Assembly Language for Beginners

(Jeff_L) #1

8.9. BREAKING SIMPLE EXECUTABLE CRYPTOR


#!/usr/bin/env python
import sys, hexdump, array


def xor_strings(s,t):


https://en.wikipedia.org/wiki/XOR_cipher#Example_implementation


"""xor two strings together"""
return "".join(chr(ord(a)^ord(b)) for a,b in zip(s,t))


IV=array.array('B', [147, 94, 252, 218, 38, 192, 199, 213, 225, 112, 143, 108, 10, 3, 128,⤦
Ç232]).tostring()


def chunks(l, n):
n = max(1, n)
return [l[i:i + n] for i in range(0, len(l), n)]


def read_file(fname):
file=open(fname, mode='rb')
content=file.read()
file.close()
return content


def decrypt_byte(i, k):
return chr ((ord(i)-k) % 256)


def decrypt(buf):
return "".join(decrypt_byte(buf[i], i) for i in range(16))


fout=open(sys.argv[2], mode='wb')


prev=IV
content=read_file(sys.argv[1])
tmp=chunks(content, 16)
for c in tmp:
new_c=decrypt(c)
p=xor_strings (new_c, prev)
prev=xor_strings(c, p)
fout.write(p)
fout.close()


(Source code can downloadedhere.)


Let’s check resulting file:


$ objdump -b binary -m i386 -D decrypted.bin


...


5: 8b ff mov %edi,%edi
7: 55 push %ebp
8: 8b ec mov %esp,%ebp
a: 51 push %ecx
b: 53 push %ebx
c: 33 db xor %ebx,%ebx
e: 43 inc %ebx
f: 84 1d a0 e2 05 01 test %bl,0x105e2a0
15: 75 09 jne 0x20
17: ff 75 08 pushl 0x8(%ebp)
1a: ff 15 b0 13 00 01 call *0x10013b0
20: 6a 6c push $0x6c
22: ff 35 54 d0 01 01 pushl 0x101d054
28: ff 15 b4 13 00 01 call *0x10013b4
2e: 89 45 fc mov %eax,-0x4(%ebp)
31: 85 c0 test %eax,%eax
33: 0f 84 d9 00 00 00 je 0x112
39: 56 push %esi
3a: 57 push %edi
3b: 6a 00 push $0x0
3d: 50 push %eax
3e: ff 15 b8 13 00 01 call *0x10013b8
44: 8b 35 bc 13 00 01 mov 0x10013bc,%esi
https://en.wikipedia.org/wiki/XOR_cipher#Example_implementation - Assembly Language for Beginners - free download pdf - issuhub">
Free download pdf