 07 F4 EA CF 25 EA l..lV..V......%.
02F0: 65 CA AF 65 7A F4 8E 7A AE 47 E9 AE 08 10 18 08 e..ez..z.G......
0300: BA 6F D5 BA 78 F0 88 78 25 4A 6F 25 2E 5C 72 2E .o..x..x%Jo%.\r.
0310: 1C 38 24 1C A6 57 F1 A6 B4 73 C7 B4 C6 97 51 C6 .8$..W...s....Q.
0320: E8 CB 23 E8 DD A1 7C DD 74 E8 9C 74 1F 3E 21 1F ..#...|.t..t.>!.
0330: 4B 96 DD 4B BD 61 DC BD 8B 0D 86 8B 8A 0F 85 8A K..K.a..........
0340: 70 E0 90 70 3E 7C 42 3E B5 71 C4 B5 66 CC AA 66 p..p>|B>.q..f..f
0350: 48 90 D8 48 03 06 05 03 F6 F7 01 F6 0E 1C 12 0E H..H............
0360: 61 C2 A3 61 35 6A 5F 35 57 AE F9 57 B9 69 D0 B9 a..a5j_5W..W.i..
0370: 86 17 91 86 C1 99 58 C1 1D 3A 27 1D 9E 27 B9 9E ......X..:'..'..
0380: E1 D9 38 E1 F8 EB 13 F8 98 2B B3 98 11 22 33 11 ..8......+..."3.
0390: 69 D2 BB 69 D9 A9 70 D9 8E 07 89 8E 94 33 A7 94 i..i..p......3..
03A0: 9B 2D B6 9B 1E 3C 22 1E 87 15 92 87 E9 C9 20 E9 .-...<"....... .
03B0: CE 87 49 CE 55 AA FF 55 28 50 78 28 DF A5 7A DF ..I.U..U(Px(..z.
03C0: 8C 03 8F 8C A1 59 F8 A1 89 09 80 89 0D 1A 17 0D .....Y..........
03D0: BF 65 DA BF E6 D7 31 E6 42 84 C6 42 68 D0 B8 68 .e....1.B..Bh..h
03E0: 41 82 C3 41 99 29 B0 99 2D 5A 77 2D 0F 1E 11 0F A..A.)..-Zw-....
03F0: B0 7B CB B0 54 A8 FC 54 BB 6D D6 BB 16 2C 3A 16 .{..T..T.m...,:.
^-----------------------------------------------------------------------------^
按照每8个字节作为一组小端序拼接成16进制数,加入到一个数组中

继续打断点0x519DC拿下qword_C19C0的内存值

mx12 1024

-----------------------------------------------------------------------------<
[11:39:44 150]x12=RX@0x400c19c0[libshield.so]0xc19c0, hex=c6a56363f8847c7cee997777f68d7b7bff0df2f2d6bd6b6bdeb16f6f9154c5c56050303002030101cea96767567d2b2be719fefeb562d7d74de6ababec9a76768f45caca1f9d82828940c9c9fa877d7def15fafab2eb59598ec94747fb0bf0f041ecadadb367d4d45ffda2a245eaafaf23bf9c9c53f7a4a4e49672729b5bc0c075c2b7b7e11cfdfd3dae93934c6a26266c5a36367e413f3ff502f7f7834fcccc685c343451f4a5a5d134e5e5f908f1f1e2937171ab73d8d8625331312a3f1515080c04049552c7c7466523239d5ec3c33028181837a196960a0f05052fb59a9a0e090707243612121b9b8080df3de2e2cd26ebeb4e6927277fcdb2b2ea9f7575121b09091d9e838358742c2c342e1a1a362d1b1bdcb26e6eb4ee5a5a5bfba0a0a4f65252764d3b3bb761d6d67dceb3b3527b2929dd3ee3e35e712f2f13978484a6f55353b968d1d100000000c12ceded40602020e31ffcfc79c8b1b1b6ed5b5bd4be6a6a8d46cbcb67d9bebe724b393994de4a4a98d44c4cb0e85858854acfcfbb6bd0d0c52aefef4fe5aaaaed16fbfb86c543439ad74d4d66553333119485858acf4545e910f9f904060202fe817f7fa0f0505078443c3c25ba9f9f4be3a8a8a2f351515dfea3a380c04040058a8f8f3fad929221bc9d9d70483838f104f5f563dfbcbc77c1b6b6af75dada4263212120301010e51afffffd0ef3f3bf6dd2d2814ccdcd18140c0c26351313c32fececbee15f5f35a2979788cc44442e3917179357c4c455f2a7a7fc827e7e7a473d3dc8ac6464bae75d5d322b1919e6957373c0a06060199881819ed14f4fa37fdcdc44662222547e2a2a3bab90900b8388888cca4646c729eeee6bd3b8b8283c1414a779dedebce25e5e161d0b0bad76dbdbdb3be0e064563232744e3a3a141e0a0a92db49490c0a0606486c2424b8e45c5c9f5dc2c2bd6ed3d343efacacc4a6626239a8919131a49595d337e4e4f28b7979d532e7e78b43c8c86e593737dab76d6d018c8d8db164d5d59cd24e4e49e0a9a9d8b46c6cacfa5656f307f4f4cf25eaeacaaf6565f48e7a7a47e9aeae101808086fd5babaf08878784a6f25255c722e2e38241c1c57f1a6a673c7b4b49751c6c6cb23e8e8a17cdddde89c74743e211f1f96dd4b4b61dcbdbd0d868b8b0f858a8ae09070707c423e3e71c4b5b5ccaa666690d8484806050303f701f6f61c120e0ec2a361616a5f3535aef9575769d0b9b9179186869958c1c13a271d1d27b99e9ed938e1e1eb13f8f82bb3989822331111d2bb6969a970d9d907898e8e33a794942db69b9b3c221e1e15928787c920e9e98749ceceaaff555550782828a57adfdf038f8c8c59f8a1a1098089891a170d0d65dabfbfd731e6e684c64242d0b8686882c3414129b099995a772d2d1e110f0f7bcbb0b0a8fc54546dd6bbbb2c3a1616, md5=9e5ba9ff36ab17c747e925586d714117
size: 1024
0000: C6 A5 63 63 F8 84 7C 7C EE 99 77 77 F6 8D 7B 7B ..cc..||..ww..{{
0010: FF 0D F2 F2 D6 BD 6B 6B DE B1 6F 6F 91 54 C5 C5 ......kk..oo.T..
0020: 60 50 30 30 02 03 01 01 CE A9 67 67 56 7D 2B 2B P00......ggV}++ 0030: E7 19 FE FE B5 62 D7 D7 4D E6 AB AB EC 9A 76 76 .....b..M.....vv 0040: 8F 45 CA CA 1F 9D 82 82 89 40 C9 C9 FA 87 7D 7D .E.......@....}} 0050: EF 15 FA FA B2 EB 59 59 8E C9 47 47 FB 0B F0 F0 ......YY..GG.... 0060: 41 EC AD AD B3 67 D4 D4 5F FD A2 A2 45 EA AF AF A....g.._...E... 0070: 23 BF 9C 9C 53 F7 A4 A4 E4 96 72 72 9B 5B C0 C0 #...S.....rr.[.. 0080: 75 C2 B7 B7 E1 1C FD FD 3D AE 93 93 4C 6A 26 26 u.......=...Lj&& 0090: 6C 5A 36 36 7E 41 3F 3F F5 02 F7 F7 83 4F CC CC lZ66~A??.....O.. 00A0: 68 5C 34 34 51 F4 A5 A5 D1 34 E5 E5 F9 08 F1 F1 h\44Q....4...... 00B0: E2 93 71 71 AB 73 D8 D8 62 53 31 31 2A 3F 15 15 ..qq.s..bS11*?.. 00C0: 08 0C 04 04 95 52 C7 C7 46 65 23 23 9D 5E C3 C3 .....R..Fe##.^.. 00D0: 30 28 18 18 37 A1 96 96 0A 0F 05 05 2F B5 9A 9A 0(..7......./... 00E0: 0E 09 07 07 24 36 12 12 1B 9B 80 80 DF 3D E2 E2 ....$6.......=.. 00F0: CD 26 EB EB 4E 69 27 27 7F CD B2 B2 EA 9F 75 75 .&..Ni''......uu 0100: 12 1B 09 09 1D 9E 83 83 58 74 2C 2C 34 2E 1A 1A ........Xt,,4... 0110: 36 2D 1B 1B DC B2 6E 6E B4 EE 5A 5A 5B FB A0 A0 6-....nn..ZZ[... 0120: A4 F6 52 52 76 4D 3B 3B B7 61 D6 D6 7D CE B3 B3 ..RRvM;;.a..}... 0130: 52 7B 29 29 DD 3E E3 E3 5E 71 2F 2F 13 97 84 84 R{)).>..^q//.... 0140: A6 F5 53 53 B9 68 D1 D1 00 00 00 00 C1 2C ED ED ..SS.h.......,.. 0150: 40 60 20 20 E3 1F FC FC 79 C8 B1 B1 B6 ED 5B 5B @ ....y.....[[
0160: D4 BE 6A 6A 8D 46 CB CB 67 D9 BE BE 72 4B 39 39 ..jj.F..g...rK99
0170: 94 DE 4A 4A 98 D4 4C 4C B0 E8 58 58 85 4A CF CF ..JJ..LL..XX.J..
0180: BB 6B D0 D0 C5 2A EF EF 4F E5 AA AA ED 16 FB FB .k...*..O.......
0190: 86 C5 43 43 9A D7 4D 4D 66 55 33 33 11 94 85 85 ..CC..MMfU33....
01A0: 8A CF 45 45 E9 10 F9 F9 04 06 02 02 FE 81 7F 7F ..EE............
01B0: A0 F0 50 50 78 44 3C 3C 25 BA 9F 9F 4B E3 A8 A8 ..PPxD<<%...K...
01C0: A2 F3 51 51 5D FE A3 A3 80 C0 40 40 05 8A 8F 8F ..QQ].....@@....
01D0: 3F AD 92 92 21 BC 9D 9D 70 48 38 38 F1 04 F5 F5 ?...!...pH88....
01E0: 63 DF BC BC 77 C1 B6 B6 AF 75 DA DA 42 63 21 21 c...w....u..Bc!!
01F0: 20 30 10 10 E5 1A FF FF FD 0E F3 F3 BF 6D D2 D2 0...........m..
0200: 81 4C CD CD 18 14 0C 0C 26 35 13 13 C3 2F EC EC .L......&5.../..
0210: BE E1 5F 5F 35 A2 97 97 88 CC 44 44 2E 39 17 17 ..__5.....DD.9..
0220: 93 57 C4 C4 55 F2 A7 A7 FC 82 7E 7E 7A 47 3D 3D .W..U.....~~zG==
0230: C8 AC 64 64 BA E7 5D 5D 32 2B 19 19 E6 95 73 73 ..dd..]]2+....ss
0240: C0 A0 60 60 19 98 81 81 9E D1 4F 4F A3 7F DC DC ..``......OO....
0250: 44 66 22 22 54 7E 2A 2A 3B AB 90 90 0B 83 88 88 Df""T~**;.......
0260: 8C CA 46 46 C7 29 EE EE 6B D3 B8 B8 28 3C 14 14 ..FF.)..k...(<..
0270: A7 79 DE DE BC E2 5E 5E 16 1D 0B 0B AD 76 DB DB .y....^^.....v..
0280: DB 3B E0 E0 64 56 32 32 74 4E 3A 3A 14 1E 0A 0A .;..dV22tN::....
0290: 92 DB 49 49 0C 0A 06 06 48 6C 24 24 B8 E4 5C 5C ..II....Hl$$..\
02A0: 9F 5D C2 C2 BD 6E D3 D3 43 EF AC AC C4 A6 62 62 .]...n..C.....bb
02B0: 39 A8 91 91 31 A4 95 95 D3 37 E4 E4 F2 8B 79 79 9...1....7....yy
02C0: D5 32 E7 E7 8B 43 C8 C8 6E 59 37 37 DA B7 6D 6D .2...C..nY77..mm
02D0: 01 8C 8D 8D B1 64 D5 D5 9C D2 4E 4E 49 E0 A9 A9 .....d....NNI...
02E0: D8 B4 6C 6C AC FA 56 56 F3 07 F4 F4 CF 25 EA EA ..ll..VV.....%..
02F0: CA AF 65 65 F4 8E 7A 7A 47 E9 AE AE 10 18 08 08 ..ee..zzG.......
0300: 6F D5 BA BA F0 88 78 78 4A 6F 25 25 5C 72 2E 2E o.....xxJo%%\r..
0310: 38 24 1C 1C 57 F1 A6 A6 73 C7 B4 B4 97 51 C6 C6 8$..W...s....Q..
0320: CB 23 E8 E8 A1 7C DD DD E8 9C 74 74 3E 21 1F 1F .#...|....tt>!..
0330: 96 DD 4B 4B 61 DC BD BD 0D 86 8B 8B 0F 85 8A 8A ..KKa...........
0340: E0 90 70 70 7C 42 3E 3E 71 C4 B5 B5 CC AA 66 66 ..pp|B>>q.....ff
0350: 90 D8 48 48 06 05 03 03 F7 01 F6 F6 1C 12 0E 0E ..HH............
0360: C2 A3 61 61 6A 5F 35 35 AE F9 57 57 69 D0 B9 B9 ..aaj_55..WWi...
0370: 17 91 86 86 99 58 C1 C1 3A 27 1D 1D 27 B9 9E 9E .....X..:'..'...
0380: D9 38 E1 E1 EB 13 F8 F8 2B B3 98 98 22 33 11 11 .8......+..."3..
0390: D2 BB 69 69 A9 70 D9 D9 07 89 8E 8E 33 A7 94 94 ..ii.p......3...
03A0: 2D B6 9B 9B 3C 22 1E 1E 15 92 87 87 C9 20 E9 E9 -...<"....... ..
03B0: 87 49 CE CE AA FF 55 55 50 78 28 28 A5 7A DF DF .I....UUPx((.z..
03C0: 03 8F 8C 8C 59 F8 A1 A1 09 80 89 89 1A 17 0D 0D ....Y...........
03D0: 65 DA BF BF D7 31 E6 E6 84 C6 42 42 D0 B8 68 68 e....1....BB..hh
03E0: 82 C3 41 41 29 B0 99 99 5A 77 2D 2D 1E 11 0F 0F ..AA)...Zw--....
03F0: 7B CB B0 B0 A8 FC 54 54 6D D6 BB BB 2C 3A 16 16 {.....TTm...,:..
^-----------------------------------------------------------------------------^

