|
|
楼主 |
发表于 2019-9-27 16:11:38
|
显示全部楼层
广东省汕头市
这是解密
.版本 2
.子程序 TEA解密32轮, 字节集, 公开, 成功返回解密后的数据,失败返回空
.参数 密文, 字节集
.参数 密钥, 字节集, , 密钥为16字节,如果提供大于16字节将忽略后面的字节
.局部变量 outLen, 整数型, , , ebp-04h
.局部变量 outData, 字节集, , , ebp-08h
.如果真 (取字节集长度 (密钥) ≥ 16)
置入代码 ({ 139, 69, 8, 139, 0, 133, 192, 116, 6, 139, 64, 4, 137, 69, 252 }) ' outLen = 取字节集长度 (密文)
.如果真 (outLen ≠ 0)
outData = 取空白字节集 (outLen)
' lea eax, [ebp-04h]
' push eax
' mov eax, dword [ebp-08h]
' add eax, 8
' push eax
' mov eax, dword [ebp+0Ch]
' mov eax, dword [eax]
' add eax, 8
' push eax
' mov eax, dword [ebp+08h]
' mov eax, dword [eax]
' add eax, 8
' push dword [eax-4]
' push eax
' call oi_symmetry_decrypt2
' test eax, eax
' jne a
' mov dword [ebp-04h], 0
' jmp a
' oi_symmetry_decrypt2:
' push ebp
' mov ebp, esp
' sub esp, 0x24
' push ebx
' mov ebx, dword [ebp+0x0C]
' mov eax, ebx
' push esi
' push edi
' and eax, 0x80000007
' jns label1
' dec eax
' or eax, 0xFFFFFFF8
' add eax, 0x01
' label1:
' jne label15
' cmp ebx, 0x10
' jl label15
' mov edi, dword [ebp+0x08]
' lea eax, dword [ebp-0x1C]
' push eax
' push dword [ebp+0x10]
' push edi
' call TeaDecryptECB
' movzx ecx, byte [ebp-0x1C]
' mov eax, ebx
' mov edx, dword [ebp+0x18]
' and ecx, 0x07
' sub eax, ecx
' sub eax, 0x0A
' cmp dword [edx], eax
' jl label15
' test eax, eax
' js label15
' mov dword [edx], eax
' xorps xmm0, xmm0
' lea eax, dword [ebp-0x24]
' mov dword [ebp-0x04], edi
' add edi, 0x08
' mov dword [ebp-0x08], eax
' lea edx, dword [ebp-0x1C]
' mov dword [ebp+0x08], 0x00000008
' mov esi, edi
' movq qword [ebp-0x24], xmm0
' lea eax, dword [ecx+0x01]
' sub esi, edx
' mov edx, dword [ebp+0x08]
' mov ecx, 0x00000001
' mov dword [ebp-0x10], ecx
' mov dword [ebp-0x0C], esi
' label2:
' cmp eax, 0x08
' jnl label3
' inc eax
' inc ecx
' mov dword [ebp-0x10], ecx
' jmp label5
' label3:
' jne label5
' mov eax, dword [ebp-0x04]
' xor ecx, ecx
' mov dword [ebp-0x08], eax
' mov eax, edx
' sub eax, edi
' mov dword [ebp-0x04], edi
' mov dword [ebp-0x14], eax
' label4:
' lea edx, dword [ebp-0x1C]
' add edx, ecx
' add esi, edx
' add eax, esi
' cmp eax, ebx
' jnl label15
' mov al, byte [esi]
' inc ecx
' xor byte [edx], al
' mov eax, dword [ebp-0x14]
' mov esi, dword [ebp-0x0C]
' cmp ecx, 0x08
' jl label4
' lea eax, dword [ebp-0x1C]
' push eax
' push dword [ebp+0x10]
' push eax
' call TeaDecryptECB
' mov edx, dword [ebp+0x08]
' add esi, 0x08
' mov ecx, dword [ebp-0x10]
' add edx, 0x08
' add edi, 0x08
