编译并提取RC4算法函数的asm code:
//Author:Nek0y4nsu Flu0rite
// RC4 Crypt SMC
///X64 MingW
// gcc gen_smc_rc4.c -o gen.exe
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
void Init_Sbox(unsigned char *sbox,unsigned char* key,unsigned int key_len);
void RC4Crypt(unsigned char* data_in,unsigned char* output ,unsigned int data_len, unsigned char* key, unsigned int key_len){
unsigned char Sbox[256];
Init_Sbox(Sbox, key, key_len);
unsigned int i = 0, j = 0, t = 0;
for (int x = 0; x < data_len; ++x)
{
i = (i + 1) % 256;
j = (j + Sbox[i]) % 256;
//swap
unsigned char tmp = Sbox[i];
Sbox[i] = Sbox[j];
Sbox[j] = tmp;
t = (Sbox[i] + Sbox[j]) % 256;
output[x] = data_in[x] ^ Sbox[t];
}
}
void Init_Sbox(unsigned char *sbox,unsigned char* key,unsigned int key_len){
for(int i = 0;i < 256;++i){
sbox[i] = i;
}
unsigned int j = 0;
for(int n = 0 ;n < 256; n++){
j = (j + sbox[n] + key[n % key_len]) % 256;
//swap sbox
unsigned char tmp = sbox[j];
sbox[j] = sbox[n];
sbox[n] = tmp;
}
}
__attribute__((naked)) void _end(){};
int main(){
int size = (int)_end - (int)RC4Crypt;
printf("size: %d \\n",size);
char* buf = (char*)malloc(size);
if(!buf){
printf("malloc failed \\n");
return 0;
}
memcpy(buf,(void*)RC4Crypt,size);
for(int i = 0;i < size;++i)
buf[i] = buf[i] ^ (i % 100);
FILE* fp = fopen("rc4_func.bin","wb");
fwrite(buf,1,size,fp);
fclose(fp);
printf("Extract ok!");
getchar();
return 0;
}
用CL编译器测试能不能用
#include <windows.h>
#include <stdio.h>
typedef void (*PRC4Crypt)(
unsigned char* data_in,
unsigned char* output ,
unsigned int data_len,
unsigned char* key,
unsigned int key_len
);
int file_size(char* filename){
FILE *fp=fopen(filename,"r");
if(!fp) return -1;
fseek(fp,0L,SEEK_END);
int size=ftell(fp);
fclose(fp);
return size;
}
int main(){
int size = file_size("rc4_func.bin");
char* buffer = (void* )VirtualAlloc(0, size, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
FILE* fp = fopen("rc4_func.bin","rb");
fread(buffer,size,1,fp);
fclose(fp);
PRC4Crypt RC4_Crypt = (PRC4Crypt)buffer;
for(int n = 0;n < size;++n)
buffer[n] = buffer[n] ^ (n % 100);
unsigned char data[] = "helloworld";
RC4_Crypt(data,data,sizeof(data),"abc",3);
for(int i = 0;i < sizeof(data);++i){
printf("%x ",data[i]);
}
getchar();
return 0;
}