继续打断点0x519F0 拿下RijnDael_AES_C1DC0的数据

mx13 1024

-----------------------------------------------------------------------------<
[11:48:47 591]x13=RX@0x400c1dc0[libshield.so]0xc1dc0, hex=a56363c6847c7cf8997777ee8d7b7bf60df2f2ffbd6b6bd6b16f6fde54c5c5915030306003010102a96767ce7d2b2b5619fefee762d7d7b5e6abab4d9a7676ec45caca8f9d82821f40c9c989877d7dfa15fafaefeb5959b2c947478e0bf0f0fbecadad4167d4d4b3fda2a25feaafaf45bf9c9c23f7a4a453967272e45bc0c09bc2b7b7751cfdfde1ae93933d6a26264c5a36366c413f3f7e02f7f7f54fcccc835c343468f4a5a55134e5e5d108f1f1f9937171e273d8d8ab533131623f15152a0c04040852c7c795652323465ec3c39d28181830a19696370f05050ab59a9a2f0907070e361212249b80801b3de2e2df26ebebcd6927274ecdb2b27f9f7575ea1b0909129e83831d742c2c582e1a1a342d1b1b36b26e6edcee5a5ab4fba0a05bf65252a44d3b3b7661d6d6b7ceb3b37d7b2929523ee3e3dd712f2f5e97848413f55353a668d1d1b9000000002cededc1602020401ffcfce3c8b1b179ed5b5bb6be6a6ad446cbcb8dd9bebe674b393972de4a4a94d44c4c98e85858b04acfcf856bd0d0bb2aefefc5e5aaaa4f16fbfbedc5434386d74d4d9a5533336694858511cf45458a10f9f9e906020204817f7ffef05050a0443c3c78ba9f9f25e3a8a84bf35151a2fea3a35dc04040808a8f8f05ad92923fbc9d9d214838387004f5f5f1dfbcbc63c1b6b67775dadaaf63212142301010201affffe50ef3f3fd6dd2d2bf4ccdcd81140c0c18351313262fececc3e15f5fbea2979735cc4444883917172e57c4c493f2a7a755827e7efc473d3d7aac6464c8e75d5dba2b191932957373e6a06060c098818119d14f4f9e7fdcdca3662222447e2a2a54ab90903b8388880bca46468c29eeeec7d3b8b86b3c14142879dedea7e25e5ebc1d0b0b1676dbdbad3be0e0db563232644e3a3a741e0a0a14db4949920a06060c6c242448e45c5cb85dc2c29f6ed3d3bdefacac43a66262c4a8919139a495953137e4e4d38b7979f232e7e7d543c8c88b5937376eb76d6dda8c8d8d0164d5d5b1d24e4e9ce0a9a949b46c6cd8fa5656ac07f4f4f325eaeacfaf6565ca8e7a7af4e9aeae4718080810d5baba6f887878f06f25254a722e2e5c241c1c38f1a6a657c7b4b47351c6c69723e8e8cb7cdddda19c7474e8211f1f3edd4b4b96dcbdbd61868b8b0d858a8a0f907070e0423e3e7cc4b5b571aa6666ccd84848900503030601f6f6f7120e0e1ca36161c25f35356af95757aed0b9b9699186861758c1c199271d1d3ab99e9e2738e1e1d913f8f8ebb398982b33111122bb6969d270d9d9a9898e8e07a7949433b69b9b2d221e1e3c9287871520e9e9c949cece87ff5555aa782828507adfdfa58f8c8c03f8a1a15980898909170d0d1adabfbf6531e6e6d7c6424284b86868d0c3414182b0999929772d2d5a110f0f1ecbb0b07bfc5454a8d6bbbb6d3a16162c, md5=8ab2e0e16ddd9a89f10cba096fc57fa3
size: 1024
0000: A5 63 63 C6 84 7C 7C F8 99 77 77 EE 8D 7B 7B F6 .cc..||..ww..{{.
0010: 0D F2 F2 FF BD 6B 6B D6 B1 6F 6F DE 54 C5 C5 91 .....kk..oo.T...
0020: 50 30 30 60 03 01 01 02 A9 67 67 CE 7D 2B 2B 56 P00.....gg.}++V 0030: 19 FE FE E7 62 D7 D7 B5 E6 AB AB 4D 9A 76 76 EC ....b......M.vv. 0040: 45 CA CA 8F 9D 82 82 1F 40 C9 C9 89 87 7D 7D FA E.......@....}}. 0050: 15 FA FA EF EB 59 59 B2 C9 47 47 8E 0B F0 F0 FB .....YY..GG..... 0060: EC AD AD 41 67 D4 D4 B3 FD A2 A2 5F EA AF AF 45 ...Ag......_...E 0070: BF 9C 9C 23 F7 A4 A4 53 96 72 72 E4 5B C0 C0 9B ...#...S.rr.[... 0080: C2 B7 B7 75 1C FD FD E1 AE 93 93 3D 6A 26 26 4C ...u.......=j&&L 0090: 5A 36 36 6C 41 3F 3F 7E 02 F7 F7 F5 4F CC CC 83 Z66lA??~....O... 00A0: 5C 34 34 68 F4 A5 A5 51 34 E5 E5 D1 08 F1 F1 F9 \44h...Q4....... 00B0: 93 71 71 E2 73 D8 D8 AB 53 31 31 62 3F 15 15 2A .qq.s...S11b?..* 00C0: 0C 04 04 08 52 C7 C7 95 65 23 23 46 5E C3 C3 9D ....R...e##F^... 00D0: 28 18 18 30 A1 96 96 37 0F 05 05 0A B5 9A 9A 2F (..0...7......./ 00E0: 09 07 07 0E 36 12 12 24 9B 80 80 1B 3D E2 E2 DF ....6..$....=... 00F0: 26 EB EB CD 69 27 27 4E CD B2 B2 7F 9F 75 75 EA &...i''N.....uu. 0100: 1B 09 09 12 9E 83 83 1D 74 2C 2C 58 2E 1A 1A 34 ........t,,X...4 0110: 2D 1B 1B 36 B2 6E 6E DC EE 5A 5A B4 FB A0 A0 5B -..6.nn..ZZ....[ 0120: F6 52 52 A4 4D 3B 3B 76 61 D6 D6 B7 CE B3 B3 7D .RR.M;;va......} 0130: 7B 29 29 52 3E E3 E3 DD 71 2F 2F 5E 97 84 84 13 {))R>...q//^.... 0140: F5 53 53 A6 68 D1 D1 B9 00 00 00 00 2C ED ED C1 .SS.h.......,... 0150: 60 20 20 40 1F FC FC E3 C8 B1 B1 79 ED 5B 5B B6 @.......y.[[.
0160: BE 6A 6A D4 46 CB CB 8D D9 BE BE 67 4B 39 39 72 .jj.F......gK99r
0170: DE 4A 4A 94 D4 4C 4C 98 E8 58 58 B0 4A CF CF 85 .JJ..LL..XX.J...
0180: 6B D0 D0 BB 2A EF EF C5 E5 AA AA 4F 16 FB FB ED k...*......O....
0190: C5 43 43 86 D7 4D 4D 9A 55 33 33 66 94 85 85 11 .CC..MM.U33f....
01A0: CF 45 45 8A 10 F9 F9 E9 06 02 02 04 81 7F 7F FE .EE.............
01B0: F0 50 50 A0 44 3C 3C 78 BA 9F 9F 25 E3 A8 A8 4B .PP.D<<x...%...K
01C0: F3 51 51 A2 FE A3 A3 5D C0 40 40 80 8A 8F 8F 05 .QQ....].@@.....
01D0: AD 92 92 3F BC 9D 9D 21 48 38 38 70 04 F5 F5 F1 ...?...!H88p....
01E0: DF BC BC 63 C1 B6 B6 77 75 DA DA AF 63 21 21 42 ...c...wu...c!!B
01F0: 30 10 10 20 1A FF FF E5 0E F3 F3 FD 6D D2 D2 BF 0.. ........m...
0200: 4C CD CD 81 14 0C 0C 18 35 13 13 26 2F EC EC C3 L.......5..&/...
0210: E1 5F 5F BE A2 97 97 35 CC 44 44 88 39 17 17 2E .__....5.DD.9...
0220: 57 C4 C4 93 F2 A7 A7 55 82 7E 7E FC 47 3D 3D 7A W......U.~~.G==z
0230: AC 64 64 C8 E7 5D 5D BA 2B 19 19 32 95 73 73 E6 .dd..]].+..2.ss.
0240: A0 60 60 C0 98 81 81 19 D1 4F 4F 9E 7F DC DC A3 .``......OO.....
0250: 66 22 22 44 7E 2A 2A 54 AB 90 90 3B 83 88 88 0B f""D~**T...;....
0260: CA 46 46 8C 29 EE EE C7 D3 B8 B8 6B 3C 14 14 28 .FF.)......k<..(
0270: 79 DE DE A7 E2 5E 5E BC 1D 0B 0B 16 76 DB DB AD y....^^.....v...
0280: 3B E0 E0 DB 56 32 32 64 4E 3A 3A 74 1E 0A 0A 14 ;...V22dN::t....
0290: DB 49 49 92 0A 06 06 0C 6C 24 24 48 E4 5C 5C B8 .II.....l$$H.\.
02A0: 5D C2 C2 9F 6E D3 D3 BD EF AC AC 43 A6 62 62 C4 ]...n......C.bb.
02B0: A8 91 91 39 A4 95 95 31 37 E4 E4 D3 8B 79 79 F2 ...9...17....yy.
02C0: 32 E7 E7 D5 43 C8 C8 8B 59 37 37 6E B7 6D 6D DA 2...C...Y77n.mm.
02D0: 8C 8D 8D 01 64 D5 D5 B1 D2 4E 4E 9C E0 A9 A9 49 ....d....NN....I
02E0: B4 6C 6C D8 FA 56 56 AC 07 F4 F4 F3 25 EA EA CF .ll..VV.....%...
02F0: AF 65 65 CA 8E 7A 7A F4 E9 AE AE 47 18 08 08 10 .ee..zz....G....
0300: D5 BA BA 6F 88 78 78 F0 6F 25 25 4A 72 2E 2E 5C ...o.xx.o%%Jr..
0310: 24 1C 1C 38 F1 A6 A6 57 C7 B4 B4 73 51 C6 C6 97 $..8...W...sQ...
0320: 23 E8 E8 CB 7C DD DD A1 9C 74 74 E8 21 1F 1F 3E #...|....tt.!..>
0330: DD 4B 4B 96 DC BD BD 61 86 8B 8B 0D 85 8A 8A 0F .KK....a........
0340: 90 70 70 E0 42 3E 3E 7C C4 B5 B5 71 AA 66 66 CC .pp.B>>|...q.ff.
0350: D8 48 48 90 05 03 03 06 01 F6 F6 F7 12 0E 0E 1C .HH.............
0360: A3 61 61 C2 5F 35 35 6A F9 57 57 AE D0 B9 B9 69 .aa._55j.WW....i
0370: 91 86 86 17 58 C1 C1 99 27 1D 1D 3A B9 9E 9E 27 ....X...'..:...'
0380: 38 E1 E1 D9 13 F8 F8 EB B3 98 98 2B 33 11 11 22 8..........+3.."
0390: BB 69 69 D2 70 D9 D9 A9 89 8E 8E 07 A7 94 94 33 .ii.p..........3
03A0: B6 9B 9B 2D 22 1E 1E 3C 92 87 87 15 20 E9 E9 C9 ...-"..<.... ...
03B0: 49 CE CE 87 FF 55 55 AA 78 28 28 50 7A DF DF A5 I....UU.x((Pz...
03C0: 8F 8C 8C 03 F8 A1 A1 59 80 89 89 09 17 0D 0D 1A .......Y........
03D0: DA BF BF 65 31 E6 E6 D7 C6 42 42 84 B8 68 68 D0 ...e1....BB..hh.
03E0: C3 41 41 82 B0 99 99 29 77 2D 2D 5A 11 0F 0F 1E .AA....)w--Z....
03F0: CB B0 B0 7B FC 54 54 A8 D6 BB BB 6D 3A 16 16 2C ...{.TT....m:..,
^-----------------------------------------------------------------------------^

继续打断点0x519F8 拿下qword_C21C0
mx14 1024

-----------------------------------------------------------------------------<
[12:00:49 873]x14=RX@0x400c21c0[libshield.so]0xc21c0, hex=6363c6a57c7cf8847777ee997b7bf68df2f2ff0d6b6bd6bd6f6fdeb1c5c5915430306050010102036767cea92b2b567dfefee719d7d7b562abab4de67676ec9acaca8f4582821f9dc9c989407d7dfa87fafaef155959b2eb47478ec9f0f0fb0badad41ecd4d4b367a2a25ffdafaf45ea9c9c23bfa4a453f77272e496c0c09b5bb7b775c2fdfde11c93933dae26264c6a36366c5a3f3f7e41f7f7f502cccc834f3434685ca5a551f4e5e5d134f1f1f9087171e293d8d8ab733131625315152a3f0404080cc7c7955223234665c3c39d5e18183028969637a105050a0f9a9a2fb507070e091212243680801b9be2e2df3debebcd2627274e69b2b27fcd7575ea9f0909121b83831d9e2c2c58741a1a342e1b1b362d6e6edcb25a5ab4eea0a05bfb5252a4f63b3b764dd6d6b761b3b37dce2929527be3e3dd3e2f2f5e71848413975353a6f5d1d1b96800000000ededc12c20204060fcfce31fb1b179c85b5bb6ed6a6ad4becbcb8d46bebe67d93939724b4a4a94de4c4c98d45858b0e8cfcf854ad0d0bb6befefc52aaaaa4fe5fbfbed16434386c54d4d9ad7333366558585119445458acff9f9e910020204067f7ffe815050a0f03c3c78449f9f25baa8a84be35151a2f3a3a35dfe404080c08f8f058a92923fad9d9d21bc38387048f5f5f104bcbc63dfb6b677c1dadaaf752121426310102030ffffe51af3f3fd0ed2d2bf6dcdcd814c0c0c181413132635ececc32f5f5fbee1979735a2444488cc17172e39c4c49357a7a755f27e7efc823d3d7a476464c8ac5d5dbae71919322b7373e6956060c0a0818119984f4f9ed1dcdca37f222244662a2a547e90903bab88880b8346468ccaeeeec729b8b86bd31414283cdedea7795e5ebce20b0b161ddbdbad76e0e0db3b323264563a3a744e0a0a141e494992db06060c0a2424486c5c5cb8e4c2c29f5dd3d3bd6eacac43ef6262c4a6919139a8959531a4e4e4d3377979f28be7e7d532c8c88b4337376e596d6ddab78d8d018cd5d5b1644e4e9cd2a9a949e06c6cd8b45656acfaf4f4f307eaeacf256565caaf7a7af48eaeae47e908081018baba6fd57878f08825254a6f2e2e5c721c1c3824a6a657f1b4b473c7c6c69751e8e8cb23dddda17c7474e89c1f1f3e214b4b96ddbdbd61dc8b8b0d868a8a0f857070e0903e3e7c42b5b571c46666ccaa484890d803030605f6f6f7010e0e1c126161c2a335356a5f5757aef9b9b969d086861791c1c199581d1d3a279e9e27b9e1e1d938f8f8eb1398982bb3111122336969d2bbd9d9a9708e8e0789949433a79b9b2db61e1e3c2287871592e9e9c920cece87495555aaff28285078dfdfa57a8c8c038fa1a159f8898909800d0d1a17bfbf65dae6e6d731424284c66868d0b8414182c3999929b02d2d5a770f0f1e11b0b07bcb5454a8fcbbbb6dd616162c3a, md5=0b332f3dca5e444c8a36d183b9429586
size: 1024
0000: 63 63 C6 A5 7C 7C F8 84 77 77 EE 99 7B 7B F6 8D cc..||..ww..{{..
0010: F2 F2 FF 0D 6B 6B D6 BD 6F 6F DE B1 C5 C5 91 54 ....kk..oo.....T
0020: 30 30 60 50 01 01 02 03 67 67 CE A9 2B 2B 56 7D 00P....gg..++V} 0030: FE FE E7 19 D7 D7 B5 62 AB AB 4D E6 76 76 EC 9A .......b..M.vv.. 0040: CA CA 8F 45 82 82 1F 9D C9 C9 89 40 7D 7D FA 87 ...E.......@}}.. 0050: FA FA EF 15 59 59 B2 EB 47 47 8E C9 F0 F0 FB 0B ....YY..GG...... 0060: AD AD 41 EC D4 D4 B3 67 A2 A2 5F FD AF AF 45 EA ..A....g.._...E. 0070: 9C 9C 23 BF A4 A4 53 F7 72 72 E4 96 C0 C0 9B 5B ..#...S.rr.....[ 0080: B7 B7 75 C2 FD FD E1 1C 93 93 3D AE 26 26 4C 6A ..u.......=.&&Lj 0090: 36 36 6C 5A 3F 3F 7E 41 F7 F7 F5 02 CC CC 83 4F 66lZ??~A.......O 00A0: 34 34 68 5C A5 A5 51 F4 E5 E5 D1 34 F1 F1 F9 08 44h\..Q....4.... 00B0: 71 71 E2 93 D8 D8 AB 73 31 31 62 53 15 15 2A 3F qq.....s11bS..*? 00C0: 04 04 08 0C C7 C7 95 52 23 23 46 65 C3 C3 9D 5E .......R##Fe...^ 00D0: 18 18 30 28 96 96 37 A1 05 05 0A 0F 9A 9A 2F B5 ..0(..7......./. 00E0: 07 07 0E 09 12 12 24 36 80 80 1B 9B E2 E2 DF 3D ......$6.......= 00F0: EB EB CD 26 27 27 4E 69 B2 B2 7F CD 75 75 EA 9F ...&''Ni....uu.. 0100: 09 09 12 1B 83 83 1D 9E 2C 2C 58 74 1A 1A 34 2E ........,,Xt..4. 0110: 1B 1B 36 2D 6E 6E DC B2 5A 5A B4 EE A0 A0 5B FB ..6-nn..ZZ....[. 0120: 52 52 A4 F6 3B 3B 76 4D D6 D6 B7 61 B3 B3 7D CE RR..;;vM...a..}. 0130: 29 29 52 7B E3 E3 DD 3E 2F 2F 5E 71 84 84 13 97 ))R{...>//^q.... 0140: 53 53 A6 F5 D1 D1 B9 68 00 00 00 00 ED ED C1 2C SS.....h......., 0150: 20 20 40 60 FC FC E3 1F B1 B1 79 C8 5B 5B B6 ED @......y.[[..
0160: 6A 6A D4 BE CB CB 8D 46 BE BE 67 D9 39 39 72 4B jj.....F..g.99rK
0170: 4A 4A 94 DE 4C 4C 98 D4 58 58 B0 E8 CF CF 85 4A JJ..LL..XX.....J
0180: D0 D0 BB 6B EF EF C5 2A AA AA 4F E5 FB FB ED 16 ...k...*..O.....
0190: 43 43 86 C5 4D 4D 9A D7 33 33 66 55 85 85 11 94 CC..MM..33fU....
01A0: 45 45 8A CF F9 F9 E9 10 02 02 04 06 7F 7F FE 81 EE..............
01B0: 50 50 A0 F0 3C 3C 78 44 9F 9F 25 BA A8 A8 4B E3 PP..<<xD..%...K.
01C0: 51 51 A2 F3 A3 A3 5D FE 40 40 80 C0 8F 8F 05 8A QQ....].@@......
01D0: 92 92 3F AD 9D 9D 21 BC 38 38 70 48 F5 F5 F1 04 ..?...!.88pH....
01E0: BC BC 63 DF B6 B6 77 C1 DA DA AF 75 21 21 42 63 ..c...w....u!!Bc
01F0: 10 10 20 30 FF FF E5 1A F3 F3 FD 0E D2 D2 BF 6D .. 0...........m
0200: CD CD 81 4C 0C 0C 18 14 13 13 26 35 EC EC C3 2F ...L......&5.../
0210: 5F 5F BE E1 97 97 35 A2 44 44 88 CC 17 17 2E 39 __....5.DD.....9
0220: C4 C4 93 57 A7 A7 55 F2 7E 7E FC 82 3D 3D 7A 47 ...W..U.~~..==zG
0230: 64 64 C8 AC 5D 5D BA E7 19 19 32 2B 73 73 E6 95 dd..]]....2+ss..
0240: 60 60 C0 A0 81 81 19 98 4F 4F 9E D1 DC DC A3 7F ``......OO......
0250: 22 22 44 66 2A 2A 54 7E 90 90 3B AB 88 88 0B 83 ""Df**T~..;.....
0260: 46 46 8C CA EE EE C7 29 B8 B8 6B D3 14 14 28 3C FF.....)..k...(<
0270: DE DE A7 79 5E 5E BC E2 0B 0B 16 1D DB DB AD 76 ...y^^.........v
0280: E0 E0 DB 3B 32 32 64 56 3A 3A 74 4E 0A 0A 14 1E ...;22dV::tN....
0290: 49 49 92 DB 06 06 0C 0A 24 24 48 6C 5C 5C B8 E4 II......$$Hl\..
02A0: C2 C2 9F 5D D3 D3 BD 6E AC AC 43 EF 62 62 C4 A6 ...]...n..C.bb..
02B0: 91 91 39 A8 95 95 31 A4 E4 E4 D3 37 79 79 F2 8B ..9...1....7yy..
02C0: E7 E7 D5 32 C8 C8 8B 43 37 37 6E 59 6D 6D DA B7 ...2...C77nYmm..
02D0: 8D 8D 01 8C D5 D5 B1 64 4E 4E 9C D2 A9 A9 49 E0 .......dNN....I.
02E0: 6C 6C D8 B4 56 56 AC FA F4 F4 F3 07 EA EA CF 25 ll..VV.........%
02F0: 65 65 CA AF 7A 7A F4 8E AE AE 47 E9 08 08 10 18 ee..zz....G.....
0300: BA BA 6F D5 78 78 F0 88 25 25 4A 6F 2E 2E 5C 72 ..o.xx..%%Jo..\r
0310: 1C 1C 38 24 A6 A6 57 F1 B4 B4 73 C7 C6 C6 97 51 ..8$..W...s....Q
0320: E8 E8 CB 23 DD DD A1 7C 74 74 E8 9C 1F 1F 3E 21 ...#...|tt....>!
0330: 4B 4B 96 DD BD BD 61 DC 8B 8B 0D 86 8A 8A 0F 85 KK....a.........
0340: 70 70 E0 90 3E 3E 7C 42 B5 B5 71 C4 66 66 CC AA pp..>>|B..q.ff..
0350: 48 48 90 D8 03 03 06 05 F6 F6 F7 01 0E 0E 1C 12 HH..............
0360: 61 61 C2 A3 35 35 6A 5F 57 57 AE F9 B9 B9 69 D0 aa..55j_WW....i.
0370: 86 86 17 91 C1 C1 99 58 1D 1D 3A 27 9E 9E 27 B9 .......X..:'..'.
0380: E1 E1 D9 38 F8 F8 EB 13 98 98 2B B3 11 11 22 33 ...8......+..."3
0390: 69 69 D2 BB D9 D9 A9 70 8E 8E 07 89 94 94 33 A7 ii.....p......3.
03A0: 9B 9B 2D B6 1E 1E 3C 22 87 87 15 92 E9 E9 C9 20 ..-...<".......
03B0: CE CE 87 49 55 55 AA FF 28 28 50 78 DF DF A5 7A ...IUU..((Px...z
03C0: 8C 8C 03 8F A1 A1 59 F8 89 89 09 80 0D 0D 1A 17 ......Y.........
03D0: BF BF 65 DA E6 E6 D7 31 42 42 84 C6 68 68 D0 B8 ..e....1BB..hh..
03E0: 41 41 82 C3 99 99 29 B0 2D 2D 5A 77 0F 0F 1E 11 AA....).--Zw....
03F0: B0 B0 7B CB 54 54 A8 FC BB BB 6D D6 16 16 2C 3A ..{.TT....m...,:
^-----------------------------------------------------------------------------^

继续打断点0x51A04 拿到unk_C25C0
mx15 48

-----------------------------------------------------------------------------<
[14:26:47 888]x15=RX@0x400c25c0[libshield.so]0xc25c0, md5=b2e66da9bb4ce55fae9fbec6d188f51f, hex=00003112000100020000020400020208002010100004023000200040002000800020001b0002203650a7f4515365417e
size: 48
0000: 00 00 31 12 00 01 00 02 00 00 02 04 00 02 02 08 ..1.............
0010: 00 20 10 10 00 04 02 30 00 20 00 40 00 20 00 80 . .....0. .@. ..
0020: 00 20 00 1B 00 02 20 36
^-----------------------------------------------------------------------------^

模拟算法后输出的内容与sub1884处得到的扩展秘钥一致
Round 0: [3266320387, 3429179968, 3694555232, 2483977128]
Round 1: [2074139169, 3083204705, 1811122177, 4294833065]
Round 2: [766314551, 2590568534, 4053497943, 241601534]
Round 3: [445821852, 2163885002, 1902197661, 2131210339]
Round 4: [3614919246, 1468860804, 653013529, 1508606586]
Round 5: [779399301, 2046408961, 1595247384, 117311842]
Round 6: [2776047338, 3700336619, 2207984883, 2237998481]
Round 7: [2823339901, 1959139478, 4150080613, 1916277236]
Round 8: [801775677, 1527527595, 2890992846, 3731430714]
Round 9: [3446571040, 2523052171, 976467013, 3831146879]
Round 10: [1167937609, 3556763842, 3922484359, 227997176]