' mov dword [ebp-0x0C], esi
' mov dword [ebp+0x08], edx
' xor eax, eax
' label5:
' cmp ecx, 0x02
' jle label2
' mov ecx, dword [ebp+0x18]
' mov ecx, dword [ecx]
' mov dword [ebp-0x0C], ecx
' test ecx, ecx
' je label10
' lea edx, dword [ebp-0x1C]
' mov esi, edi
' sub esi, edx
' mov edx, dword [ebp+0x08]
' mov dword [ebp+0x18], esi
' label6:
' cmp eax, 0x08
' jnl label7
' mov ecx, dword [ebp-0x08]
' mov edx, dword [ebp+0x14]
' inc dword [ebp+0x14]
' mov cl, byte [eax+ecx]
' xor cl, byte [ebp+eax-0x1C]
' inc eax
' mov byte [edx], cl
' mov ecx, dword [ebp-0x0C]
' mov edx, dword [ebp+0x08]
' dec ecx
' mov dword [ebp-0x0C], ecx
' jmp label9
' label7:
' jne label9
' mov eax, dword [ebp-0x04]
' xor ecx, ecx
' mov dword [ebp-0x08], eax
' mov eax, edx
' sub eax, edi
' mov dword [ebp-0x04], edi
' mov dword [ebp-0x14], eax
' label8:
' lea edx, dword [ebp-0x1C]
' add edx, ecx
' add esi, edx
' add eax, esi
' cmp eax, ebx
' jnl label15
' mov al, byte [esi]
' inc ecx
' xor byte [edx], al
' mov eax, dword [ebp-0x14]
' mov esi, dword [ebp+0x18]
' cmp ecx, 0x08
' jl label8
' lea eax, dword [ebp-0x1C]
' push eax
' push dword [ebp+0x10]
' push eax
' call TeaDecryptECB
' mov edx, dword [ebp+0x08]
' add esi, 0x08
' mov ecx, dword [ebp-0x0C]
' add edx, 0x08
' add edi, 0x08
' mov dword [ebp+0x18], esi
' mov dword [ebp+0x08], edx
' xor eax, eax
' label9:
' test ecx, ecx
' jne label6
' label10:
' mov esi, edi
' lea ecx, dword [ebp-0x1C]
' mov ebx, 0x00000001
' sub esi, ecx
' mov dword [ebp+0x18], ebx
' mov dword [ebp+0x14], esi
' nop
' label11:
' cmp eax, 0x08
' jnl label12
' mov ecx, dword [ebp-0x08]
' mov cl, byte [eax+ecx]
' cmp cl, byte [ebp+eax-0x1C]
' jne label15
' inc eax
' inc ebx
' mov dword [ebp+0x18], ebx
' jmp label14
' label12:
' jne label14
' mov eax, dword [ebp-0x04]
' mov ebx, edx
' xor ecx, ecx
' mov dword [ebp-0x08], eax
' mov dword [ebp-0x04], edi
' sub ebx, edi
' nop dword [eax+0x00000000]
' label13:
' lea edx, dword [ebp-0x1C]
' add edx, ecx
' add esi, edx
' lea eax, dword [esi+ebx]
' cmp eax, dword [ebp+0x0C]
' jnl label15
' mov al, byte [esi]
' inc ecx
' xor byte [edx], al
' mov esi, dword [ebp+0x14]
' cmp ecx, 0x08
' jl label13
' lea eax, dword [ebp-0x1C]
' push eax
' push dword [ebp+0x10]
' push eax
' call TeaDecryptECB
' mov edx, dword [ebp+0x08]
' add esi, 0x08
' mov ebx, dword [ebp+0x18]
' add edx, 0x08
' add edi, 0x08
' mov dword [ebp+0x14], esi
' mov dword [ebp+0x08], edx
' xor eax, eax
' label14:
' cmp ebx, 0x07
' jle label11
' pop edi
' pop esi
' mov eax, 0x00000001
' pop ebx
' mov esp, ebp
' pop ebp
' retn 0x0014
' label15:
' pop edi
' pop esi
' xor eax, eax
' pop ebx
' mov esp, ebp
' pop ebp
' retn 0x0014
' TeaDecryptECB:
' push ebp
' mov ebp, esp
' sub esp, 0x10
' push ebx
' push esi
' mov esi, dword [ebp+0x08]
' push edi
' mov eax, dword [esi]
' bswap eax
' mov edi, eax
' mov eax, dword [esi+0x04]
' bswap eax
' mov ebx, dword [ebp+0x0C]
' xor esi, esi
' mov dword [ebp+0x08], eax
' label16:
' mov eax, dword [ebx+esi*4]
' bswap eax
' mov dword [ebp+esi*4-0x10], eax
' inc esi
' cmp esi, 0x04
' jl label16
' mov ebx, dword [ebp+0x08]
' mov edx, 0xFD1228E0 ; 左移 (十六进制 (“57E89147”), 5);
' mov esi, 32 ;ROUNDS
' label17:
' mov ecx, edi
' mov eax, edi
' shr ecx, 0x05
' add ecx, dword [ebp-0x04]
' shl eax, 0x04
' add eax, dword [ebp-0x08]
' xor ecx, eax
' lea eax, dword [edx+edi]
' xor ecx, eax
' sub ebx, ecx
' mov ecx, ebx
' mov eax, ebx
' shr ecx, 0x05
' add ecx, dword [ebp-0x0C]
' shl eax, 0x04
' add eax, dword [ebp-0x10]
' xor ecx, eax
' lea eax, dword [edx+ebx]
' xor ecx, eax
' lea edx, dword [edx-0x57E89147]
' sub edi, ecx
' sub esi, 0x01
' jne label17
' bswap edi
' mov esi, dword [ebp+0x10]
' mov dword [esi], edi
' bswap ebx
' pop edi
' mov dword [esi+0x04], ebx
' pop esi
' pop ebx
' mov esp, ebp
' pop ebp
' retn 0x000C
' a:
置入代码 ({ 141, 69, 252, 80, 139, 69, 248, 131, 192, 8, 80, 139, 69, 12, 139, 0, 131, 192, 8, 80, 139, 69, 8, 139, 0, 131, 192, 8, 255, 112, 252, 80, 232, 20, 0, 0, 0, 133, 192, 15, 133, 211, 2, 0, 0, 199, 69, 252, 0, 0, 0, 0, 233, 199, 2, 0, 0, 85, 137, 229, 131, 236, 36, 83, 139, 93, 12, 137, 216, 86, 87, 37, 7, 0, 0, 128, 121, 7, 72, 131, 200, 248, 131, 192, 1, 15, 133, 13, 2, 0, 0, 131, 251, 16, 15, 140, 4, 2, 0, 0, 139, 125, 8, 141, 69, 228, 80, 255, 117, 16, 87, 232, 255, 1, 0, 0, 15, 182, 77, 228, 137, 216, 139, 85, 24, 131, 225, 7, 41, 200, 131, 232, 10, 57, 2, 15, 140, 219, 1, 0, 0, 133, 192, 15, 136, 211, 1, 0, 0, 137, 2, 15, 87, 192, 141, 69, 220, 137, 125, 252, 131, 199, 8, 137, 69, 248, 141, 85, 228, 199, 69, 8, 8, 0, 0, 0, 137, 254, 102, 15, 214, 69, 220, 141, 65, 1, 41, 214, 139, 85, 8, 185, 1, 0, 0, 0, 137, 77, 240, 137, 117, 244, 131, 248, 8, 125, 7, 64, 65, 137, 77, 240, 235, 89, 117, 87, 139, 69, 252, 49, 201, 137, 69, 248, 137, 208, 41, 248, 137, 125, 252, 137, 69, 236, 141, 85, 228, 1, 202, 1, 214, 1, 240, 57, 216, 15, 141, 109, 1, 0, 0, 138, 6, 65, 48, 2, 