Jump to content
Tuts 4 You

hello all,why this VC6 project has 1 err and 0 warnning?


diskgetor

Recommended Posts

//this is from IDA F5
#include <stdio.h>
#include <stdlib.h>
#include <string.h> //memcpy

int a2=0x46004F0052005300;
 

unsigned int __cdecl sub_4E6500(int a1, int a2, int a3)
{
  unsigned int v3; // eax@1
  signed int v4; // eax@3
  int v5; // ecx@4
  char v6; // dl@4
  int v7; // ecx@4
  char v8; // dl@4
  int v9; // ecx@4
  const void *v10; // ebp@6
  char *v11; // ecx@7
  const void *v12; // eax@7
  signed int v13; // esi@7
  bool v14; // sf@9
  unsigned __int8 v15; // of@9
  const void *v16; // ebp@11
  char *v17; // ecx@12
  const void *v18; // eax@12
  signed int v19; // esi@12
  signed int v20; // eax@15
  int v21; // ecx@16
  char v22; // dl@16
  int v23; // ecx@16
  char v24; // dl@16
  int v25; // ecx@16
  unsigned int v26; // edx@17
  unsigned int v27; // edi@17
  unsigned int v28; // esi@17
  unsigned int result; // eax@17
  char v30; // bl@18
  int v31; // ecx@18
  char v32; // bl@18
  int v33; // ecx@18
  char v34; // bl@18
  int v35; // ecx@18
  char v36; // bl@18
  int v37; // ecx@18
  unsigned int v38; // [sp+10h] [bp-4h]@6
  unsigned int v39; // [sp+10h] [bp-4h]@11
  _UNKNOWN *v40; // [sp+20h] [bp+Ch]@6
  char *v41; // [sp+20h] [bp+Ch]@11

  v3 = 0;//
  do
  {
    byte_690340[v3] = (*(_BYTE *)((v3 >> 3) + a2) >> (v3 & 7)) & 1;
    ++v3;
  }
  while ( (signed int)v3 < 64 );
  v4 = 0;
  do
  {
    v5 = byte_62C301[v4];
    byte_68F9E0[v4] = byte_69033F[byte_62C300[v4]];
    v6 = byte_69033F[v5];
    v7 = byte_62C302[v4];
    byte_68F9E1[v4] = v6;
    v8 = byte_69033F[v7];
    v9 = byte_62C303[v4];
    byte_68F9E2[v4] = v8;
    byte_68F9E3[v4] = byte_69033F[v9];
    v4 += 4;
  }
  while ( v4 < 64 );
  memcpy(byte_690340, byte_68F9E0, 0x40u);
  if ( (_BYTE)a3 )
  {
    v16 = off_67A9C0;
    v39 = off_67A9BC - off_67A9C0;
    v41 = (char *)&unk_68FEB0;
    do
    {
      memcpy(&unk_690320, v16, 0x20u);
      sub_4E6080(v41);
      v17 = (char *)off_67A9BC + 2;
      v18 = v16;
      v19 = 8;
      do
      {
        *(_BYTE *)v18 ^= *((_BYTE *)v18 + v39);
        *((_BYTE *)v18 + 1) ^= *(v17 - 1);
        *((_BYTE *)v18 + 2) ^= *v17;
        *((_BYTE *)v18 + 3) ^= v17[1];
        v18 = (char *)v18 + 4;
        v17 += 4;
        --v19;
      }
      while ( v19 );
      v15 = __OFSUB__(v41 - 48, &unk_68FBE0);
      v14 = (signed int)(v41 - 48 - (char *)&unk_68FBE0) < 0;
      memcpy(off_67A9BC, &unk_690320, 0x20u);
      v41 -= 48;
    }
    while ( !(v14 ^ v15) );
  }
  else
  {
    v10 = off_67A9BC;
    v38 = off_67A9C0 - off_67A9BC;
    v40 = &unk_68FBE0;
    do
    {
      memcpy(&unk_690320, v10, 0x20u);
      sub_4E6080(v40);
      v11 = off_67A9C0 + 2;
      v12 = v10;
      v13 = 8;
      do
      {
        *(_BYTE *)v12 ^= *((_BYTE *)v12 + v38);
        *((_BYTE *)v12 + 1) ^= *(v11 - 1);
        *((_BYTE *)v12 + 2) ^= *v11;
        *((_BYTE *)v12 + 3) ^= v11[1];
        v12 = (char *)v12 + 4;
        v11 += 4;
        --v13;
      }
      while ( v13 );
      v15 = __OFSUB__((char *)v40 + 48, &unk_68FEE0);
      v14 = (signed int)((_UNKNOWN *)((char *)v40 + 48) - &unk_68FEE0) < 0;
      memcpy(off_67A9C0, &unk_690320, 0x20u);
      v40 = (char *)v40 + 48;
    }
    while ( v14 ^ v15 );
  }
  v20 = 0;
  do
  {
    v21 = byte_62C341[v20];
    byte_68F9E0[v20] = byte_69033F[byte_62C340[v20]];
    v22 = byte_69033F[v21];
    v23 = byte_62C342[v20];
    byte_68F9E1[v20] = v22;
    v24 = byte_69033F[v23];
    v25 = byte_62C343[v20];
    byte_68F9E2[v20] = v24;
    byte_68F9E3[v20] = byte_69033F[v25];
    v20 += 4;
  }
  while ( v20 < 64 );
  memcpy(byte_690340, byte_68F9E0, 0x40u);
 
  *(_DWORD *)a1 = 0xB6088ECD0B8B37C3; // orignal is 0
 
  *(_DWORD *)(a1 + 4) = 0;
  v26 = 0;
  v27 = 3;
  v28 = 2;
  result = 1;
  do
  {
    v30 = byte_69033F[result] << (v26 & 7);
    v31 = a1 + (v26 >> 3);
    v26 += 4;
    *(_BYTE *)v31 |= v30;
    v32 = byte_690340[result] << (result & 7);
    v33 = a1 + (result >> 3);
    result += 4;
    *(_BYTE *)v33 |= v32;
    v34 = byte_690340[v28] << (v28 & 7);
    v35 = a1 + (v28 >> 3);
    v28 += 4;
    *(_BYTE *)v35 |= v34;
    v36 = byte_690340[v27] << (v27 & 7);
    v37 = a1 + (v27 >> 3);
    v27 += 4;
    *(_BYTE *)v37 |= v36;
  }
  while ( (signed int)result < 65 );
  return result;
}

printf("02X%\n",a3);
system("pause");

Link to comment

I think to

 

and here

 

*(_DWORD *)a1 = 0xB6088ECD0B8B37C3; // orignal is 0a Dword ist only 4 bytes

 

Hexrays decompile not all correct ,better is you understand this Algo and rewrite it

Or rip it out as asm and use inline Asm in Cpp

Edited by ragdog
Link to comment

you'd rather use unsigned long long int for 64 bit integer representation. An integer is usually only 2^31 of information. Also hello encrypto :)


Edited by xSRTsect
Link to comment

yeah,i will check codes again.

@ragdog

couild you post a easy simple with the

ida f5 in a keygenme,then make a video.

my target used a not right DES,i want to get

this DES with _asm or ida f5,thank you again.

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...