将这里的秘钥在sub_51CB8中进行反转和处理
反转以后进行如下核心轮密钥混淆处理
do
{
++v18;
v19 = *((_DWORD *)&loc_C29E8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)BYTE2((v17 - 2)))) ^ *((_DWORD *)&unk_C25E8 + *((unsigned __int8 )qword_C21C0 + 4 * HIBYTE((v17 - 2)))) ^ *((_DWORD *)&unk_C2DE8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)BYTE1((v17 - 2)))) ^ *((_DWORD *)&unk_C31E8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)(v17 - 2)));
v20 = *((_DWORD *)&loc_C29E8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)BYTE2((v17 - 1)))) ^ *((_DWORD *)&unk_C25E8 + *((unsigned __int8 )qword_C21C0 + 4 * HIBYTE((v17 - 1)))) ^ *((_DWORD *)&unk_C2DE8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)BYTE1((v17 - 1)))) ^ *((_DWORD *)&unk_C31E8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)(v17 - 1)));
v21 = *((_DWORD *)&loc_C29E8 + *((unsigned __int8 *)qword_C21C0 + 4 * (unsigned __int8)BYTE2(*v17))) ^ *((_DWORD *)&unk_C25E8 + *((unsigned __int8 *)qword_C21C0 + 4 * HIBYTE(*v17))) ^ *((_DWORD *)&unk_C2DE8 + *((unsigned __int8 *)qword_C21C0 + 4 * (unsigned __int8)BYTE1(*v17))) ^ *((_DWORD *)&unk_C31E8 + *((unsigned __int8 *)qword_C21C0 + 4 * (unsigned __int8)*v17));
*(v17 - 3) = *((_DWORD *)&loc_C29E8
+ *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)BYTE2((v17 - 3)))) ^ *((_DWORD *)&unk_C25E8 + *((unsigned __int8 )qword_C21C0 + 4 * HIBYTE((v17 - 3)))) ^ *((_DWORD *)&unk_C2DE8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)BYTE1((v17 - 3)))) ^ *((_DWORD *)&unk_C31E8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)(v17 - 3)));
*(v17 - 2) = v19;
*(v17 - 1) = v20;
*v17 = v21;
v17 += 4;
}
while ( v18 < a3[60] );

首先看loc_C29E8指向的汇编,0x51E08,这里代表0x400c29e8的内存值
mx12

-----------------------------------------------------------------------------<
[12:29:06 920]x12=RX@0x400c29e8[libshield.so]0xc29e8, md5=1cf127c786592c0b17e76cd3a5faece9, hex=a7f4515065417e53a4171ac35e273a966bab3bcb459d1ff158faacab03e34b93fa3020556d76adf676cc88914c02f525d7e54ffccb2ac5d744352680a362b58f5ab1de491bba25670eea4598c0fe5de1752fc302f04c811297468da3f9d36bc65f8f03e79c9215957a6dbfeb595295da
size: 112
0000: A7 F4 51 50 65 41 7E 53 A4 17 1A C3 5E 27 3A 96 ..QPeA~S....^':.
0010: 6B AB 3B CB 45 9D 1F F1 58 FA AC AB 03 E3 4B 93 k.;.E...X.....K.
0020: FA 30 20 55 6D 76 AD F6 76 CC 88 91 4C 02 F5 25 .0 Umv..v...L..%
0030: D7 E5 4F FC CB 2A C5 D7 44 35 26 80 A3 62 B5 8F ..O..*..D5&..b..
0040: 5A B1 DE 49 1B BA 25 67 0E EA 45 98 C0 FE 5D E1 Z..I..%g..E...].
0050: 75 2F C3 02 F0 4C 81 12 97 46 8D A3 F9 D3 6B C6 u/...L...F....k.
0060: 5F 8F 03 E7 9C 92 15 95 7A 6D BF EB 59 52 95 DA _.......zm..YR..
^-----------------------------------------------------------------------------^

*((_DWORD *)&loc_C29E8即提取这个地址中的值,跟数组一样的原理 这里取1024试试
mx12 1024

-----------------------------------------------------------------------------<
[15:25:51 666]x12=RX@0x400c29e8[libshield.so]0xc29e8, hex=a7f4515065417e53a4171ac35e273a966bab3bcb459d1ff158faacab03e34b93fa3020556d76adf676cc88914c02f525d7e54ffccb2ac5d744352680a362b58f5ab1de491bba25670eea4598c0fe5de1752fc302f04c811297468da3f9d36bc65f8f03e79c9215957a6dbfeb595295da83bed42d217458d369e04929c8c98e4489c2756a798ef4783e58996b71b927dd4fe1beb6ad88f017ac20c9663ace7db44adf6318311ae582335197607f5362457764b1e0ae6bbb84a081fe1c2b08f99468487058fd458f196cde9487f87b52b7d373ab23024b72e28f1fe357ab55662a28ebb207c2b52f037bc5869a0837d3a5872830f2a5bf23b26a0302ba8216ed5c1ccf8a2bb479a792f207f3f0e2694ea1f4da65cdbe0506d56234d11ffea6c48a532e349d55f3a2a0e18a0532ebf6a475ec830b39ef6040aa9f715e06106ebd518a213ef906dd963d053eddaebde64d468d5491b55dc47105d406046f155060fffb981924e9bdd697434089cc9ed9677742e8b0bd8b8907885b19e738eec879db0a7ca1470f427ce91e84f8c90000000086800983ed2b324870111eac725a6c4eff0efdfb38850f56d5ae3d1e392d3627d90f0a64a65c6821545b9bd12e36243a670a0cb1e757930f96eeb4d2919b1b9ec5c0804f20dc61a24b775a691a121c16ba93e20a2aa0c0e5e0223c43171b121d0d090e0bc78bf2ada8b62db9a91e14c819f157850775af4cdd99eebb607fa3fd2601f79ff5725cbc3b6644c57efb5b3429438b76c623cbdcfcedb668f1e4b863dc31d7ca856342102297134011c68420244a857d3dbbd2f832f9ae11a129c76d2f9e1d4b30b2dcf352860dece3c177d016b32b6cb970a999489411fa64e947228cfca8c43ff0a01a2c7d56d8903322ef4e4987c7d138d9c1a2ca8cfe0bd4983681f5a6cfde7aa5288eb7da26bfad3fa49d3a2ce49278500dcc5f6a9b467e5462138df6c2b8d890e8f7392e5eafc382f5805d9fbe93d0697c2dd56fa91225cfb399acc83b7d1810a7639ce86ebb3bdb7b7826cd0918596ef4b79aec019a4f83a86e95e665e6ffaa7ecfbc2108e815efe69be7bad9366f4ace099fead47cb029d6b2a431af233f2a3194a5c63066a235c0bc4e7437ca82fca6d090e0b0d8a733159804f14adaec41f750cd7f0ef691172fd64d768db0ef434d4daacc540496e4dfb5d19ee3886a4c1b1f2cc1b85165467fea5e9d04358c015d7487fa73410bfb2e1d67b35ad2db92525610e93347d66d1361d79a8c0ca1377a14f8598e3c13eb8927a9ceeec961b735e51ce1edb1477a3cdfd29c5973f2553fce14187937c773bfcdf753eaaafd5f5b6f3ddf14db447886f3afca81c468b93e3424382c40a3c25fc31d167225e2bc0c493c288b950dff4101a83971b30c08dee4b4d89cc156649084cb7b61b632d5705c6c487457b8d042, md5=531dcbd9f4070383b0a93951fe503db9
size: 1024
0000: A7 F4 51 50 65 41 7E 53 A4 17 1A C3 5E 27 3A 96 ..QPeA.[4
0220: 29 43 8B 76 C6 23 CB DC FC ED B6 68 F1 E4 B8 63 )C.v.#.....h...c
0230: DC 31 D7 CA 85 63 42 10 22 97 13 40 11 C6 84 20 .1...cB."..@...
0240: 24 4A 85 7D 3D BB D2 F8 32 F9 AE 11 A1 29 C7 6D $J.}=...2....).m
0250: 2F 9E 1D 4B 30 B2 DC F3 52 86 0D EC E3 C1 77 D0 /..K0...R.....w.
0260: 16 B3 2B 6C B9 70 A9 99 48 94 11 FA 64 E9 47 22 ..+l.p..H...d.G"
0270: 8C FC A8 C4 3F F0 A0 1A 2C 7D 56 D8 90 33 22 EF ....?...,}V..3".
0280: 4E 49 87 C7 D1 38 D9 C1 A2 CA 8C FE 0B D4 98 36 NI...8.........6
0290: 81 F5 A6 CF DE 7A A5 28 8E B7 DA 26 BF AD 3F A4 .....z.(...&..?.
02A0: 9D 3A 2C E4 92 78 50 0D CC 5F 6A 9B 46 7E 54 62 .:,..xP..j.F..!.....
0300: 9B E7 BA D9 36 6F 4A CE 09 9F EA D4 7C B0 29 D6 ....6oJ.....|.).
0310: B2 A4 31 AF 23 3F 2A 31 94 A5 C6 30 66 A2 35 C0 ..1.#?*1...0f.5.
0320: BC 4E 74 37 CA 82 FC A6 D0 90 E0 B0 D8 A7 33 15 .Nt7..........3.
0330: 98 04 F1 4A DA EC 41 F7 50 CD 7F 0E F6 91 17 2F ...J..A.P....../
0340: D6 4D 76 8D B0 EF 43 4D 4D AA CC 54 04 96 E4 DF .Mv...CMM..T....
0350: B5 D1 9E E3 88 6A 4C 1B 1F 2C C1 B8 51 65 46 7F .....jL..,..QeF.
0360: EA 5E 9D 04 35 8C 01 5D 74 87 FA 73 41 0B FB 2E .^..5..]t..sA...
0370: 1D 67 B3 5A D2 DB 92 52 56 10 E9 33 47 D6 6D 13 .g.Z...RV..3G.m.
0380: 61 D7 9A 8C 0C A1 37 7A 14 F8 59 8E 3C 13 EB 89 a.....7z..Y.<...
0390: 27 A9 CE EE C9 61 B7 35 E5 1C E1 ED B1 47 7A 3C '....a.5.....Gz<
03A0: DF D2 9C 59 73 F2 55 3F CE 14 18 79 37 C7 73 BF ...Ys.U?...y7.s.
03B0: CD F7 53 EA AA FD 5F 5B 6F 3D DF 14 DB 44 78 86 ..S..._[o=...Dx.
03C0: F3 AF CA 81 C4 68 B9 3E 34 24 38 2C 40 A3 C2 5F .....h.>4$8,@..
03D0: C3 1D 16 72 25 E2 BC 0C 49 3C 28 8B 95 0D FF 41 ...r%...I<(....A
03E0: 01 A8 39 71 B3 0C 08 DE E4 B4 D8 9C C1 56 64 90 ..9q.........Vd.
03F0: 84 CB 7B 61 B6 32 D5 70 5C 6C 48 74 57 B8 D0 42 ..{a.2.p\lHtW..B
^-----------------------------------------------------------------------------^

获取unk_C25E8的内存值,打断点unk_C25E8,mx11取值 一般默认长度1024,去IDA检查一下
LDR W3, [X11,X3,LSL#2]
mx11 1024

-----------------------------------------------------------------------------<
[12:44:06 711]x11=RX@0x400c25e8[libshield.so]0xc25e8, hex=50a7f4515365417ec3a4171a965e273acb6bab3bf1459d1fab58faac9303e34b55fa3020f66d76ad9176cc88254c02f5fcd7e54fd7cb2ac5804435268fa362b5495ab1de671bba25980eea45e1c0fe5d02752fc312f04c81a397468dc6f9d36be75f8f03959c9215eb7a6dbfda5952952d83bed4d32174582969e04944c8c98e6a89c27578798ef46b3e5899dd71b927b64fe1be17ad88f066ac20c9b43ace7d184adf6382311ae560335197457f5362e07764b184ae6bbb1ca081fe942b08f95868487019fd458f876cde94b7f87b5223d373abe2024b72578f1fe32aab55660728ebb203c2b52f9a7bc586a50837d3f2872830b2a5bf23ba6a03025c8216ed2b1ccf8a92b479a7f0f207f3a1e2694ecdf4da65d5be05061f6234d18afea6c49d532e34a055f3a232e18a0575ebf6a439ec830baaef6040069f715e51106ebdf98a213e3d06dd96ae053edd46bde64db58d5491055dc4716fd40604ff15506024fb981997e9bdd6cc434089779ed967bd42e8b0888b8907385b19e7dbeec879470a7ca1e90f427cc91e84f8000000008386800948ed2b32ac70111e4e725a6cfbff0efd5638850f1ed5ae3d27392d3664d90f0a21a65c68d1545b9b3a2e3624b1670a0c0fe75793d296eeb49e919b1b4fc5c080a220dc61694b775a161a121c0aba93e2e52aa0c043e0223c1d171b120b0d090eadc78bf2b9a8b62dc8a91e148519f1574c0775afbbdd99eefd607fa39f2601f7bcf5725cc53b6644347efb5b7629438bdcc623cb68fcedb663f1e4b8cadc31d710856342402297132011c6847d244a85f83dbbd21132f9ae6da129c74b2f9e1df330b2dcec52860dd0e3c1776c16b32b99b970a9fa4894112264e947c48cfca81a3ff0a0d82c7d56ef903322c74e4987c1d138d9fea2ca8c360bd498cf81f5a628de7aa5268eb7daa4bfad3fe49d3a2c0d9278509bcc5f6a62467e54c2138df6e8b8d8905ef7392ef5afc382be805d9f7c93d069a92dd56fb31225cf3b99acc8a77d18106e639ce87bbb3bdb097826cdf418596e01b79aeca89a4f83656e95e67ee6ffaa08cfbc21e6e815efd99be7bace366f4ad4099fead67cb029afb2a43131233f2a3094a5c6c066a23537bc4e74a6ca82fcb0d090e015d8a7334a9804f1f7daec410e50cd7f2ff691178dd64d764db0ef43544daaccdf0496e4e3b5d19e1b886a4cb81f2cc17f51654604ea5e9d5d358c01737487fa2e410bfb5a1d67b352d2db92335610e91347d66d8c61d79a7a0ca1378e14f859893c13ebee27a9ce35c961b7ede51ce13cb1477a59dfd29c3f73f25579ce1418bf37c773eacdf7535baafd5f146f3ddf86db447881f3afca3ec468b92c3424385f40a3c272c31d160c25e2bc8b493c2841950dff7101a839deb30c089ce4b4d890c156646184cb7b70b632d5745c6c484257b8d0, md5=3189c96a7096794ff301218dbe9b4b28
size: 1024
0000: 50 A7 F4 51 53 65 41 7E C3 A4 17 1A 96 5E 27 3A P..QSeA.[
0220: 76 29 43 8B DC C6 23 CB 68 FC ED B6 63 F1 E4 B8 v)C...#.h...c...
0230: CA DC 31 D7 10 85 63 42 40 22 97 13 20 11 C6 84 ..1...cB@".. ...
0240: 7D 24 4A 85 F8 3D BB D2 11 32 F9 AE 6D A1 29 C7 }$J..=...2..m.).
0250: 4B 2F 9E 1D F3 30 B2 DC EC 52 86 0D D0 E3 C1 77 K/...0...R.....w
0260: 6C 16 B3 2B 99 B9 70 A9 FA 48 94 11 22 64 E9 47 l..+..p..H.."d.G
0270: C4 8C FC A8 1A 3F F0 A0 D8 2C 7D 56 EF 90 33 22 .....?...,}V..3"
0280: C7 4E 49 87 C1 D1 38 D9 FE A2 CA 8C 36 0B D4 98 .NI...8.....6...
0290: CF 81 F5 A6 28 DE 7A A5 26 8E B7 DA A4 BF AD 3F ....(.z.&......?
02A0: E4 9D 3A 2C 0D 92 78 50 9B CC 5F 6A 62 46 7E 54 ..:,..xP..jbF......!....
0300: D9 9B E7 BA CE 36 6F 4A D4 09 9F EA D6 7C B0 29 .....6oJ.....|.)
0310: AF B2 A4 31 31 23 3F 2A 30 94 A5 C6 C0 66 A2 35 ...11#?*0....f.5
0320: 37 BC 4E 74 A6 CA 82 FC B0 D0 90 E0 15 D8 A7 33 7.Nt...........3
0330: 4A 98 04 F1 F7 DA EC 41 0E 50 CD 7F 2F F6 91 17 J......A.P../...
0340: 8D D6 4D 76 4D B0 EF 43 54 4D AA CC DF 04 96 E4 ..MvM..CTM......
0350: E3 B5 D1 9E 1B 88 6A 4C B8 1F 2C C1 7F 51 65 46 ......jL..,..QeF
0360: 04 EA 5E 9D 5D 35 8C 01 73 74 87 FA 2E 41 0B FB ..^.]5..st...A..
0370: 5A 1D 67 B3 52 D2 DB 92 33 56 10 E9 13 47 D6 6D Z.g.R...3V...G.m
0380: 8C 61 D7 9A 7A 0C A1 37 8E 14 F8 59 89 3C 13 EB .a..z..7...Y.<..
0390: EE 27 A9 CE 35 C9 61 B7 ED E5 1C E1 3C B1 47 7A .'..5.a.....<.Gz
03A0: 59 DF D2 9C 3F 73 F2 55 79 CE 14 18 BF 37 C7 73 Y...?s.Uy....7.s
03B0: EA CD F7 53 5B AA FD 5F 14 6F 3D DF 86 DB 44 78 ...S[.._.o=...Dx
03C0: 81 F3 AF CA 3E C4 68 B9 2C 34 24 38 5F 40 A3 C2 ....>.h.,4$8@..
03D0: 72 C3 1D 16 0C 25 E2 BC 8B 49 3C 28 41 95 0D FF r....%...I<(A...
03E0: 71 01 A8 39 DE B3 0C 08 9C E4 B4 D8 90 C1 56 64 q..9..........Vd
03F0: 61 84 CB 7B 70 B6 32 D5 74 5C 6C 48 42 57 B8 D0 a..{p.2.t\lHBW..
^-----------------------------------------------------------------------------^