139, 69, 236, 139, 117, 244, 131, 249, 8, 124, 223, 141, 69, 228, 80, 255, 117, 16, 80, 232, 91, 1, 0, 0, 139, 85, 8, 131, 198, 8, 139, 77, 240, 131, 194, 8, 131, 199, 8, 137, 117, 244, 137, 85, 8, 49, 192, 131, 249, 2, 126, 150, 139, 77, 24, 139, 9, 137, 77, 244, 133, 201, 15, 132, 146, 0, 0, 0, 141, 85, 228, 137, 254, 41, 214, 139, 85, 8, 137, 117, 24, 131, 248, 8, 125, 31, 139, 77, 248, 139, 85, 20, 255, 69, 20, 138, 12, 8, 50, 76, 5, 228, 64, 136, 10, 139, 77, 244, 139, 85, 8, 73, 137, 77, 244, 235, 89, 117, 87, 139, 69, 252, 49, 201, 137, 69, 248, 137, 208, 41, 248, 137, 125, 252, 137, 69, 236, 141, 85, 228, 1, 202, 1, 214, 1, 240, 57, 216, 15, 141, 206, 0, 0, 0, 138, 6, 65, 48, 2, 139, 69, 236, 139, 117, 24, 131, 249, 8, 124, 223, 141, 69, 228, 80, 255, 117, 16, 80, 232, 188, 0, 0, 0, 139, 85, 8, 131, 198, 8, 139, 77, 244, 131, 194, 8, 131, 199, 8, 137, 117, 24, 137, 85, 8, 49, 192, 133, 201, 15, 133, 123, 255, 255, 255, 137, 254, 141, 77, 228, 187, 1, 0, 0, 0, 41, 206, 137, 93, 24, 137, 117, 20, 144, 131, 248, 8, 125, 19, 139, 77, 248, 138, 12, 8, 58, 76, 5, 228, 117, 110, 64, 67, 137, 93, 24, 235, 84, 117, 82, 139, 69, 252, 137, 211, 49, 201, 137, 69, 248, 137, 125, 252, 41, 251, 15, 31, 0, 141, 85, 228, 1, 202, 1, 214, 141, 4, 30, 59, 69, 12, 125, 68, 138, 6, 65, 48, 2, 139, 117, 20, 131, 249, 8, 124, 228, 141, 69, 228, 80, 255, 117, 16, 80, 232, 53, 0, 0, 0, 139, 85, 8, 131, 198, 8, 139, 93, 24, 131, 194, 8, 131, 199, 8, 137, 117, 20, 137, 85, 8, 49, 192, 131, 251, 7, 126, 143, 95, 94, 184, 1, 0, 0, 0, 91, 137, 236, 93, 194, 20, 0, 95, 94, 49, 192, 91, 137, 236, 93, 194, 20, 0, 85, 137, 229, 131, 236, 16, 83, 86, 139, 117, 8, 87, 139, 6, 15, 200, 137, 199, 139, 70, 4, 15, 200, 139, 93, 12, 49, 246, 137, 69, 8, 139, 4, 179, 15, 200, 137, 68, 181, 240, 70, 131, 254, 4, 124, 241, 139, 93, 8, 186, 224, 40, 18, 253, 190, 32, 0, 0, 0, 137, 249, 137, 248, 193, 233, 5, 3, 77, 252, 193, 224, 4, 3, 69, 248, 49, 193, 141, 4, 58, 49, 193, 41, 203, 137, 217, 137, 216, 193, 233, 5, 3, 77, 244, 193, 224, 4, 3, 69, 240, 49, 193, 141, 4, 26, 49, 193, 141, 146, 185, 110, 23, 168, 41, 207, 131, 238, 1, 117, 195, 15, 207, 139, 117, 16, 137, 62, 15, 203, 95, 137, 94, 4, 94, 91, 137, 236, 93, 194, 12, 0 })
置入代码 ({ 139, 69, 248, 139, 77, 252, 137, 72, 4 }) ' outData = 取字节集左边 (outData, outLen)
.如果真结束
.如果真结束
返回 (outData)
|
|
楼主: LLJ
粤公网安备 44522102000125 增值电信业务经营许可证 粤B2-20192173
发表于 2019-9-28 20:56:41
扫一扫,关注易界动态