keypress/unpacker/cypher.h
//
// cypher.h
// keypress
//
// Created by armored on 21/03/14.
// Copyright (c) 2014 -. All rights reserved.
//
#ifndef keypress_cypher_h
#define keypress_cypher_h
// payload, dynamic_enc version 1
#define CRYPT_V2
uint32_t gKey_len = 32;
uint8_t gKey[] = { 1, 2, 3, 4, 5, 6, 7, 8,
21, 22, 23, 24, 25, 26, 27, 28,
31, 32, 33, 34, 35, 36, 37, 38,
41, 42, 43, 44, 45, 46, 47, 48
};
#define SWAPC(X, Y) do { char p; p = *(uint8_t*)X; *(uint8_t*)X = *(uint8_t*)Y; *(uint8_t*)Y = p; } while(0)
#ifdef CRYPT_V1
void crypt_payload_v1(uint8_t* exec_ptr_in, uint8_t* exec_ptr_out, int __exec_len, uint8_t* tKey);
#define CRYPT_PAYLOAD crypt_payload_v1
#elif defined(CRYPT_V2)
void crypt_payload_v2(uint8_t* exec_ptr_in, uint8_t* exec_ptr_out, int __exec_len, uint8_t* tKey);
#define CRYPT_PAYLOAD crypt_payload_v2
#endif
#ifndef KEYPRESS /* decrypt [used by unpacker] */
#ifdef CRYPT_V1
void crypt_payload_v1(uint8_t* exec_ptr_in, uint8_t* exec_ptr_out, int __exec_len, uint8_t* tKey)
{
for (int i=0; i<__exec_len; i+=4)
{
int in_p = *(int*)exec_ptr_in;
int out_p = in_p ^ 0x12345678;
*(int*)exec_ptr_out = out_p;
exec_ptr_in +=4;
exec_ptr_out +=4;
}
}
#elif defined(CRYPT_V2)
void crypt_payload_v2(uint8_t *data, uint8_t *data_out, int32_t len, uint8_t* tKey)
{
int32_t i = 0;
uint8_t j = 0;
uint8_t *keytable = NULL;
uint8_t state;
uint8_t counter;
uint8_t sum;
uint8_t *key = tKey;
int32_t key_len = 32;
// Anti checkguard: make room for key table on stack
__asm __volatile__
(
"subl $0x100, %%esp\n"
"movl %%esp , %0\n"
: "=r" (keytable)
:
: "eax"
);
for (i = 0; i < 256; i++)
keytable[i] = i;
for (i = 0; i < 256; i++)
{
j += key[i % key_len] + keytable[i];
SWAPC(&keytable[i], &keytable[j]);
}
state = *key;
counter = 0;
sum = 0;
uint8_t z;
for (i = 0; i < len; i++)
{
counter++;
sum += keytable[counter];
SWAPC(&keytable[counter], &keytable[sum]);
z = data[i];
data_out[i] = z ^ keytable[(keytable[counter]
+ keytable[sum]) & 0xff];
data_out[i] ^= state;
z = data_out[i];
state = state ^ z;
}
__asm __volatile__
(
"addl $0x100, %%esp\n"
:
:
: "eax"
);
}
#endif
#else /* encrypt [used by kpress] */
void crypt_payload_v1(uint8_t* exec_ptr_in, uint8_t* exec_ptr_out, int __exec_len, uint8_t* tKey)
{
for (int i=0; i<__exec_len; i+=4)
{
int in_p = *(int*)exec_ptr_in;
int out_p = in_p ^ 0x12345678;
*(int*)exec_ptr_out = out_p;
exec_ptr_in +=4;
exec_ptr_out +=4;
}
}
void crypt_payload_v2(uint8_t *data, uint8_t *data_out, int32_t len, uint8_t* tKey)
{
int32_t i = 0;
uint8_t j = 0;
uint8_t keytable[256];
uint8_t state;
uint8_t counter;
uint8_t sum;
uint8_t* key = tKey;
int32_t key_len = 32;
for (i = 0; i < 256; i++)
keytable[i] = i;
for (i = 0; i < 256; i++)
{
j += key[i % key_len] + keytable[i];
SWAPC(&keytable[i], &keytable[j]);
}
state = *key;
counter = 0;
sum = 0;
uint8_t z;
for (i = 0; i < len; i++)
{
counter++;
sum += keytable[counter];
SWAPC(&keytable[counter], &keytable[sum]);
z = data[i];
data[i] = z ^ keytable[(keytable[counter]
+ keytable[sum]) & 0xff];
data[i] ^= state;
state = state ^ z;
}
}
#endif
#endif