unk_C2DE8同理
mx13 1024

-----------------------------------------------------------------------------<
[12:50:58 826]x13=RX@0x400c2de8[libshield.so]0xc2de8, hex=f45150a7417e5365171ac3a4273a965eab3bcb6b9d1ff145faacab58e34b9303302055fa76adf66dcc88917602f5254ce54ffcd72ac5d7cb3526804462b58fa3b1de495aba25671bea45980efe5de1c02fc302754c8112f0468da397d36bc6f98f03e75f9215959c6dbfeb7a5295da59bed42d837458d321e0492969c98e44c8c2756a898ef4787958996b3eb927dd71e1beb64f88f017ad20c966acce7db43adf63184a1ae58231519760335362457f64b1e0776bbb84ae81fe1ca008f9942b48705868458f19fdde94876c7b52b7f873ab23d34b72e2021fe3578f55662aabebb20728b52f03c2c5869a7b37d3a5082830f287bf23b2a50302ba6a16ed5c82cf8a2b1c79a792b407f3f0f2694ea1e2da65cdf40506d5be34d11f62a6c48afe2e349d53f3a2a0558a0532e1f6a475eb830b39ec6040aaef715e069f6ebd5110213ef98add963d063eddae05e64d46bd5491b58dc471055d06046fd45060ff15981924fbbdd697e94089cc43d967779ee8b0bd428907888b19e7385bc879dbee7ca1470a427ce90f84f8c91e00000000800983862b3248ed111eac705a6c4e720efdfbff850f5638ae3d1ed52d3627390f0a64d95c6821a65b9bd15436243a2e0a0cb16757930fe7eeb4d2969b1b9e91c0804fc5dc61a220775a694b121c161a93e20abaa0c0e52a223c43e01b121d17090e0b0d8bf2adc7b62db9a81e14c8a9f157851975af4c0799eebbdd7fa3fd6001f79f26725cbcf56644c53bfb5b347e438b762923cbdcc6edb668fce4b863f131d7cadc6342108597134022c68420114a857d24bbd2f83df9ae113229c76da19e1d4b2fb2dcf330860dec52c177d0e3b32b6c1670a999b99411fa48e9472264fca8c48cf0a01a3f7d56d82c3322ef904987c74e38d9c1d1ca8cfea2d498360bf5a6cf817aa528deb7da268ead3fa4bf3a2ce49d78500d925f6a9bcc7e5462468df6c213d890e8b8392e5ef7c382f5af5d9fbe80d0697c93d56fa92d25cfb312acc83b991810a77d9ce86e633bdb7bbb26cd0978596ef4189aec01b74f83a89a95e6656effaa7ee6bc2108cf15efe6e8e7bad99b6f4ace369fead409b029d67ca431afb23f2a3123a5c63094a235c0664e7437bc82fca6ca90e0b0d0a73315d804f14a98ec41f7dacd7f0e5091172ff64d768dd6ef434db0aacc544d96e4df04d19ee3b56a4c1b882cc1b81f65467f515e9d04ea8c015d3587fa73740bfb2e4167b35a1ddb9252d210e93356d66d1347d79a8c61a1377a0cf8598e1413eb893ca9ceee2761b735c91ce1ede5477a3cb1d29c59dff2553f73141879cec773bf37f753eacdfd5f5baa3ddf146f447886dbafca81f368b93ec424382c34a3c25f401d1672c3e2bc0c253c288b490dff4195a83971010c08deb3b4d89ce4566490c1cb7b618432d570b66c48745cb8d04257, md5=500195d8b2539fe1ea00792dd74a57c5
size: 1024
0000: F4 51 50 A7 41 7E 53 65 17 1A C3 A4 27 3A 96 5E .QP.A
0220: 43 8B 76 29 23 CB DC C6 ED B6 68 FC E4 B8 63 F1 C.v)#.....h...c.
0230: 31 D7 CA DC 63 42 10 85 97 13 40 22 C6 84 20 11 1...cB....@".. .
0240: 4A 85 7D 24 BB D2 F8 3D F9 AE 11 32 29 C7 6D A1 J.}$...=...2).m.
0250: 9E 1D 4B 2F B2 DC F3 30 86 0D EC 52 C1 77 D0 E3 ..K/...0...R.w..
0260: B3 2B 6C 16 70 A9 99 B9 94 11 FA 48 E9 47 22 64 .+l.p......H.G"d
0270: FC A8 C4 8C F0 A0 1A 3F 7D 56 D8 2C 33 22 EF 90 .......?}V.,3"..
0280: 49 87 C7 4E 38 D9 C1 D1 CA 8C FE A2 D4 98 36 0B I..N8.........6.
0290: F5 A6 CF 81 7A A5 28 DE B7 DA 26 8E AD 3F A4 BF ....z.(...&..?..
02A0: 3A 2C E4 9D 78 50 0D 92 5F 6A 9B CC 7E 54 62 46 :,..xP..j....!......
0300: E7 BA D9 9B 6F 4A CE 36 9F EA D4 09 B0 29 D6 7C ....oJ.6.....).|
0310: A4 31 AF B2 3F 2A 31 23 A5 C6 30 94 A2 35 C0 66 .1..?*1#..0..5.f
0320: 4E 74 37 BC 82 FC A6 CA 90 E0 B0 D0 A7 33 15 D8 Nt7..........3..
0330: 04 F1 4A 98 EC 41 F7 DA CD 7F 0E 50 91 17 2F F6 ..J..A.....P../.
0340: 4D 76 8D D6 EF 43 4D B0 AA CC 54 4D 96 E4 DF 04 Mv...CM...TM....
0350: D1 9E E3 B5 6A 4C 1B 88 2C C1 B8 1F 65 46 7F 51 ....jL..,...eF.Q
0360: 5E 9D 04 EA 8C 01 5D 35 87 FA 73 74 0B FB 2E 41 ^.....]5..st...A
0370: 67 B3 5A 1D DB 92 52 D2 10 E9 33 56 D6 6D 13 47 g.Z...R...3V.m.G
0380: D7 9A 8C 61 A1 37 7A 0C F8 59 8E 14 13 EB 89 3C ...a.7z..Y.....<
0390: A9 CE EE 27 61 B7 35 C9 1C E1 ED E5 47 7A 3C B1 ...'a.5.....Gz<.
03A0: D2 9C 59 DF F2 55 3F 73 14 18 79 CE C7 73 BF 37 ..Y..U?s..y..s.7
03B0: F7 53 EA CD FD 5F 5B AA 3D DF 14 6F 44 78 86 DB .S..._[.=..oDx..
03C0: AF CA 81 F3 68 B9 3E C4 24 38 2C 34 A3 C2 5F 40 ....h.>.$8,4..@
03D0: 1D 16 72 C3 E2 BC 0C 25 3C 28 8B 49 0D FF 41 95 ..r....%<(.I..A.
03E0: A8 39 71 01 0C 08 DE B3 B4 D8 9C E4 56 64 90 C1 .9q.........Vd..
03F0: CB 7B 61 84 32 D5 70 B6 6C 48 74 5C B8 D0 42 57 .{a.2.p.lHt..BW
^-----------------------------------------------------------------------------^

unk_C31E8同理 打断点0x51E9C
mx14 1024

-----------------------------------------------------------------------------<
[14:03:05 699]x14=RX@0x400c31e8[libshield.so]0xc31e8, hex=5150a7f47e5365411ac3a4173a965e273bcb6bab1ff1459dacab58fa4b9303e32055fa30adf66d76889176ccf5254c024ffcd7e5c5d7cb2a26804435b58fa362de495ab125671bba45980eea5de1c0fec302752f8112f04c8da397466bc6f9d303e75f8f15959c92bfeb7a6d95da5952d42d83be58d32174492969e08e44c8c9756a89c2f478798e996b3e5827dd71b9beb64fe1f017ad88c966ac207db43ace63184adfe582311a9760335162457f53b1e07764bb84ae6bfe1ca081f9942b08705868488f19fd4594876cde52b7f87bab23d37372e2024be3578f1f662aab55b20728eb2f03c2b5869a7bc5d3a5083730f2872823b2a5bf02ba6a03ed5c82168a2b1ccfa792b479f3f0f2074ea1e26965cdf4da06d5be05d11f6234c48afea6349d532ea2a055f30532e18aa475ebf60b39ec8340aaef605e069f71bd51106e3ef98a21963d06ddddae053e4d46bde691b58d5471055dc4046fd40660ff15501924fb98d697e9bd89cc434067779ed9b0bd42e807888b89e7385b1979dbeec8a1470a7c7ce90f42f8c91e8400000000098386803248ed2b1eac70116c4e725afdfbff0e0f5638853d1ed5ae3627392d0a64d90f6821a65c9bd1545b243a2e360cb1670a930fe757b4d296ee1b9e919b804fc5c061a220dc5a694b771c161a12e20aba93c0e52aa03c43e022121d171b0e0b0d09f2adc78b2db9a8b614c8a91e578519f1af4c0775eebbdd99a3fd607ff79f26015cbcf57244c53b665b347efb8b762943cbdcc623b668fcedb863f1e4d7cadc314210856313402297842011c6857d244ad2f83dbbae1132f9c76da1291d4b2f9edcf330b20dec528677d0e3c12b6c16b3a999b97011fa4894472264e9a8c48cfca01a3ff056d82c7d22ef903387c74e49d9c1d1388cfea2ca98360bd4a6cf81f5a528de7ada268eb73fa4bfad2ce49d3a500d92786a9bcc5f5462467ef6c2138d90e8b8d82e5ef73982f5afc39fbe805d697c93d06fa92dd5cfb31225c83b99ac10a77d18e86e639cdb7bbb3bcd0978266ef41859ec01b79a83a89a4fe6656e95aa7ee6ff2108cfbcefe6e815bad99be74ace366fead4099f29d67cb031afb2a42a31233fc63094a535c066a27437bc4efca6ca82e0b0d0903315d8a7f14a980441f7daec7f0e50cd172ff691768dd64d434db0efcc544daae4df04969ee3b5d14c1b886ac1b81f2c467f51659d04ea5e015d358cfa737487fb2e410bb35a1d679252d2dbe93356106d1347d69a8c61d7377a0ca1598e14f8eb893c13ceee27a9b735c961e1ede51c7a3cb1479c59dfd2553f73f21879ce1473bf37c753eacdf75f5baafddf146f3d7886db44ca81f3afb93ec468382c3424c25f40a31672c31dbc0c25e2288b493cff41950d397101a808deb30cd89ce4b46490c1567b6184cbd570b63248745c6cd04257b8, md5=196fec526e9b7f6fe28798ecaeb9f438
size: 1024
0000: 51 50 A7 F4 7E 53 65 41 1A C3 A4 17 3A 96 5E 27 QP...
0220: 8B 76 29 43 CB DC C6 23 B6 68 FC ED B8 63 F1 E4 .v)C...#.h...c..
0230: D7 CA DC 31 42 10 85 63 13 40 22 97 84 20 11 C6 ...1B..c.@".. ..
0240: 85 7D 24 4A D2 F8 3D BB AE 11 32 F9 C7 6D A1 29 .}$J..=...2..m.)
0250: 1D 4B 2F 9E DC F3 30 B2 0D EC 52 86 77 D0 E3 C1 .K/...0...R.w...
0260: 2B 6C 16 B3 A9 99 B9 70 11 FA 48 94 47 22 64 E9 +l.....p..H.G"d.
0270: A8 C4 8C FC A0 1A 3F F0 56 D8 2C 7D 22 EF 90 33 ......?.V.,}"..3
0280: 87 C7 4E 49 D9 C1 D1 38 8C FE A2 CA 98 36 0B D4 ..NI...8.....6..
0290: A6 CF 81 F5 A5 28 DE 7A DA 26 8E B7 3F A4 BF AD .....(.z.&..?...
02A0: 2C E4 9D 3A 50 0D 92 78 6A 9B CC 5F 54 62 46 7E ,..:P..xj..TbF~
02B0: F6 C2 13 8D 90 E8 B8 D8 2E 5E F7 39 82 F5 AF C3 .........^.9....
02C0: 9F BE 80 5D 69 7C 93 D0 6F A9 2D D5 CF B3 12 25 ...]i|..o.-....%
02D0: C8 3B 99 AC 10 A7 7D 18 E8 6E 63 9C DB 7B BB 3B .;....}..nc..{.;
02E0: CD 09 78 26 6E F4 18 59 EC 01 B7 9A 83 A8 9A 4F ..x&n..Y.......O
02F0: E6 65 6E 95 AA 7E E6 FF 21 08 CF BC EF E6 E8 15 .en..~..!.......
0300: BA D9 9B E7 4A CE 36 6F EA D4 09 9F 29 D6 7C B0 ....J.6o....).|.
0310: 31 AF B2 A4 2A 31 23 3F C6 30 94 A5 35 C0 66 A2 1...*1#?.0..5.f.
0320: 74 37 BC 4E FC A6 CA 82 E0 B0 D0 90 33 15 D8 A7 t7.N........3...
0330: F1 4A 98 04 41 F7 DA EC 7F 0E 50 CD 17 2F F6 91 .J..A.....P../..
0340: 76 8D D6 4D 43 4D B0 EF CC 54 4D AA E4 DF 04 96 v..MCM...TM.....
0350: 9E E3 B5 D1 4C 1B 88 6A C1 B8 1F 2C 46 7F 51 65 ....L..j...,F.Qe
0360: 9D 04 EA 5E 01 5D 35 8C FA 73 74 87 FB 2E 41 0B ...^.]5..st...A.
0370: B3 5A 1D 67 92 52 D2 DB E9 33 56 10 6D 13 47 D6 .Z.g.R...3V.m.G.
0380: 9A 8C 61 D7 37 7A 0C A1 59 8E 14 F8 EB 89 3C 13 ..a.7z..Y.....<.
0390: CE EE 27 A9 B7 35 C9 61 E1 ED E5 1C 7A 3C B1 47 ..'..5.a....z<.G
03A0: 9C 59 DF D2 55 3F 73 F2 18 79 CE 14 73 BF 37 C7 .Y..U?s..y..s.7.
03B0: 53 EA CD F7 5F 5B AA FD DF 14 6F 3D 78 86 DB 44 S..._[....o=x..D
03C0: CA 81 F3 AF B9 3E C4 68 38 2C 34 24 C2 5F 40 A3 .....>.h8,4$.@.
03D0: 16 72 C3 1D BC 0C 25 E2 28 8B 49 3C FF 41 95 0D .r....%.(.I<.A..
03E0: 39 71 01 A8 08 DE B3 0C D8 9C E4 B4 64 90 C1 56 9q..........d..V
03F0: 7B 61 84 CB D5 70 B6 32 48 74 5C 6C D0 42 57 B8 {a...p.2Ht\l.BW.
^-----------------------------------------------------------------------------^

模拟生成解密密钥 打断点0xsub_51868中拿到内存中的解密密钥

mx3 176

-----------------------------------------------------------------------------<
[22:19:50 995]x3=unidbg@0xbffff350, md5=dcc965dfd588772f061ff8078a47e07a, hex=49509d45c2e8ffd3875ccce9f8f5960dd9ef91a49dc3e178013a9c5fc33436a9915f8dbb442c70dc9cf97d27c20eaaf631554006d573fd67d8d50dfb5ef7d7d13b3aeacde426bd610da6f09c8622da2a1bae34eedf1c57ace9804dfd8b842ab670f31a3dc4b26342369c1a516204674b5b97006bb441797ff22e791354987d1a6dd29292efd67914466f006ca6b604099cbe5d5f8204eb86a9b97978e0d904650318b0c2402265cc607036dca87b0e94
size: 176
0000: 49 50 9D 45 C2 E8 FF D3 87 5C CC E9 F8 F5 96 0D IP.E...........
0010: D9 EF 91 A4 9D C3 E1 78 01 3A 9C 5F C3 34 36 A9 .......x.:..46.
0020: 91 5F 8D BB 44 2C 70 DC 9C F9 7D 27 C2 0E AA F6 ...D,p...}'....
0030: 31 55 40 06 D5 73 FD 67 D8 D5 0D FB 5E F7 D7 D1 1U@..s.g....^...
0040: 3B 3A EA CD E4 26 BD 61 0D A6 F0 9C 86 22 DA 2A ;:...&.a.....".*
0050: 1B AE 34 EE DF 1C 57 AC E9 80 4D FD 8B 84 2A B6 ..4...W...M...*.
0060: 70 F3 1A 3D C4 B2 63 42 36 9C 1A 51 62 04 67 4B p..=..cB6..Qb.gK
0070: 5B 97 00 6B B4 41 79 7F F2 2E 79 13 54 98 7D 1A [..k.Ay...y.T.}.
0080: 6D D2 92 92 EF D6 79 14 46 6F 00 6C A6 B6 04 09 m.....y.Fo.l....
0090: 9C BE 5D 5F 82 04 EB 86 A9 B9 79 78 E0 D9 04 65 ..]_......yx...e
00A0: 03 18 B0 C2 40 22 65 CC 60 70 36 DC A8 7B 0E 94 ....@"e.`p6..{..
^-----------------------------------------------------------------------------^

#################
term1_idx = int(qword_C21C0[byte2], 16) # BYTE2 问题出现在这 qword_C21C0取出来的值是1个字节和4个字节的情况
term1 = int(loc_C29E8[term1_idx], 16)

v19 = *((_DWORD *)&loc_C29E8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)BYTE2((v17 - 2)))) ^ *((_DWORD *)&unk_C25E8 + *((unsigned __int8 )qword_C21C0 + 4 * HIBYTE((v17 - 2)))) ^ *((_DWORD *)&unk_C2DE8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)BYTE1((v17 - 2)))) ^ *((_DWORD *)&unk_C31E8 + *((unsigned __int8 )qword_C21C0 + 4 * (unsigned __int8)(v17 - 2)));

temp = (int(qword_C15C0[byte2], 16) & 0xFF000000) ^ (int(qword_C19C0[byte1], 16) & 0xFF0000) ^ (int(RijnDael_AES_C1DC0[byte0], 16) & 0xFF00) ^ (int(qword_C21C0[byte3], 16) & 0x000000FF) ^ int(unk_C25C0[v6 // 4], 16)

v5 ^= *((_DWORD *)qword_C15C0 + BYTE2(v8)) & 0xFF000000 ^ *((_DWORD *)qword_C19C0 + BYTE1(v8)) & 0xFF0000 ^ *((_DWORD *)qword_C1DC0 + (unsigned __int8)v8) & 0xFF00 ^ *((unsigned __int8 *)qword_C21C0 + 4 * HIBYTE(v8)) ^ *(_DWORD *)((char *)&unk_C25C0 + v6);
#################
上述问题修复以后,成功还原解密密钥

=============================================================================================
从sub_C15B8中成功生成了解密轮密钥数组,IDA中查看代码,猜测是在sub_51868中实现了解密

在sub_4B39C中
对函数中的第二个memcpy打断点 发现其src为解密后的值,故将sub_4B39C这个函数完全模拟就是我们想要的函数
void *memcpy(void *dest, const void *src, size_t n); dest:目标地址 src:源地址 n:要复制的字节数
memcpy(a5 + 1, v11 + 16, a2 - 16 - (int)v13);
其中v11 + 16指向的就是解密后的数据

所以sub_51868(a1, (__int64)v11, a2, (__int64)v16, (__int64)&v15, 0);第二个参数就是存放解密后的值
[17:50:12 531]x1=RW@0x4045e010, md5=78094efa10b35cbdb33ac8ea058b505f, hex=f6af0f73aa2cf7633bcc8bde567ae361aa6a5ea44c38e4e8e010f66df66769aef18579c66eca8f9ea278adfb420c5ccbace08d6cf06d843791744906b7a9e6dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
size: 112
0000: F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61 ...s.,.c;...Vz.a
0010: AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE .j^.L8.....m.gi.
0020: F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB ..y.n....x..B..
0030: AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC ...l.m.7.tI.....
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

trace以后发现函数只经过了sub_5290C进行解密
[17:50:35 038] Memory WRITE at 0x4045e010, data size = 8, data value = 0x63f72caa730faff6, PC=RX@0x40052a6c[libshield.so]0x52a6c, LR=RX@0x40052998[libshield.so]0x52998

sub_51868(a1, (__int64)v11, a2, (__int64)v16, (__int64)&v15, 0);

__int64 __fastcall sub_51868(__int64 a1, __int64 a2, __int64 a3, __int64 a4, __int64 a5, int a6)
{
if ( a6 )
return sub_526D0(a1, a2, a3, a4, a5, off_108CB0);
else
return sub_5290C(a1, a2, a3, a4, a5, off_108D80);
}

并且因为a6=0,所以确定解密的函数是sub_5290C
__int64 __fastcall sub_5290C(
__int64 result, // 存储的是密文
__int64 a2,
unsigned __int64 a3,
__int64 a4, // 存储的解密密钥
unsigned __int64 a5, // 比a4多一行数据 0000: 31 01 32 34 04 02 08 61 66 7A 66 66 07 17 66 39 1.24...afzff..f9
__int64 (__fastcall *a6)(__int64, _BYTE *, __int64)) // 解密数据

在函数内部又查看到了这个逻辑,a6函数是单块进行解密的函数
result = a6(v8, v36, a4);
IDA中点进去发现是
LOAD:00000000000000A0 DCQ 0x1F180 ; Size in memory image
猜测这里代表我们跳转的一个功能的具体大小

重新tab查看a6汇编发现直接跳转到X8指向的内容
.text&ARM.extab:0000000000052988 LDP X2, X8, [SP,#0xA0+var_88]
.text&ARM.extab:000000000005298C MOV X0, X20
.text&ARM.extab:0000000000052990 NEG X28, X22
.text&ARM.extab:0000000000052994 BLR X8
unidbg查看mx8的值发现

