-
-
[分享]HackShiled4.3.0.5 log文件加密算法
-
发表于:
2007-10-10 10:48
13456
-
[分享]HackShiled4.3.0.5 log文件加密算法
算法很简单,汇编代码如下
int _declspec(naked) _cdecl HSEncLog(unsigned char *pOutBuf, int nOutlen, unsigned char *pInBuf, int nInlen, int key)
{
_asm
{
mov edx, dword ptr [esp+4]
push ebx
test edx, edx
push esi
je L054
mov esi, dword ptr [esp+14h]
test esi, esi
je L054
mov ecx, dword ptr [esp+10h]
test ecx, ecx
jle L054
mov ebx, dword ptr [esp+18h]
test ebx, ebx
jle L054
push ebp
mov ebp, ecx
push edi
xor eax, eax
mov edi, edx
shr ecx, 2
rep stos dword ptr es:[edi]
mov ecx, ebp
and ecx, 3
test ebx, ebx
rep stos byte ptr es:[edi]
jle L048
mov ecx, dword ptr [esp+24h]
sub esi, edx
mov edi, ebx
L029:
mov al, byte ptr [esi+edx]
xor ebx, ebx
mov bl, ch
xor al, bl
mov byte ptr [edx], al
movzx ax, al
add eax, ecx
lea ecx, dword ptr [eax+eax*2]
shl ecx, 4
sub ecx, eax
lea ecx, dword ptr [ecx+ecx*2]
lea ecx, dword ptr [ecx+ecx*4]
lea ecx, dword ptr [ecx+ecx*8]
lea eax, dword ptr [eax+ecx*2]
mov ecx, 58BFh
sub ecx, eax
inc edx
dec edi
jnz L029
L048:
pop edi
pop ebp
pop esi
xor eax, eax
pop ebx
retn
L054:
pop esi
or eax, 0FFFFFFFFh
pop ebx
retn
}
}
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课