-----------------------------------------------------------------------------<
[21:55:15 805]x8=RX@0x400522f4[libshield.so]0x522f4, md5=c0bf27544db7bf75e25093befaed4552, hex=f50f1ef8f44f01a908004039090440390c10403912304039081d08530d14403910204039281d1033093440390e184039112440390a0840398c1d0853521e08530b0c4039101e0853ac1d1033321d103309284039301e10334d444029cc1d18330e2c403945f040b90f1c4039481d1833
size: 112
0000: F5 0F 1E F8 F4 4F 01 A9 08 00 40 39 09 04 40 39 .....O....@9..@9
0010: 0C 10 40 39 12 30 40 39 08 1D 08 53 0D 14 40 39 ..@9.0@9...S..@9
0020: 10 20 40 39 28 1D 10 33 09 34 40 39 0E 18 40 39 . @9(..3.4@9..@9
0030: 11 24 40 39 0A 08 40 39 8C 1D 08 53 52 1E 08 53 .$@9..@9...SR..S
0040: 0B 0C 40 39 10 1E 08 53 AC 1D 10 33 32 1D 10 33 ..@9...S...32..3
0050: 09 28 40 39 30 1E 10 33 4D 44 40 29 CC 1D 18 33 .(@90..3MD@)...3
0060: 0E 2C 40 39 45 F0 40 B9 0F 1C 40 39 48 1D 18 33 .,@9E.@...@9H..3
^-----------------------------------------------------------------------------^
根据内存发现这个函数在0x522f4也有定义,跟踪过去
这就是AES单块解密的核心函数

__int64 __fastcall sub_522F4(unsigned int *a1, _BYTE *a2, _DWORD *a3)
{
unsigned int v3; // w16
int v4; // w13
unsigned int v5; // w17
__int64 v6; // x14
_DWORD *v7; // x11
unsigned int v8; // w18
unsigned int i; // w0
int v10; // w6
int v11; // w19
unsigned int v12; // w5
int v13; // w17
int v14; // w3
int v15; // w4
int v16; // w5
int v17; // w18
int v18; // w0
int v19; // w6
int v20; // w7
int v21; // w19
int v22; // w19
int v23; // w4
int v24; // w20
int v25; // w3
int v26; // w18
int v27; // w4
unsigned int v28; // w16
unsigned int v29; // w17
unsigned int v30; // w18
unsigned int v31; // w0
__int64 v32; // x3
unsigned __int8 v33; // w11
unsigned int v34; // w13
_DWORD *v35; // x9
int v36; // w8
int v37; // w14
unsigned __int8 v38; // w15
unsigned __int8 v39; // w2
int v40; // w4
int v41; // w5
unsigned __int8 v42; // w6
unsigned __int8 v43; // w7
int v44; // w19
__int64 result; // x0
unsigned __int8 v46; // w17
int v47; // w10
int v48; // w8
int v49; // w8
int v50; // w8
int v51; // w8

v3 = _byteswap_ulong(*a1) ^ *a3;
v4 = (int)a3[60] >> 1;
v5 = _byteswap_ulong(a1[1]) ^ a3[1];
v6 = 8LL * (unsigned int)(v4 - 1);
v7 = a3 + 6;
v8 = _byteswap_ulong(a1[2]) ^ a3[2];
for ( i = _byteswap_ulong(a1[3]) ^ a3[3]; ; i = v21 ^ v20 )
{
v22 = *((_DWORD *)&loc_C29E8 + BYTE2(v5)) ^ *((_DWORD *)&unk_C25E8 + HIBYTE(v8));
v23 = *((_DWORD *)&loc_C29E8 + BYTE2(v8)) ^ *((_DWORD *)&unk_C25E8 + HIBYTE(i));
v24 = *((_DWORD *)&unk_C2DE8 + BYTE1(v3));
v25 = *((_DWORD *)&loc_C29E8 + BYTE2(i)) ^ *((_DWORD *)&unk_C25E8 + HIBYTE(v3)) ^ *((_DWORD *)&unk_C2DE8 + BYTE1(v8));
v26 = *((_DWORD *)&loc_C29E8 + BYTE2(v3)) ^ *((_DWORD *)&unk_C25E8 + HIBYTE(v5)) ^ *((_DWORD *)&unk_C2DE8 + BYTE1(i)) ^ *((_DWORD *)&unk_C31E8 + (unsigned __int8)v8);
v27 = v23 ^ *((_DWORD *)&unk_C2DE8 + BYTE1(v5)) ^ *((_DWORD *)&unk_C31E8 + (unsigned __int8)v3);
v28 = v25 ^ *((_DWORD *)&unk_C31E8 + (unsigned __int8)v5) ^ *(v7 - 2);
v29 = v26 ^ *(v7 - 1);
v30 = v22 ^ v24 ^ *((_DWORD *)&unk_C31E8 + (unsigned __int8)i) ^ *v7;
v31 = v27 ^ v7[1];
--v4;
v32 = HIBYTE(v28);
if ( !v4 )
break;
v10 = *((_DWORD *)&loc_C29E8 + BYTE2(v28)) ^ *((_DWORD *)&unk_C25E8 + HIBYTE(v29));
v11 = *((_DWORD *)&loc_C29E8 + BYTE2(v29)) ^ *((_DWORD *)&unk_C25E8 + HIBYTE(v30));
v12 = (unsigned __int8)v29;
v13 = *((_DWORD *)&loc_C29E8 + BYTE2(v30)) ^ *((_DWORD *)&unk_C25E8 + HIBYTE(v31)) ^ *((_DWORD *)&unk_C2DE8
+ BYTE1(v29));
v14 = *((_DWORD *)&loc_C29E8 + BYTE2(v31)) ^ *((_DWORD *)&unk_C25E8 + v32) ^ *((_DWORD *)&unk_C2DE8 + BYTE1(v30)) ^ *((_DWORD *)&unk_C31E8 + v12);
v15 = v7[2];
v16 = v7[3];
v17 = v10 ^ *((_DWORD *)&unk_C2DE8 + BYTE1(v31)) ^ *((_DWORD *)&unk_C31E8 + (unsigned __int8)v30);
v18 = v11 ^ *((_DWORD *)&unk_C2DE8 + BYTE1(v28)) ^ *((_DWORD *)&unk_C31E8 + (unsigned __int8)v31);
v19 = v7[4];
v20 = v7[5];
v21 = v13 ^ *((_DWORD *)&unk_C31E8 + (unsigned __int8)v28);
v7 += 8;
v3 = v14 ^ v15;
v5 = v17 ^ v16;
v8 = v18 ^ v19;
}
v33 = *((_BYTE *)qword_C35E8 + BYTE2(v31));
v34 = (unsigned __int8)v29;
v35 = &a3[v6];
v36 = a3[v6 + 8];
v37 = *((unsigned __int8 *)qword_C35E8 + HIBYTE(v29));
v38 = *((_BYTE *)qword_C35E8 + BYTE2(v28));
v39 = *((_BYTE *)qword_C35E8 + BYTE1(v31));
v40 = *((unsigned __int8 *)qword_C35E8 + (unsigned __int8)v30);
v41 = *((unsigned __int8 *)qword_C35E8 + HIBYTE(v30));
v42 = *((_BYTE *)qword_C35E8 + BYTE2(v29));
v43 = *((_BYTE *)qword_C35E8 + BYTE1(v28));
v44 = *((unsigned __int8 *)qword_C35E8 + (unsigned __int8)v31);
result = *((unsigned __int8 *)qword_C35E8 + HIBYTE(v31));
LOBYTE(v30) = *((_BYTE *)qword_C35E8 + BYTE2(v30));
v46 = *((_BYTE *)qword_C35E8 + BYTE1(v29));
v47 = *((unsigned __int8 )qword_C35E8 + (unsigned __int8)v28);
v48 = ((((unsigned __int8 )qword_C35E8 + v32) << 24) | (v33 << 16) | (((unsigned __int8 *)qword_C35E8 + BYTE1(v30)) << 8) | *((unsigned __int8 *)qword_C35E8 + v34)) ^ v36;
*a2 = HIBYTE(v48);
a2[3] = v48;
a2[1] = BYTE2(v48);
a2[2] = BYTE1(v48);
v49 = ((v37 << 24) | (v38 << 16) | (v39 << 8) | v40) ^ v35[9];
a2[4] = HIBYTE(v49);
a2[7] = v49;
a2[5] = BYTE2(v49);
a2[6] = BYTE1(v49);
v50 = ((v41 << 24) | (v42 << 16) | (v43 << 8) | v44) ^ v35[10];
a2[11] = v44 ^ *((_BYTE *)v35 + 40);
a2[8] = HIBYTE(v50);
a2[9] = BYTE2(v50);
a2[10] = BYTE1(v50);
v51 = (((_DWORD)result << 24) | ((unsigned __int8)v30 << 16) | (v46 << 8) | v47) ^ v35[11];
a2[12] = HIBYTE(v51);
a2[13] = BYTE2(v51);
a2[14] = BYTE1(v51);
a2[15] = v51;
return result;
}

将逻辑梳理成python 将对应的表还原
qword_C35E8 -> 0x525CC 看IDA共有256字节
[22:30:29 563]x10=RX@0x400c35e8[libshield.so]0xc35e8, md5=ba4ae4913dab406a429ed7000a8c8ef3, hex=52096ad53036a538bf40a39e81f3d7fb7ce339829b2fff87348e4344c4dee9cb547b9432a6c2233dee4c950b42fac34e082ea16628d924b2765ba2496d8bd12572f8f66486689816d4a45ccc5d65b6926c704850fdedb9da5e154657a78d9d8490d8ab008cbcd30af7e45805b8b34506d02c1e8fca3f0f02c1afbd0301138a6b3a9111414f67dcea97f2cfcef0b4e67396ac7422e7ad3585e2f937e81c75df6e47f11a711d29c5896fb7620eaa18be1bfc563e4bc6d279209adbc0fe78cd5af41fdda8338807c731b11210592780ec5f60517fa919b54a0d2de57a9f93c99cefa0e03b4dae2af5b0c8ebbb3c83539961172b047eba77d626e169146355210c7d
size: 256
0000: 52 09 6A D5 30 36 A5 38 BF 40 A3 9E 81 F3 D7 FB R.j.06.8.@......
0010: 7C E3 39 82 9B 2F FF 87 34 8E 43 44 C4 DE E9 CB |.9../..4.CD....
0020: 54 7B 94 32 A6 C2 23 3D EE 4C 95 0B 42 FA C3 4E T{.2..#=.L..B..N
0030: 08 2E A1 66 28 D9 24 B2 76 5B A2 49 6D 8B D1 25 ...f(.$.v[.Im..%
0040: 72 F8 F6 64 86 68 98 16 D4 A4 5C CC 5D 65 B6 92 r..d.h.....]e..
0050: 6C 70 48 50 FD ED B9 DA 5E 15 46 57 A7 8D 9D 84 lpHP....^.FW....
0060: 90 D8 AB 00 8C BC D3 0A F7 E4 58 05 B8 B3 45 06 ..........X...E.
0070: D0 2C 1E 8F CA 3F 0F 02 C1 AF BD 03 01 13 8A 6B .,...?.........k
0080: 3A 91 11 41 4F 67 DC EA 97 F2 CF CE F0 B4 E6 73 :..AOg.........s
0090: 96 AC 74 22 E7 AD 35 85 E2 F9 37 E8 1C 75 DF 6E ..t"..5...7..u.n
00A0: 47 F1 1A 71 1D 29 C5 89 6F B7 62 0E AA 18 BE 1B G..q.)..o.b.....
00B0: FC 56 3E 4B C6 D2 79 20 9A DB C0 FE 78 CD 5A F4 .V>K..y ....x.Z.
00C0: 1F DD A8 33 88 07 C7 31 B1 12 10 59 27 80 EC 5F ...3...1...Y'.._
00D0: 60 51 7F A9 19 B5 4A 0D 2D E5 7A 9F 93 C9 9C EF `Q....J.-.z.....
00E0: A0 E0 3B 4D AE 2A F5 B0 C8 EB BB 3C 83 53 99 61 ..;M.*.....<.S.a
00F0: 17 2B 04 7E BA 77 D6 26 E1 69 14 63 55 21 0C 7D .+.~.w.&.i.cU!.}
^-----------------------------------------------------------------------------^

补充v4 = (int)a3[60] >> 1; 找到对应的加密轮数 -> 0A
mx2 244

-----------------------------------------------------------------------------<
[23:51:24 601]x2=unidbg@0xbffff350, md5=ee4842523ec8de717e48d1c96428c830, hex=49509d45c2e8ffd3875ccce9f8f5960dd9ef91a49dc3e178013a9c5fc33436a9915f8dbb442c70dc9cf97d27c20eaaf631554006d573fd67d8d50dfb5ef7d7d13b3aeacde426bd610da6f09c8622da2a1bae34eedf1c57ace9804dfd8b842ab670f31a3dc4b26342369c1a516204674b5b97006bb441797ff22e791354987d1a6dd29292efd67914466f006ca6b604099cbe5d5f8204eb86a9b97978e0d904650318b0c2402265cc607036dca87b0e94689f35400000000095a89177000000000800000000000000808080800000000078f5ffbf000000005c3a642900000000a0f4ffbf0000000030f4ffbf000000000a000000
size: 244
0000: 49 50 9D 45 C2 E8 FF D3 87 5C CC E9 F8 F5 96 0D IP.E...........
0010: D9 EF 91 A4 9D C3 E1 78 01 3A 9C 5F C3 34 36 A9 .......x.:..46.
0020: 91 5F 8D BB 44 2C 70 DC 9C F9 7D 27 C2 0E AA F6 ...D,p...}'....
0030: 31 55 40 06 D5 73 FD 67 D8 D5 0D FB 5E F7 D7 D1 1U@..s.g....^...
0040: 3B 3A EA CD E4 26 BD 61 0D A6 F0 9C 86 22 DA 2A ;:...&.a.....".*
0050: 1B AE 34 EE DF 1C 57 AC E9 80 4D FD 8B 84 2A B6 ..4...W...M...*.
0060: 70 F3 1A 3D C4 B2 63 42 36 9C 1A 51 62 04 67 4B p..=..cB6..Qb.gK
0070: 5B 97 00 6B B4 41 79 7F F2 2E 79 13 54 98 7D 1A [..k.Ay...y.T.}.
0080: 6D D2 92 92 EF D6 79 14 46 6F 00 6C A6 B6 04 09 m.....y.Fo.l....
0090: 9C BE 5D 5F 82 04 EB 86 A9 B9 79 78 E0 D9 04 65 ..]_......yx...e
00A0: 03 18 B0 C2 40 22 65 CC 60 70 36 DC A8 7B 0E 94 ....@"e.`p6..{..
00B0: 68 9F 35 40 00 00 00 00 95 A8 91 77 00 00 00 00 h.5@.......w....
00C0: 08 00 00 00 00 00 00 00 80 80 80 80 00 00 00 00 ................
00D0: 78 F5 FF BF 00 00 00 00 5C 3A 64 29 00 00 00 00 x.......:d)....
00E0: A0 F4 FF BF 00 00 00 00 30 F4 FF BF 00 00 00 00 ........0.......
00F0: 0A 00 00 00 ....
^-----------------------------------------------------------------------------^

拿RijnDael_AES_LONG_inv_C35E8的值
mx10 256

-----------------------------------------------------------------------------<
[09:55:03 339]x10=RX@0x400c35e8[libshield.so]0xc35e8, md5=ba4ae4913dab406a429ed7000a8c8ef3, hex=52096ad53036a538bf40a39e81f3d7fb7ce339829b2fff87348e4344c4dee9cb547b9432a6c2233dee4c950b42fac34e082ea16628d924b2765ba2496d8bd12572f8f66486689816d4a45ccc5d65b6926c704850fdedb9da5e154657a78d9d8490d8ab008cbcd30af7e45805b8b34506d02c1e8fca3f0f02c1afbd0301138a6b3a9111414f67dcea97f2cfcef0b4e67396ac7422e7ad3585e2f937e81c75df6e47f11a711d29c5896fb7620eaa18be1bfc563e4bc6d279209adbc0fe78cd5af41fdda8338807c731b11210592780ec5f60517fa919b54a0d2de57a9f93c99cefa0e03b4dae2af5b0c8ebbb3c83539961172b047eba77d626e169146355210c7d
size: 256
0000: 52 09 6A D5 30 36 A5 38 BF 40 A3 9E 81 F3 D7 FB R.j.06.8.@......
0010: 7C E3 39 82 9B 2F FF 87 34 8E 43 44 C4 DE E9 CB |.9../..4.CD....
0020: 54 7B 94 32 A6 C2 23 3D EE 4C 95 0B 42 FA C3 4E T{.2..#=.L..B..N
0030: 08 2E A1 66 28 D9 24 B2 76 5B A2 49 6D 8B D1 25 ...f(.$.v[.Im..%
0040: 72 F8 F6 64 86 68 98 16 D4 A4 5C CC 5D 65 B6 92 r..d.h.....]e..
0050: 6C 70 48 50 FD ED B9 DA 5E 15 46 57 A7 8D 9D 84 lpHP....^.FW....
0060: 90 D8 AB 00 8C BC D3 0A F7 E4 58 05 B8 B3 45 06 ..........X...E.
0070: D0 2C 1E 8F CA 3F 0F 02 C1 AF BD 03 01 13 8A 6B .,...?.........k
0080: 3A 91 11 41 4F 67 DC EA 97 F2 CF CE F0 B4 E6 73 :..AOg.........s
0090: 96 AC 74 22 E7 AD 35 85 E2 F9 37 E8 1C 75 DF 6E ..t"..5...7..u.n
00A0: 47 F1 1A 71 1D 29 C5 89 6F B7 62 0E AA 18 BE 1B G..q.)..o.b.....
00B0: FC 56 3E 4B C6 D2 79 20 9A DB C0 FE 78 CD 5A F4 .V>K..y ....x.Z.
00C0: 1F DD A8 33 88 07 C7 31 B1 12 10 59 27 80 EC 5F ...3...1...Y'.._
00D0: 60 51 7F A9 19 B5 4A 0D 2D E5 7A 9F 93 C9 9C EF `Q....J.-.z.....
00E0: A0 E0 3B 4D AE 2A F5 B0 C8 EB BB 3C 83 53 99 61 ..;M.*.....<.S.a
00F0: 17 2B 04 7E BA 77 D6 26 E1 69 14 63 55 21 0C 7D .+.~.w.&.i.cU!.}
^-----------------------------------------------------------------------------^

模拟sub_522F4后得到的结果与result = a6(v8, v36, a4);这里的a6效果一样,但是得到的v36并不是解密后的值
解密后的值是HMAC_MD5加密的key
F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61
AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE
F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB
AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC

经过分析发现
sub_51CB8(v14, 128LL, v16); // 扩展轮秘钥
sub_51868(a1, v11, a2, v16, &v15, 0); // 解密模块 v11存储跟解密后相关的内容但还不是密文
v13 = v11[a2 - 1]; //结合a2去拿v11的数据赋值给v13
if ( v13 < 0x11 )
{
memset(&v11[a2 - v13], 0, v13); // a2与v13结合移除填充的部分
*a5 = *v11;
memcpy(a5 + 1, v11 + 16, a2 - 16 - v13);
free(v11);
result = 1LL;
goto LABEL_12;
}

======================================================================模拟代码错误分析
错误点1:
根据trace.txt日志一步一步的去分析本地python模拟后的代码与IDA中运行后的值是否一致。
修改不一致的地方
比如加密数据就没有进行小端序处理。
[09:33:28 914][libshield.so 0x05237c] [10010d4a] 0x4005237c: "eor w16, w8, w13" w8=0xee1755bf w13=0x459d5049 => w16=0xab8a05f6

其中
v7 = a3[6:] # 指向轮密钥起始位置(跳过前6个DWORD)
查看trace.txt
[09:33:28 915][libshield.so 0x0523ac] [4b600091] 0x400523ac: "add x11, x2, #0x18" x2=0xbffff350 => x11=0xbffff368

unidbg在下一位置打断点
mx11

-----------------------------------------------------------------------------<
[14:06:29 051]x11=unidbg@0xbffff368, md5=6457e98216f7f37ac45d0e14068f3cac, hex=013a9c5fc33436a9915f8dbb442c70dc9cf97d27c20eaaf631554006d573fd67d8d50dfb5ef7d7d13b3aeacde426bd610da6f09c8622da2a1bae34eedf1c57ace9804dfd8b842ab670f31a3dc4b26342369c1a516204674b5b97006bb441797ff22e791354987d1a6dd29292efd67914
size: 112
0000: 01 3A 9C 5F C3 34 36 A9 91 5F 8D BB 44 2C 70 DC .:..46....D,p.
0010: 9C F9 7D 27 C2 0E AA F6 31 55 40 06 D5 73 FD 67 ..}'....1U@..s.g
0020: D8 D5 0D FB 5E F7 D7 D1 3B 3A EA CD E4 26 BD 61 ....^...;:...&.a
0030: 0D A6 F0 9C 86 22 DA 2A 1B AE 34 EE DF 1C 57 AC ....."...4...W.
0040: E9 80 4D FD 8B 84 2A B6 70 F3 1A 3D C4 B2 63 42 ..M....p..=..cB
0050: 36 9C 1A 51 62 04 67 4B 5B 97 00 6B B4 41 79 7F 6..Qb.gK[..k.Ay.
0060: F2 2E 79 13 54 98 7D 1A 6D D2 92 92 EF D6 79 14 ..y.T.}.m.....y.
^-----------------------------------------------------------------------------^

错误点2:
v26 = loc_C29E8[(v3 >> 16) & 0xFF] ^ unk_C25E8[(v5 >> 24) & 0xFF] ^ unk_C2DE8[(i >> 8) & 0xFF] ^ unk_C31E8[v8]
其中v8值是一个大数导致取值失败 看trace
[09:33:28 921][libshield.so 0x052514] [f25972b8] 0x40052514: "ldr w18, [x15, w18, uxtw #2]" x15=0x400c31e8 w18=0x28 => w18=0xdf4a1863
这里v8=0x28 unk_C31E8[v8]=0xdf4a1863,问题出现在v8的计算,发现v8处需要添加逻辑v8 & 0xFF = 0x28
其余报错的地方都添加& 0xFF即可,这里属于是IDA伪代码没有翻译精确,看汇编也可以发现
AND W16, W16, #0xFF

v28 = (v25 ^ unk_C31E8[v5 & 0xFF] ^ v7[-2]) & 0xFFFFFFFF # 0xdd15c757(正确) ^ 0xe5d7fc4f(正确) ^ '0xa491efd9' v7[-2]
这里的v7[-2]翻译错误
v7 = a3 + 6;
*(v7 - 2); 这里就要退回到之前两个元素的那个位置,所以v7 = a3[6:]这里就翻译错了
*(v7 - 2) = v7[6-2]

__int64 __fastcall sub_522F4(unsigned int *a1, _BYTE *a2, _DWORD *a3)这里调用生成的a2的值是多少(每一个元素4字节)
通过a6函数可以查看

-----------------------------------------------------------------------------<
[14:15:40 703]x1=unidbg@0xbffff2b8, md5=c34941dd6eba0cbabb7670a8ccefcebe, hex=3501323404020861667a6666071766390000000000000000000000000000000090415b2c0000000009370c4000000000240000000000000000301540000000000020154000000000600000000000000000e045400000000060000000000000008cb245400000000090f4ffbf00000000
size: 112
0000: 35 01 32 34 04 02 08 61 66 7A 66 66 07 17 66 39 5.24...afzff..f9
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 90 41 5B 2C 00 00 00 00 09 37 0C 40 00 00 00 00 .A[,.....7.@....
0030: 24 00 00 00 00 00 00 00 00 30 15 40 00 00 00 00 $........0.@....
0040: 00 20 15 40 00 00 00 00 60 00 00 00 00 00 00 00 . .@........... 0050: 00 E0 45 40 00 00 00 00 60 00 00 00 00 00 00 00 ..E@...........
0060: 8C B2 45 40 00 00 00 00 90 F4 FF BF 00 00 00 00 ..E@............
^-----------------------------------------------------------------------------^
对比模拟的a2数组跟第一排数据一致即可

======================================================================
__int64 __fastcall sub_5290C( # 魔改的AES-CBC解密算法 特点:动态修改IV 非常规化异或路径
__int64 result, # x0,输入密文缓冲区指针
__int64 a2, # 输出明文缓冲区指针
unsigned __int64 a3, # 数据长度
__int64 a4, # 轮秘钥或其他算法参数
unsigned __int64 a5, # iv缓冲区指针 需要关注,每次解密后,代码将当前密文块写入a5指向的位置,导致IV被动态更新(与标准区别不大)
__int64 (__fastcall *a6)(__int64, char *, __int64)) # AES轮函数

总结大致思路:
while (剩余数据长度 > 0) {
// 1. 调用AES解密单块
a6(v8, v36, a4); // v36 = AES_Decrypt(当前块)

}

// 每次解密块时的操作
(v9 + v19) = veorq_s8((a5 + v19), *&v36[v19]); // 使用a5作为IV
*(a5 + v19) = v20; // 将当前密文块写入a5(污染IV)

标准CBC:
密文块N → AES解密 → 中间结果 → 与前一个密文块异或 → 明文N

前一个密文块(N-1)

本代码:
密文块N → AES解密 → 中间结果 → 与动态IV异或 → 明文N
↓ ↑
覆盖IV区 ← 当前密文块

模拟实现 打断点猜测每一部分作用
def sub_5290C(result: bytearray, a2: bytearray, a3: int, a4: bytes, a5: bytearray, a6):
__int64 __fastcall sub_5290C( # 魔改的AES-CBC解密算法 特点:动态修改IV 非常规化异或路径
__int64 result, # x0,输入密文缓冲区指针
__int64 a2, # 输出明文缓冲区指针
unsigned __int64 a3, # 数据长度
__int64 a4, # 轮秘钥
unsigned __int64 a5, # iv缓冲区指针 需要关注,每次解密后,代码将当前密文块写入a5指向的位置,导致IV被动态更新(与标准区别不大)
__int64 (__fastcall *a6)(__int64, char *, __int64)) # AES轮函

拟算法后,对单核心解密函数进行打断点 多次跳转 看看每次返回的值是否一致

encrypt_data = bytes.fromhex(
"EE1755BFE9D97ECE5D3215AF401FA9E7"
"1782CBF447A784694A35EF2AF11CBEE5"
"41C7660DA56E2C7B7A06C9DCB060C802"
"5BAD0F98EC194491D4721E361895AFD4"
)
result = a6(v8, v36, a4)调用的下一个地址0x52998,可以拿到解密结果 unidbg中跳转到下一次继续观察

第一轮
[11:41:41 073]x1=unidbg@0xbffff2b8, md5=c34941dd6eba0cbabb7670a8ccefcebe, hex=3501323404020861667a6666071766390000000000000000000000000000000090415b2c0000000009370c4000000000240000000000000000301540000000000020154000000000600000000000000000e045400000000060000000000000008cb245400000000090f4ffbf00000000
size: 112
0000: 35 01 32 34 04 02 08 61 66 7A 66 66 07 17 66 39 5.24...afzff..f9
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 90 41 5B 2C 00 00 00 00 09 37 0C 40 00 00 00 00 .A[,.....7.@....
0030: 24 00 00 00 00 00 00 00 00 30 15 40 00 00 00 00 $........0.@....
0040: 00 20 15 40 00 00 00 00 60 00 00 00 00 00 00 00 . .@........... 0050: 00 E0 45 40 00 00 00 00 60 00 00 00 00 00 00 00 ..E@...........
0060: 8C B2 45 40 00 00 00 00 90 F4 FF BF 00 00 00 00 ..E@............
^-----------------------------------------------------------------------------^

第一轮
[53, 1, 50, 52, 4, 2, 8, 97, 102, 122, 102, 102, 7, 23, 102, 57]
[0x35, 0x1, 0x32, 0x34, 0x4, 0x2, 0x8, 0x61, 0x7a, 0x66, 0x66, 0x7, 0x17, 0x66, 0x39] 正确

第二轮

-----------------------------------------------------------------------------<
[11:43:05 673]x1=unidbg@0xbffff2b8, md5=f574c2c3f0ee4dd6e8a8326f1cc5eb26, hex=18b85acc43f589ad66fe9e7116654a860000000000000000000000000000000090415b2c0000000009370c4000000000240000000000000000301540000000000020154000000000600000000000000000e045400000000060000000000000008cb245400000000090f4ffbf00000000
size: 112
0000: 18 B8 5A CC 43 F5 89 AD 66 FE 9E 71 16 65 4A 86 ..Z.C...f..q.eJ.
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 90 41 5B 2C 00 00 00 00 09 37 0C 40 00 00 00 00 .A[,.....7.@....
0030: 24 00 00 00 00 00 00 00 00 30 15 40 00 00 00 00 $........0.@....
0040: 00 20 15 40 00 00 00 00 60 00 00 00 00 00 00 00 . .@........... 0050: 00 E0 45 40 00 00 00 00 60 00 00 00 00 00 00 00 ..E@...........
0060: 8C B2 45 40 00 00 00 00 90 F4 FF BF 00 00 00 00 ..E@............
^-----------------------------------------------------------------------------^

第二轮
[24, 184, 90, 204, 67, 245, 137, 173, 102, 254, 158, 113, 22, 101, 74, 134]
[0x18, 0xb8, 0x5a, 0xcc, 0x43, 0xf5, 0x89, 0xad, 0x66, 0xfe, 0x9e, 0x71, 0x16, 0x65, 0x4a, 0x86] 正确

第三轮

-----------------------------------------------------------------------------<
[11:52:07 484]x1=unidbg@0xbffff2b8, md5=50fafbacd228b5b34bfac11e1a569a94, hex=bde895500b9f6081aa251947077bd74b0000000000000000000000000000000090415b2c0000000009370c4000000000240000000000000000301540000000000020154000000000600000000000000000e045400000000060000000000000008cb245400000000090f4ffbf00000000
size: 112
0000: BD E8 95 50 0B 9F 60 81 AA 25 19 47 07 7B D7 4B ...P....%.G.{.K 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020: 90 41 5B 2C 00 00 00 00 09 37 0C 40 00 00 00 00 .A[,.....7.@.... 0030: 24 00 00 00 00 00 00 00 00 30 15 40 00 00 00 00 $........0.@.... 0040: 00 20 15 40 00 00 00 00 60 00 00 00 00 00 00 00 . .@...........
0050: 00 E0 45 40 00 00 00 00 60 00 00 00 00 00 00 00 ..E@....`.......
0060: 8C B2 45 40 00 00 00 00 90 F4 FF BF 00 00 00 00 ..E@............
^-----------------------------------------------------------------------------^

第三轮
[189, 232, 149, 80, 11, 159, 96, 129, 170, 37, 25, 71, 7, 123, 215, 75]
[0xbd, 0xe8, 0x95, 0x50, 0xb, 0x9f, 0x60, 0x81, 0xaa, 0x25, 0x19, 0x47, 0x7, 0x7b, 0xd7, 0x4b]

第四轮
[176, 66, 31, 203, 203, 164, 163, 229, 216, 126, 100, 39, 242, 108, 148, 201]

-----------------------------------------------------------------------------<
[11:59:13 384]x1=unidbg@0xbffff2b8, md5=ece6a6bd88d45da6b505fdcd78a76927, hex=b0421fcbcba4a3e5d87e6427f26c94c90000000000000000000000000000000090415b2c0000000009370c4000000000240000000000000000301540000000000020154000000000600000000000000000e045400000000060000000000000008cb245400000000090f4ffbf00000000
size: 112
0000: B0 42 1F CB CB A4 A3 E5 D8 7E 64 27 F2 6C 94 C9 .B.......~d'.l..
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 90 41 5B 2C 00 00 00 00 09 37 0C 40 00 00 00 00 .A[,.....7.@....
0030: 24 00 00 00 00 00 00 00 00 30 15 40 00 00 00 00 $........0.@....
0040: 00 20 15 40 00 00 00 00 60 00 00 00 00 00 00 00 . .@........... 0050: 00 E0 45 40 00 00 00 00 60 00 00 00 00 00 00 00 ..E@...........
0060: 8C B2 45 40 00 00 00 00 90 F4 FF BF 00 00 00 00 ..E@............
^-----------------------------------------------------------------------------^

第四轮
['0xb0', '0x42', '0x1f', '0xcb', '0xcb', '0xa4', '0xa3', '0xe5', '0xd8', '0x7e', '0x64', '0x27', '0xf2', '0x6c', '0x94', '0xc9']

所以模拟的python代码单块解密已经实现了
即4次调用已经模拟result = a6(v8, v36, a4)

但是从单块解密数据x36 -> a2明文数据(中间这一段的模拟还不正确)

sub_51868(a1, v11, a2, v16, &v15, 0) 查看a2即需要查看这里的v11的解密情况,断点下在sub_51868调用之后
0x4B464处,打印mx1得到v11内存值如下

明文的结果:

-----------------------------------------------------------------------------<
[13:39:17 172]x1=unidbg@0xbffff2b8, md5=acd3942b9c3da4875454256c80774b3e, hex=90ae39716af4b26fa47cc2c9f4b4301a0000000000000000000000000000000090415b2c0000000009370c4000000000240000000000000000301540000000000020154000000000600000000000000000e045400000000060000000000000008cb245400000000090f4ffbf00000000
size: 112
0000: 90 AE 39 71 6A F4 B2 6F A4 7C C2 C9 F4 B4 30 1A ..9qj..o.|....0.
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 90 41 5B 2C 00 00 00 00 09 37 0C 40 00 00 00 00 .A[,.....7.@....
0030: 24 00 00 00 00 00 00 00 00 30 15 40 00 00 00 00 $........0.@....
0040: 00 20 15 40 00 00 00 00 60 00 00 00 00 00 00 00 . .@........... 0050: 00 E0 45 40 00 00 00 00 60 00 00 00 00 00 00 00 ..E@...........
0060: 8C B2 45 40 00 00 00 00 90 F4 FF BF 00 00 00 00 ..E@............

填充方式
密文是否是16的倍数
是否正确的iv 观察首块异或数据

潜在问题与解决方案
a5的初始值错误:

问题:若a5初始时未正确设置为IV(CBC模式),首块异或会出错。
解决:确认调用此函数时,a5指向正确的初始向量(IV)。
块更新逻辑错误:

问题:在模拟过程中,未正确将当前密文块复制到a5,导致后续块异或数据错误。
解决:确保每轮解密后,将当前密文块(v8)更新到a5,而不是其他数据。
尾部处理不完整:

问题:当数据长度不是16字节对齐时,尾部处理(LABEL_20后的循环)可能未正确模拟。
解决:检查剩余字节的处理逻辑,确保逐字节异或和密文更新。
字节序或内存对齐问题:

问题:v36或a5的数据未按正确的字节序处理(如大端/小端)。
解决:验证内存读写是否符合目标平台的字节序。

验证步骤
检查IV设置:

确保a5初始指向正确的IV,与加密时使用的IV一致。
跟踪首块处理:

解密第一个块时,a6输出v36后,异或操作应使用IV,而非其他数据。
更新a5为第一个密文块(即v8的首16字节)。
逐块对比中间结果:

对比v36(解密后的中间数据)与a5异或后的结果(明文),确认每一步是否符合预期。
使用已知密文/明文对,验证首块和后续块的解密结果。
调试尾部字节:

当数据长度非16倍数时,检查逐字节处理逻辑是否复制正确。

iv

-----------------------------------------------------------------------------<
[13:48:31 505]x4=unidbg@0xbffff340, md5=e6d7ba0d3fc9c38a5d528aea85e8bbdd, hex=3101323404020861667a66660717663949509d45c2e8ffd3875ccce9f8f5960dd9ef91a49dc3e178013a9c5fc33436a9915f8dbb442c70dc9cf97d27c20eaaf631554006d573fd67d8d50dfb5ef7d7d13b3aeacde426bd610da6f09c8622da2a1bae34eedf1c57ace9804dfd8b842ab6
size: 112
0000: 31 01 32 34 04 02 08 61 66 7A 66 66 07 17 66 39 1.24...afzff..f9
0010: 49 50 9D 45 C2 E8 FF D3 87 5C CC E9 F8 F5 96 0D IP.E...........
0020: D9 EF 91 A4 9D C3 E1 78 01 3A 9C 5F C3 34 36 A9 .......x.:..46.
0030: 91 5F 8D BB 44 2C 70 DC 9C F9 7D 27 C2 0E AA F6 ...D,p...}'....
0040: 31 55 40 06 D5 73 FD 67 D8 D5 0D FB 5E F7 D7 D1 1U@..s.g....^...
0050: 3B 3A EA CD E4 26 BD 61 0D A6 F0 9C 86 22 DA 2A ;:...&.a.....".*
0060: 1B AE 34 EE DF 1C 57 AC E9 80 4D FD 8B 84 2A B6 ..4...W...M...*.
^-----------------------------------------------------------------------------^

解密后的v36与a5指向的数据进行逐字节异或,生成明文存入a2:
(v9 + v19) = veorq_s8((a5 + v19), *&v36[v19]); // v9指向a2

a5的作用:可能是前一个密文块(CBC模式中的IV或前一块),每次处理后更新为当前密文块:
*(a5 + v19) = v20; // v20是当前密文块(v8)

v19 = 0
v20 = *(v8 + v19); // v8指向密文的数据
LDR Q2, [X20,X10]
"ldr q2, [x20, x10]" x20=0x40152000 x10=0x0 -> 查询0x40152000
从内存地址 X20 + X10 处读取 128 位(16 字节) 的数据。

// v9 = a2 存储明文数据
// a5取出iv的值(8字节)
// v36是a6解出来的明文数据
(v9 + v19) = veorq_s8((a5 + v19), *&v36[v19]); // 关键位置

验证第一步
plain_block = bytes([
decrypted_bytes[j] ^ current_iv[j] # 验证此处每一块的结果是否一致
for j in range(16)
])
hook 打印V0和V1的值对比本地代码的步骤

.text&ARM.extab:0000000000052A5C 00 6B EA 3C LDR Q0, [X24,X10]
.text&ARM.extab:0000000000052A60 61 6A EA 3C LDR Q1, [X19,X10]
.text&ARM.extab:0000000000052A64 82 6A EA 3C LDR Q2, [X20,X10]
.text&ARM.extab:0000000000052A68 20 1C 20 6E EOR V0.16B, V1.16B, V0.16B

V0和V1分别来自Q0和Q1,故打印X24和X19的值即可

unidbg中hook打印了多次
num=======================m============1
hexString19===3101323404020861667A666607176639 ==> Q1 -> X19 -> a5 (初始iv)
hexString24===3501323404020861667A666607176639 ==> Q0 -> X24 -> v36 (块解密中间值)
decrypted_bytes = [0x35, 0x1, 0x32, 0x34, 0x04, 0x02, 0x08, 0x61, 0x66, 0x7a, 0x66, 0x66, 0x07, 0x17, 0x66, 0x39] 第一轮解密的值 (一致)

num=======================m============2
hexString19===EE1755BFE9D97ECE5D3215AF401FA9E7 ==> 第一轮密文
hexString24===18B85ACC43F589AD66FE9E7116654A86
decrypted_bytes = ['0x18', '0xb8', '0x5a', '0xcc', '0x43', '0xf5', '0x89', '0xad', '0x66', '0xfe', '0x9e', '0x71', '0x16', '0x65', '0x4a', '0x86']

num=======================m============3
hexString19===1782CBF447A784694A35EF2AF11CBEE5 ==> 第二轮密文
hexString24===BDE895500B9F6081AA251947077BD74B
decrypted_bytes = ['0xbd', '0xe8', '0x95', '0x50', '0xb', '0x9f', '0x60', '0x81', '0xaa', '0x25', '0x19', '0x47', '0x7', '0x7b', '0xd7', '0x4b']

num=======================m============4
hexString19===41C7660DA56E2C7B7A06C9DCB060C802 ==> 第三轮密文
hexString24===B0421FCBCBA4A3E5D87E6427F26C94C9
decrypted_bytes = ['0xb0', '0x42', '0x1f', '0xcb', '0xcb', '0xa4', '0xa3', '0xe5', '0xd8', '0x7e', '0x64', '0x27', '0xf2', '0x6c', '0x94', '0xc9']

num=======================m============5
hexString19===5BAD0F98EC194491D4721E361895AFD4 ==> 第四轮密文
hexString24===F74D82F41C74C0A645065730AF3C4908 ==> ? (依旧是块解密中间数据)
['0xf7', '0x4d', '0x82', '0xf4', '0x1c', '0x74', '0xc0', '0xa6', '0x45', '0x6', '0x57', '0x30', '0xaf', '0x3c', '0x49', '0x8']

num=======================m============6
hexString19===80BE29617AE4A27FB46CD2D9E4A4200A ==> ? 猜测应该是第五轮密文 (毕竟之前只复制了4轮的密文)
hexString24===90AE39716AF4B26FA47CC2C9F4B4301A ==> ? (块解密中间数据)
['0x90', '0xae', '0x39', '0x71', '0x6a', '0xf4', '0xb2', '0x6f', '0xa4', '0x7c', '0xc2', '0xc9', '0xf4', '0xb4', '0x30', '0x1a']

print('0x0'+hex(0x3101323404020861667A666607176639^0x3501323404020861667A666607176639)[2:])
print(hex(0xEE1755BFE9D97ECE5D3215AF401FA9E7^0x18B85ACC43F589AD66FE9E7116654A86))
print(hex(0x1782CBF447A784694A35EF2AF11CBEE5^0xBDE895500B9F6081AA251947077BD74B))
print(hex(0x41C7660DA56E2C7B7A06C9DCB060C802^0xB0421FCBCBA4A3E5D87E6427F26C94C9))
print(hex(0x5BAD0F98EC194491D4721E361895AFD4^0xF74D82F41C74C0A645065730AF3C4908))
print(hex(0x80BE29617AE4A27FB46CD2D9E4A4200A^0x90AE39716AF4B26FA47CC2C9F4B4301A))

0x04000000000000000000000000000000
0xf6af0f73aa2cf7633bcc8bde567ae361
0xaa6a5ea44c38e4e8e010f66df66769ae
0xf18579c66eca8f9ea278adfb420c5ccb
0xace08d6cf06d843791744906b7a9e6dc
0x10101010101010101010101010101010

与hook到的解密后的HMAC_KEY对比
F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61
AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE
F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB
AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC

密文需要填充吗 -> pkcs7填充过的值
将6轮解密的异或值保存下来就是结果
Decrypted: 04000000000000000000000000000000f6af0f73aa2cf7633bcc8bde567ae361aa6a5ea44c38e4e8e010f66df66769aef18579c66eca8f9ea278adfb420c5ccbace08d6cf06d843791744906b7a9e6dc10101010101010101010101010101010

.text&ARM.extab:0000000000052A6C A0 6A AA 3C STR Q0, [X21,X10]
误区,明文值不是打印a2
trace搜索0x52A6C,发现保存到了0x4045e000
[09:33:28 972][libshield.so 0x052a6c] [a06aaa3c] 0x40052a6c: "str q0, [x21, x10]" x21=0x4045e000 x10=0x0
在循环结束后的0x52A84打印0x4045e000 并且unidbg c跳转6次循环再打印得到最后解密结果
m0x4045e000

-----------------------------------------------------------------------------<
[16:20:49 897]RW@0x4045e000, md5=3d7c40ab0808586d112ed8472fc7e16a, hex=04000000000000000000000000000000f6af0f73aa2cf7633bcc8bde567ae361aa6a5ea44c38e4e8e010f66df66769aef18579c66eca8f9ea278adfb420c5ccbace08d6cf06d843791744906b7a9e6dc1010101010101010101010101010101000000000000000000000000000000000
size: 112
0000: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0010: F6 AF 0F 73 AA 2C F7 63 3B CC 8B DE 56 7A E3 61 ...s.,.c;...Vz.a
0020: AA 6A 5E A4 4C 38 E4 E8 E0 10 F6 6D F6 67 69 AE .j^.L8.....m.gi.
0030: F1 85 79 C6 6E CA 8F 9E A2 78 AD FB 42 0C 5C CB ..y.n....x..B..
0040: AC E0 8D 6C F0 6D 84 37 91 74 49 06 B7 A9 E6 DC ...l.m.7.tI.....
0050: 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
^-----------------------------------------------------------------------------^

至此完成全部推理

v7 = (unsigned __int16)(*a2 | (a2[1] << 8)) | (a2[2] << 16) & 0xFFFFFF | (a2[3] << 24);
v8 = (unsigned __int16)(a2[4] | (a2[5] << 8)) | (a2[6] << 16) & 0xFFFFFF | (a2[7] << 24);
v9 = a2[12] | (unsigned __int16)(a2[13] << 8) | (a2[14] << 16) & 0xFFFFFF | (a2[15] << 24);
v10 = a2[8] | (unsigned __int16)(a2[9] << 8) | (a2[10] << 16) & 0xFFFFFF | (a2[11] << 24);
v171 = (unsigned __int16)(a2[16] | (a2[17] << 8)) | (a2[18] << 16) & 0xFFFFFF | (a2[19] << 24);
v11 = a2[28] | (unsigned __int16)(a2[29] << 8) | (a2[30] << 16) & 0xFFFFFF | (a2[31] << 24);
v12 = a2[24] | (unsigned __int16)(a2[25] << 8) | (a2[26] << 16) & 0xFFFFFF | (a2[27] << 24);
v13 = a2[56] | (unsigned __int16)(a2[57] << 8) | (a2[58] << 16) & 0xFFFFFF | (a2[59] << 24);
v14 = a2[40] | (unsigned __int16)(a2[41] << 8) | (a2[42] << 16) & 0xFFFFFF | (a2[43] << 24);
v15 = a2[60] | (unsigned __int16)(a2[61] << 8) | (a2[62] << 16) & 0xFFFFFF | (a2[63] << 24);
v16 = a2[32] | (unsigned __int16)(a2[33] << 8) | (a2[34] << 16) & 0xFFFFFF | (a2[35] << 24);
v17 = a2[36] | (unsigned __int16)(a2[37] << 8) | (a2[38] << 16) & 0xFFFFFF | (a2[39] << 24);
v18 = a2[44] | (unsigned __int16)(a2[45] << 8) | (a2[46] << 16) & 0xFFFFFF | (a2[47] << 24);
v168 = result[64] + v7;
v159 = (result[42] & 0xFF0011FF) + v7;
v173 = result[71] + v7;
v161 = result[48] + v13;                // 这些result记录中间态
v165 = result[58] + v13;
v155 = result[37] + v13;
v169 = result[73] + v13;
v19 = a2[48] | (unsigned __int16)(a2[49] << 8) | (a2[50] << 16) & 0xFFFFFF | (a2[51] << 24);
v152 = result[35] + v19;
v162 = result[54] + v19;
v166 = result[68] + v19;
v170 = result[75] + v19;
v160 = result[59] + v8;
v167 = result[78] + v8;
v20 = a2[52] | (unsigned __int16)(a2[53] << 8) | (a2[54] << 16) & 0xFFFFFF | (a2[55] << 24);
 
 
v21 = result[40] + v12;
v22 = result[34] + v18;
v23 = result[41] + v18;
v153 = result[57] + v18;
v164 = result[84] + v18;
v150 = (result[52] & 0xFF110011) + v10;
v157 = result[70] + v10;
v163 = result[85] + v10;
v154 = result[65] + v9;
v24 = result[49] + v9;
v158 = result[76] + v9;
v25 = v9 + v5 + result[26];
v7 = (unsigned __int16)(*a2 | (a2[1] << 8)) | (a2[2] << 16) & 0xFFFFFF | (a2[3] << 24);
v8 = (unsigned __int16)(a2[4] | (a2[5] << 8)) | (a2[6] << 16) & 0xFFFFFF | (a2[7] << 24);
v9 = a2[12] | (unsigned __int16)(a2[13] << 8) | (a2[14] << 16) & 0xFFFFFF | (a2[15] << 24);
v10 = a2[8] | (unsigned __int16)(a2[9] << 8) | (a2[10] << 16) & 0xFFFFFF | (a2[11] << 24);
v171 = (unsigned __int16)(a2[16] | (a2[17] << 8)) | (a2[18] << 16) & 0xFFFFFF | (a2[19] << 24);
v11 = a2[28] | (unsigned __int16)(a2[29] << 8) | (a2[30] << 16) & 0xFFFFFF | (a2[31] << 24);
v12 = a2[24] | (unsigned __int16)(a2[25] << 8) | (a2[26] << 16) & 0xFFFFFF | (a2[27] << 24);
v13 = a2[56] | (unsigned __int16)(a2[57] << 8) | (a2[58] << 16) & 0xFFFFFF | (a2[59] << 24);
v14 = a2[40] | (unsigned __int16)(a2[41] << 8) | (a2[42] << 16) & 0xFFFFFF | (a2[43] << 24);
v15 = a2[60] | (unsigned __int16)(a2[61] << 8) | (a2[62] << 16) & 0xFFFFFF | (a2[63] << 24);
v16 = a2[32] | (unsigned __int16)(a2[33] << 8) | (a2[34] << 16) & 0xFFFFFF | (a2[35] << 24);
v17 = a2[36] | (unsigned __int16)(a2[37] << 8) | (a2[38] << 16) & 0xFFFFFF | (a2[39] << 24);
v18 = a2[44] | (unsigned __int16)(a2[45] << 8) | (a2[46] << 16) & 0xFFFFFF | (a2[47] << 24);
v168 = result[64] + v7;
v159 = (result[42] & 0xFF0011FF) + v7;
v173 = result[71] + v7;
v161 = result[48] + v13;                // 这些result记录中间态
v165 = result[58] + v13;
v155 = result[37] + v13;
v169 = result[73] + v13;
v19 = a2[48] | (unsigned __int16)(a2[49] << 8) | (a2[50] << 16) & 0xFFFFFF | (a2[51] << 24);
v152 = result[35] + v19;
v162 = result[54] + v19;
v166 = result[68] + v19;
v170 = result[75] + v19;
v160 = result[59] + v8;
v167 = result[78] + v8;
v20 = a2[52] | (unsigned __int16)(a2[53] << 8) | (a2[54] << 16) & 0xFFFFFF | (a2[55] << 24);
 
 
v21 = result[40] + v12;
v22 = result[34] + v18;
v23 = result[41] + v18;
v153 = result[57] + v18;
v164 = result[84] + v18;
v150 = (result[52] & 0xFF110011) + v10;
v157 = result[70] + v10;
v163 = result[85] + v10;
v154 = result[65] + v9;
v24 = result[49] + v9;
v158 = result[76] + v9;
v25 = v9 + v5 + result[26];
  HIDWORD(v26) = ((v3 ^ v4) & v5 ^ v4) + v6 + v7 + result[23];
  LODWORD(v26) = HIDWORD(v26);
  v27 = (v26 >> 26) + v5;
  HIDWORD(v26) = v8 + v4 + result[24] + (v27 & (v5 ^ v3) ^ v3);
  LODWORD(v26) = HIDWORD(v26);
  v28 = (v26 >> 19) + v27;
  v29 = a2[20] | (unsigned __int16)(a2[21] << 8) | (a2[22] << 16) & 0xFFFFFF | (a2[23] << 24);
 
  HIDWORD(v26) = v10 + v3 + result[25] + (v28 & (v27 ^ v5) ^ v5);
  LODWORD(v26) = HIDWORD(v26);
  v30 = v29 + v28 + result[28];
  v31 = (v26 >> 15) + v28;
  v151 = result[66] + v12;
  v172 = result[81] + v12;
  HIDWORD(v26) = v25 + (v31 & (v28 ^ v27) ^ v27);                     // 第一轮魔改了 return (x & y) | (~x & z)
  LODWORD(v26) = HIDWORD(v26);
  v32 = (v26 >> 11) + v31;
  HIDWORD(v26) = v171 + v27 + result[27] + (v32 & (v31 ^ v28) ^ v28);
  LODWORD(v26) = HIDWORD(v26);
  v33 = (v26 >> 25) + v32;
  HIDWORD(v26) = v30 + (v33 & (v32 ^ v31) ^ v31);
  LODWORD(v26) = HIDWORD(v26);
  v34 = (v26 >> 20) + v33;
  HIDWORD(v26) = v12 + v31 + result[29] + (v34 & (v33 ^ v32) ^ v32);
  LODWORD(v26) = HIDWORD(v26);
  v35 = (v26 >> 15) + v34;
  v156 = result[79] + v16;
  v36 = result[56] + v16;
  v37 = v16 + v33 + result[31];
  v38 = result[50] + v16;
  HIDWORD(v26) = v11 + v32 + result[30] + (v35 & (v34 ^ v33) ^ v33);
  LODWORD(v26) = HIDWORD(v26);
  v39 = (v26 >> 12) + v35;
  HIDWORD(v26) = v37 + (v39 & (v35 ^ v34) ^ v34);
  LODWORD(v26) = HIDWORD(v26);
  v40 = (v26 >> 25) + v39;
  HIDWORD(v26) = v17 + v34 + result[32] + (v40 & (v39 ^ v35) ^ v35);
  LODWORD(v26) = HIDWORD(v26);
  v41 = (v26 >> 20) + v40;
  v42 = v35 + v14 + result[33];
  v43 = v22 + v39;
  HIDWORD(v26) = v42 + (v41 & (v40 ^ v39) ^ v39);
  LODWORD(v26) = HIDWORD(v26);
  v44 = (v26 >> 16) + v41;
  v45 = v152 + v40;
  HIDWORD(v26) = v43 + (v44 & (v41 ^ v40) ^ v40);
  LODWORD(v26) = HIDWORD(v26);
  v46 = (v26 >> 10) + v44;
  v47 = result[36] + v20 + v41;
  HIDWORD(v26) = v45 + (v46 & (v44 ^ v41) ^ v41);
  LODWORD(v26) = HIDWORD(v26);
  v48 = (v26 >> 25) + v46;
  v49 = v155 + v44;
  HIDWORD(v26) = v47 + (v48 & (v46 ^ v44) ^ v44);
  LODWORD(v26) = HIDWORD(v26);
  v50 = (v26 >> 19) + v48;
  v51 = v15 + result[38] + v46;
  HIDWORD(v26) = v49 + (v50 & (v48 ^ v46) ^ v46);
  LODWORD(v26) = HIDWORD(v26);
  v52 = (v26 >> 15) + v50;
  v53 = (result[39] & 0xFF00FF00) + v8 + v48;
  HIDWORD(v26) = v51 + (v52 & (v50 ^ v48) ^ v48);   // 第一轮
  LODWORD(v26) = HIDWORD(v26);
  v54 = (v26 >> 10) + v52;
  v55 = v21 + v50;
  HIDWORD(v26) = v53 + ((v54 ^ v52) & v50 ^ v52);   // 第二轮 也魔改位运算  return (x & z) | (y & ~z)
  LODWORD(v26) = HIDWORD(v26);
  v56 = (v26 >> 27) + v54;
  v57 = v23 + v52;
  HIDWORD(v26) = v55 + ((v56 ^ v54) & v52 ^ v54);
  LODWORD(v26) = HIDWORD(v26);
  v58 = (v26 >> 23) + v56;
  v59 = v159 + v54;
  HIDWORD(v26) = v57 + ((v58 ^ v56) & v54 ^ v56);
  LODWORD(v26) = HIDWORD(v26);
  v60 = (v26 >> 18) + v58;
  v61 = result[43] + v29 + v56;
  HIDWORD(v26) = v59 + ((v60 ^ v58) & v56 ^ v58);
  LODWORD(v26) = HIDWORD(v26);
  v62 = (v26 >> 12) + v60;
  v63 = result[44] + v14 + v58;
  HIDWORD(v26) = v61 + ((v62 ^ v60) & v58 ^ v60);
  LODWORD(v26) = HIDWORD(v26);
  v64 = (v26 >> 27) + v62;
  v65 = result[45] + v15 + v60;
  HIDWORD(v26) = v63 + ((v64 ^ v62) & v60 ^ v62);
  LODWORD(v26) = HIDWORD(v26);
  v66 = (v26 >> 23) + v64;
  v67 = result[46] + v171 + v62;
  HIDWORD(v26) = v65 + ((v66 ^ v64) & v62 ^ v64);
  LODWORD(v26) = HIDWORD(v26);
  v68 = (v26 >> 18) + v66;
  v69 = result[47] + v17 + v64;
  HIDWORD(v26) = v67 + ((v68 ^ v66) & v64 ^ v66);
  LODWORD(v26) = HIDWORD(v26);
  v70 = (v26 >> 12) + v68;
  v71 = v161 + v66;
  HIDWORD(v26) = v69 + ((v70 ^ v68) & v66 ^ v68);
  LODWORD(v26) = HIDWORD(v26);
  v72 = (v26 >> 27) + v70;
  v73 = v24 + v68;
  HIDWORD(v26) = v71 + ((v72 ^ v70) & v68 ^ v70);
  LODWORD(v26) = HIDWORD(v26);
  v74 = (v26 >> 23) + v72;
  v75 = v38 + v70;
  HIDWORD(v26) = v73 + ((v74 ^ v72) & v70 ^ v72);
  LODWORD(v26) = HIDWORD(v26);
  v76 = (v26 >> 18) + v74;
  v77 = result[51] + v20 + v72;
  HIDWORD(v26) = v75 + ((v76 ^ v74) & v72 ^ v74);
  LODWORD(v26) = HIDWORD(v26);
  v78 = (v26 >> 12) + v76;
  v79 = v150 + v74;
  HIDWORD(v26) = v77 + ((v78 ^ v76) & v74 ^ v76);
  LODWORD(v26) = HIDWORD(v26);
  v80 = (v26 >> 27) + v78;
  v81 = result[53] + v11 + v76;
  HIDWORD(v26) = v79 + ((v80 ^ v78) & v76 ^ v78);
  LODWORD(v26) = HIDWORD(v26);
  v82 = (v26 >> 23) + v80;
  v83 = v162 + v78;
  HIDWORD(v26) = v81 + ((v82 ^ v80) & v78 ^ v80);
  LODWORD(v26) = HIDWORD(v26);
  v84 = (v26 >> 18) + v82;
  v85 = result[55] + v29 + v80;
  HIDWORD(v26) = v83 + ((v84 ^ v82) & v80 ^ v82);
  LODWORD(v26) = HIDWORD(v26);
  v86 = (v26 >> 12) + v84;
  v87 = v36 + v82;
  HIDWORD(v26) = v85 + (v84 ^ v82 ^ v86);    // 第三轮的和H函数 return x ^ y ^ z
  LODWORD(v26) = HIDWORD(v26);
  v88 = (v26 >> 28) + v86;
  v89 = v153 + v84;
  HIDWORD(v26) = v87 + (v86 ^ v84 ^ v88);
  LODWORD(v26) = HIDWORD(v26);
  v90 = v165 + v86;
  v91 = (v26 >> 21) + v88;
  HIDWORD(v26) = v89 + (v88 ^ v86 ^ v91);
  LODWORD(v26) = HIDWORD(v26);
  v92 = (v26 >> 16) + v91;
  v93 = v160 + v88;
  HIDWORD(v26) = v90 + (v91 ^ v88 ^ v92);
  LODWORD(v26) = HIDWORD(v26);
  v94 = (v26 >> 9) + v92;
  v95 = result[62] + v14 + v94;
  v96 = result[60] + v171 + v91;
  HIDWORD(v26) = v93 + (v92 ^ v91 ^ v94);
  LODWORD(v26) = HIDWORD(v26);
  v97 = result[61] + v11 + v92;
  v98 = (v26 >> 28) + v94;
  HIDWORD(v26) = v96 + (v94 ^ v92 ^ v98);
  LODWORD(v26) = HIDWORD(v26);
  v99 = (v26 >> 21) + v98;
  v100 = result[63] + v20 + v98;
  HIDWORD(v26) = v97 + (v98 ^ v94 ^ v99);
  LODWORD(v26) = HIDWORD(v26);
  v101 = (v26 >> 16) + v99;
  HIDWORD(v26) = v100 + (v99 ^ v94 ^ v101);
  LODWORD(v26) = HIDWORD(v26);
  v102 = (v26 >> 28) + v94;
  HIDWORD(v26) = v95 + (v101 ^ v99 ^ v102);
  LODWORD(v26) = HIDWORD(v26);
  v103 = v154 + v101;
  v104 = (v26 >> 9) + v101;
  HIDWORD(v26) = v103 + (v102 ^ v99 ^ v104);
  LODWORD(v26) = HIDWORD(v26);
  --a3;                                             // 计算次数-1
  a2 += 64;                                         // 被加密的块 处理一块 +64
  v105 = v168 + v99;
  v106 = (v26 >> 16) + v99;
  v107 = v151 + v104;
  HIDWORD(v26) = v105 + (v104 ^ v102 ^ v106);
  LODWORD(v26) = HIDWORD(v26);
  v108 = result[67] + v17 + v102;
  v109 = (v26 >> 21) + v102;
  HIDWORD(v26) = v107 + (v106 ^ v102 ^ v109);
  LODWORD(v26) = HIDWORD(v26);
  v110 = v166 + v109;
  v111 = (v26 >> 9) + v106;
  HIDWORD(v26) = v108 + (v109 ^ v106 ^ v111);
  LODWORD(v26) = HIDWORD(v26);
  v112 = result[69] + v15 + v106;
  v113 = (v26 >> 28) + v111;
  HIDWORD(v26) = v110 + (v111 ^ v106 ^ v113);
  LODWORD(v26) = HIDWORD(v26);
  v114 = v157 + v111;
  v115 = (v26 >> 21) + v113;
  HIDWORD(v26) = v112 + (v113 ^ v111 ^ v115);      // 第三轮的和H函数 return x ^ y ^ z
  LODWORD(v26) = HIDWORD(v26);
  v116 = v173 + v113;
  v117 = (v26 >> 16) + v115;
  HIDWORD(v26) = v114 + (v115 ^ v113 ^ v117);     // 第三轮的和H函数 return x ^ y ^ z
  LODWORD(v26) = HIDWORD(v26);
  v118 = (v26 >> 9) + v117;
  v119 = result[72] + v11 + v115;
  HIDWORD(v26) = v116 + ((v118 | ~v115) ^ v117);  // 第四轮的I函数  return y ^ (x | ~z)
  LODWORD(v26) = HIDWORD(v26);
  v120 = (v26 >> 26) + v118;
  v121 = v169 + v117;
  HIDWORD(v26) = v119 + ((v120 | ~v117) ^ v118);
  LODWORD(v26) = HIDWORD(v26);
  v122 = (v26 >> 22) + v120;
  v123 = result[74] + v29 + v118;
  HIDWORD(v26) = v121 + ((v122 | ~v118) ^ v120);
  LODWORD(v26) = HIDWORD(v26);
  v124 = (v26 >> 17) + v122;
  v125 = v170 + v120;
  HIDWORD(v26) = v123 + ((v124 | ~v120) ^ v122);
  LODWORD(v26) = HIDWORD(v26);
  v126 = (v26 >> 11) + v124;
  v127 = v158 + v122;
  HIDWORD(v26) = v125 + ((v126 | ~v122) ^ v124);
  LODWORD(v26) = HIDWORD(v26);
  v128 = (v26 >> 26) + v126;
  v129 = result[77] + v14 + v124;
  HIDWORD(v26) = v127 + ((v128 | ~v124) ^ v126);
  LODWORD(v26) = HIDWORD(v26);
  v130 = (v26 >> 22) + v128;
  v131 = v167 + v126;
  HIDWORD(v26) = v129 + ((v130 | ~v126) ^ v128);
  LODWORD(v26) = HIDWORD(v26);
  v132 = (v26 >> 17) + v130;
  v133 = v156 + v128;
  HIDWORD(v26) = v131 + ((v132 | ~v128) ^ v130);
  LODWORD(v26) = HIDWORD(v26);
  v134 = (v26 >> 11) + v132;
  v135 = result[80] + v15 + v130;
  HIDWORD(v26) = v133 + ((v134 | ~v130) ^ v132);
  LODWORD(v26) = HIDWORD(v26);
  v136 = (v26 >> 26) + v134;
  v137 = v172 + v132;
  HIDWORD(v26) = v135 + ((v136 | ~v132) ^ v134);
  LODWORD(v26) = HIDWORD(v26);
  v138 = (v26 >> 22) + v136;
  v139 = result[82] + v20 + v134;
  HIDWORD(v26) = v137 + ((v138 | ~v134) ^ v136);
  LODWORD(v26) = HIDWORD(v26);
  v140 = (v26 >> 17) + v138;
  v141 = result[83] + v171 + v136;
  HIDWORD(v26) = v139 + ((v140 | ~v136) ^ v138);
  LODWORD(v26) = HIDWORD(v26);
  v142 = (v26 >> 11) + v140;
  v143 = v164 + v138;
  HIDWORD(v26) = v141 + ((v142 | ~v138) ^ v140);
  LODWORD(v26) = HIDWORD(v26);
  v144 = (v26 >> 26) + v142;
  v145 = v163 + v140;
  HIDWORD(v26) = v143 + ((v144 | ~v140) ^ v142);
  LODWORD(v26) = HIDWORD(v26);
  v146 = (v26 >> 22) + v144;
  v147 = result[86] + v17 + v142;
  HIDWORD(v26) = v145 + ((v146 | ~v142) ^ v144);
  LODWORD(v26) = HIDWORD(v26);
  v148 = (v26 >> 17) + v146;
  v6 = v144 + *result;
  v149 = v148 + result[1];
  HIDWORD(v26) = v147 + ((v148 | ~v144) ^ v146);
  LODWORD(v26) = HIDWORD(v26);
  v4 = v146 + result[3];
  v3 = v148 + result[2];
  v5 = v149 + (v26 >> 11);
  result[2] = v3;
  result[3] = v4;
  *result = v6;
  result[1] = v5;
}
while ( a3 );
  HIDWORD(v26) = ((v3 ^ v4) & v5 ^ v4) + v6 + v7 + result[23];
  LODWORD(v26) = HIDWORD(v26);
  v27 = (v26 >> 26) + v5;
  HIDWORD(v26) = v8 + v4 + result[24] + (v27 & (v5 ^ v3) ^ v3);
  LODWORD(v26) = HIDWORD(v26);
  v28 = (v26 >> 19) + v27;
  v29 = a2[20] | (unsigned __int16)(a2[21] << 8) | (a2[22] << 16) & 0xFFFFFF | (a2[23] << 24);
 
  HIDWORD(v26) = v10 + v3 + result[25] + (v28 & (v27 ^ v5) ^ v5);
  LODWORD(v26) = HIDWORD(v26);
  v30 = v29 + v28 + result[28];
  v31 = (v26 >> 15) + v28;
  v151 = result[66] + v12;
  v172 = result[81] + v12;
  HIDWORD(v26) = v25 + (v31 & (v28 ^ v27) ^ v27);                     // 第一轮魔改了 return (x & y) | (~x & z)
  LODWORD(v26) = HIDWORD(v26);
  v32 = (v26 >> 11) + v31;
  HIDWORD(v26) = v171 + v27 + result[27] + (v32 & (v31 ^ v28) ^ v28);
  LODWORD(v26) = HIDWORD(v26);
  v33 = (v26 >> 25) + v32;
  HIDWORD(v26) = v30 + (v33 & (v32 ^ v31) ^ v31);
  LODWORD(v26) = HIDWORD(v26);
  v34 = (v26 >> 20) + v33;
  HIDWORD(v26) = v12 + v31 + result[29] + (v34 & (v33 ^ v32) ^ v32);
  LODWORD(v26) = HIDWORD(v26);
  v35 = (v26 >> 15) + v34;
  v156 = result[79] + v16;
  v36 = result[56] + v16;
  v37 = v16 + v33 + result[31];
  v38 = result[50] + v16;
  HIDWORD(v26) = v11 + v32 + result[30] + (v35 & (v34 ^ v33) ^ v33);
  LODWORD(v26) = HIDWORD(v26);
  v39 = (v26 >> 12) + v35;
  HIDWORD(v26) = v37 + (v39 & (v35 ^ v34) ^ v34);
  LODWORD(v26) = HIDWORD(v26);
  v40 = (v26 >> 25) + v39;
  HIDWORD(v26) = v17 + v34 + result[32] + (v40 & (v39 ^ v35) ^ v35);
  LODWORD(v26) = HIDWORD(v26);
  v41 = (v26 >> 20) + v40;
  v42 = v35 + v14 + result[33];
  v43 = v22 + v39;
  HIDWORD(v26) = v42 + (v41 & (v40 ^ v39) ^ v39);
  LODWORD(v26) = HIDWORD(v26);
  v44 = (v26 >> 16) + v41;
  v45 = v152 + v40;
  HIDWORD(v26) = v43 + (v44 & (v41 ^ v40) ^ v40);
  LODWORD(v26) = HIDWORD(v26);
  v46 = (v26 >> 10) + v44;
  v47 = result[36] + v20 + v41;
  HIDWORD(v26) = v45 + (v46 & (v44 ^ v41) ^ v41);
  LODWORD(v26) = HIDWORD(v26);
  v48 = (v26 >> 25) + v46;
  v49 = v155 + v44;
  HIDWORD(v26) = v47 + (v48 & (v46 ^ v44) ^ v44);
  LODWORD(v26) = HIDWORD(v26);
  v50 = (v26 >> 19) + v48;
  v51 = v15 + result[38] + v46;
  HIDWORD(v26) = v49 + (v50 & (v48 ^ v46) ^ v46);
  LODWORD(v26) = HIDWORD(v26);
  v52 = (v26 >> 15) + v50;
  v53 = (result[39] & 0xFF00FF00) + v8 + v48;
  HIDWORD(v26) = v51 + (v52 & (v50 ^ v48) ^ v48);   // 第一轮
  LODWORD(v26) = HIDWORD(v26);
  v54 = (v26 >> 10) + v52;
  v55 = v21 + v50;
  HIDWORD(v26) = v53 + ((v54 ^ v52) & v50 ^ v52);   // 第二轮 也魔改位运算  return (x & z) | (y & ~z)
  LODWORD(v26) = HIDWORD(v26);
  v56 = (v26 >> 27) + v54;
  v57 = v23 + v52;
  HIDWORD(v26) = v55 + ((v56 ^ v54) & v52 ^ v54);
  LODWORD(v26) = HIDWORD(v26);
  v58 = (v26 >> 23) + v56;
  v59 = v159 + v54;
  HIDWORD(v26) = v57 + ((v58 ^ v56) & v54 ^ v56);
  LODWORD(v26) = HIDWORD(v26);
  v60 = (v26 >> 18) + v58;
  v61 = result[43] + v29 + v56;
  HIDWORD(v26) = v59 + ((v60 ^ v58) & v56 ^ v58);
  LODWORD(v26) = HIDWORD(v26);
  v62 = (v26 >> 12) + v60;
  v63 = result[44] + v14 + v58;
  HIDWORD(v26) = v61 + ((v62 ^ v60) & v58 ^ v60);
  LODWORD(v26) = HIDWORD(v26);
  v64 = (v26 >> 27) + v62;
  v65 = result[45] + v15 + v60;
  HIDWORD(v26) = v63 + ((v64 ^ v62) & v60 ^ v62);
  LODWORD(v26) = HIDWORD(v26);
  v66 = (v26 >> 23) + v64;
  v67 = result[46] + v171 + v62;
  HIDWORD(v26) = v65 + ((v66 ^ v64) & v62 ^ v64);
  LODWORD(v26) = HIDWORD(v26);
  v68 = (v26 >> 18) + v66;
  v69 = result[47] + v17 + v64;
  HIDWORD(v26) = v67 + ((v68 ^ v66) & v64 ^ v66);
  LODWORD(v26) = HIDWORD(v26);
  v70 = (v26 >> 12) + v68;
  v71 = v161 + v66;
  HIDWORD(v26) = v69 + ((v70 ^ v68) & v66 ^ v68);
  LODWORD(v26) = HIDWORD(v26);
  v72 = (v26 >> 27) + v70;
  v73 = v24 + v68;
  HIDWORD(v26) = v71 + ((v72 ^ v70) & v68 ^ v70);
  LODWORD(v26) = HIDWORD(v26);
  v74 = (v26 >> 23) + v72;
  v75 = v38 + v70;
  HIDWORD(v26) = v73 + ((v74 ^ v72) & v70 ^ v72);
  LODWORD(v26) = HIDWORD(v26);
  v76 = (v26 >> 18) + v74;
  v77 = result[51] + v20 + v72;
  HIDWORD(v26) = v75 + ((v76 ^ v74) & v72 ^ v74);
  LODWORD(v26) = HIDWORD(v26);
  v78 = (v26 >> 12) + v76;
  v79 = v150 + v74;
  HIDWORD(v26) = v77 + ((v78 ^ v76) & v74 ^ v76);
  LODWORD(v26) = HIDWORD(v26);
  v80 = (v26 >> 27) + v78;
  v81 = result[53] + v11 + v76;
  HIDWORD(v26) = v79 + ((v80 ^ v78) & v76 ^ v78);
  LODWORD(v26) = HIDWORD(v26);
  v82 = (v26 >> 23) + v80;
  v83 = v162 + v78;
  HIDWORD(v26) = v81 + ((v82 ^ v80) & v78 ^ v80);
  LODWORD(v26) = HIDWORD(v26);
  v84 = (v26 >> 18) + v82;
  v85 = result[55] + v29 + v80;
  HIDWORD(v26) = v83 + ((v84 ^ v82) & v80 ^ v82);
  LODWORD(v26) = HIDWORD(v26);
  v86 = (v26 >> 12) + v84;
  v87 = v36 + v82;
  HIDWORD(v26) = v85 + (v84 ^ v82 ^ v86);    // 第三轮的和H函数 return x ^ y ^ z
  LODWORD(v26) = HIDWORD(v26);
  v88 = (v26 >> 28) + v86;
  v89 = v153 + v84;
  HIDWORD(v26) = v87 + (v86 ^ v84 ^ v88);
  LODWORD(v26) = HIDWORD(v26);
  v90 = v165 + v86;
  v91 = (v26 >> 21) + v88;
  HIDWORD(v26) = v89 + (v88 ^ v86 ^ v91);
  LODWORD(v26) = HIDWORD(v26);
  v92 = (v26 >> 16) + v91;
  v93 = v160 + v88;
  HIDWORD(v26) = v90 + (v91 ^ v88 ^ v92);
  LODWORD(v26) = HIDWORD(v26);
  v94 = (v26 >> 9) + v92;
  v95 = result[62] + v14 + v94;
  v96 = result[60] + v171 + v91;
  HIDWORD(v26) = v93 + (v92 ^ v91 ^ v94);
  LODWORD(v26) = HIDWORD(v26);
  v97 = result[61] + v11 + v92;
  v98 = (v26 >> 28) + v94;
  HIDWORD(v26) = v96 + (v94 ^ v92 ^ v98);
  LODWORD(v26) = HIDWORD(v26);
  v99 = (v26 >> 21) + v98;
  v100 = result[63] + v20 + v98;
  HIDWORD(v26) = v97 + (v98 ^ v94 ^ v99);
  LODWORD(v26) = HIDWORD(v26);
  v101 = (v26 >> 16) + v99;
  HIDWORD(v26) = v100 + (v99 ^ v94 ^ v101);
  LODWORD(v26) = HIDWORD(v26);
  v102 = (v26 >> 28) + v94;
  HIDWORD(v26) = v95 + (v101 ^ v99 ^ v102);
  LODWORD(v26) = HIDWORD(v26);
  v103 = v154 + v101;
  v104 = (v26 >> 9) + v101;
  HIDWORD(v26) = v103 + (v102 ^ v99 ^ v104);
  LODWORD(v26) = HIDWORD(v26);
  --a3;                                             // 计算次数-1
  a2 += 64;                                         // 被加密的块 处理一块 +64
  v105 = v168 + v99;
  v106 = (v26 >> 16) + v99;
  v107 = v151 + v104;
  HIDWORD(v26) = v105 + (v104 ^ v102 ^ v106);
  LODWORD(v26) = HIDWORD(v26);
  v108 = result[67] + v17 + v102;
  v109 = (v26 >> 21) + v102;
  HIDWORD(v26) = v107 + (v106 ^ v102 ^ v109);
  LODWORD(v26) = HIDWORD(v26);
  v110 = v166 + v109;
  v111 = (v26 >> 9) + v106;
  HIDWORD(v26) = v108 + (v109 ^ v106 ^ v111);
  LODWORD(v26) = HIDWORD(v26);
  v112 = result[69] + v15 + v106;
  v113 = (v26 >> 28) + v111;
  HIDWORD(v26) = v110 + (v111 ^ v106 ^ v113);
  LODWORD(v26) = HIDWORD(v26);
  v114 = v157 + v111;
  v115 = (v26 >> 21) + v113;
  HIDWORD(v26) = v112 + (v113 ^ v111 ^ v115);      // 第三轮的和H函数 return x ^ y ^ z
  LODWORD(v26) = HIDWORD(v26);
  v116 = v173 + v113;
  v117 = (v26 >> 16) + v115;
  HIDWORD(v26) = v114 + (v115 ^ v113 ^ v117);     // 第三轮的和H函数 return x ^ y ^ z
  LODWORD(v26) = HIDWORD(v26);
  v118 = (v26 >> 9) + v117;
  v119 = result[72] + v11 + v115;
  HIDWORD(v26) = v116 + ((v118 | ~v115) ^ v117);  // 第四轮的I函数  return y ^ (x | ~z)
  LODWORD(v26) = HIDWORD(v26);
  v120 = (v26 >> 26) + v118;
  v121 = v169 + v117;
  HIDWORD(v26) = v119 + ((v120 | ~v117) ^ v118);
  LODWORD(v26) = HIDWORD(v26);
  v122 = (v26 >> 22) + v120;
  v123 = result[74] + v29 + v118;
  HIDWORD(v26) = v121 + ((v122 | ~v118) ^ v120);
  LODWORD(v26) = HIDWORD(v26);
  v124 = (v26 >> 17) + v122;
  v125 = v170 + v120;
  HIDWORD(v26) = v123 + ((v124 | ~v120) ^ v122);
  LODWORD(v26) = HIDWORD(v26);
  v126 = (v26 >> 11) + v124;
  v127 = v158 + v122;
  HIDWORD(v26) = v125 + ((v126 | ~v122) ^ v124);
  LODWORD(v26) = HIDWORD(v26);
  v128 = (v26 >> 26) + v126;
  v129 = result[77] + v14 + v124;
  HIDWORD(v26) = v127 + ((v128 | ~v124) ^ v126);
  LODWORD(v26) = HIDWORD(v26);
  v130 = (v26 >> 22) + v128;
  v131 = v167 + v126;
  HIDWORD(v26) = v129 + ((v130 | ~v126) ^ v128);
  LODWORD(v26) = HIDWORD(v26);
  v132 = (v26 >> 17) + v130;
  v133 = v156 + v128;
  HIDWORD(v26) = v131 + ((v132 | ~v128) ^ v130);
  LODWORD(v26) = HIDWORD(v26);
  v134 = (v26 >> 11) + v132;
  v135 = result[80] + v15 + v130;
  HIDWORD(v26) = v133 + ((v134 | ~v130) ^ v132);
  LODWORD(v26) = HIDWORD(v26);
  v136 = (v26 >> 26) + v134;
  v137 = v172 + v132;

[招生]科锐逆向工程师培训(2025年3月11日实地,远程教学同时开班, 第52期)!

最后于 2025-3-10 23:10 被兆兆的罩罩编辑 ,原因:
收藏
免费 1
支持
分享
赞赏记录
参与人
雪币
留言
时间
sinker_
为你点赞!
2025-3-11 00:57
最新回复 (5)
mb_ldbucrik
雪    币: 10
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
私信
2
感谢分享
2025-3-10 22:52
0
墨穹呢
雪    币: 2760
活跃值: (3902)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
私信
3
文章排版太乱了,可以优化下,用md格式
2025-3-11 14:20
0
兆兆的罩罩
雪    币: 520
活跃值: (404)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
私信
4
好的哈,感谢提醒,我后面抽时间认真排一下
2025-3-11 14:33
0
mb_dhaylnrk
雪    币: 20
能力值: ( LV1,RANK:0 )
在线值:
发帖
回帖
粉丝
私信
5
佬, 想问下原文章在哪里啊, 星球没看到
2025-3-22 09:44
0
兆兆的罩罩
雪    币: 520
活跃值: (404)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
私信
6
mb_dhaylnrk 佬, 想问下原文章在哪里啊, 星球没看到
https://bbs.kanxue.com/thread-281610.htm就这个哇,画佬写的很清楚,我就是参考画佬的思路,去推了一遍逻辑。
4天前
0
游客
登录 | 注册 方可回帖
回帖 表情 雪币赚取及消费
高级回复
返回

账号登录
验证码登录

忘记密码?
没有账号?立即免费注册
我已同意 《看雪服务条款》 《看雪课程免责声明》 《看雪隐私政策》