團隊逆向牛的解題思路,分享出來~
0x02 內容
typedef int(*encrypt_str)(uint8_t*, uint32_t, int*);
auto h = LoadLibrary("bbcdd1f7-9983-4bf4-9fde-7f77a6b947b4.dll");
encrypt_str f = (encrypt_str)((uint8_t*)h + 0x67C + 0xC00);
int v1 = 0xEFBEADDE;
char testStr[] = "0123456789abcdefgh";
f((uint8_t *)testStr, strlen(testStr)+1, &v1);
uint8_t str[25] = { 0 };[/align] for (int n = 0; n < 25; n+=2)
{
for (int i = 0; i <= 0xFF; i++)
for (int j = 0; j <= 0xFF; j++)
{
uint8_t *data = new uint8_t[25];
memcpy(data, str, 25);
*(data + n) = (uint8_t)i;
*(data + n + 1) = (uint8_t)j;
f(data, 25, &v1);
if (data[n] == pstr[n] && data[n+1] == pstr[n+1]) {
str[n] = i;
str[n + 1] = j;
break;
}
}
}
printf("%s\n", str);
f(str, 25, &v1);
if (memcmp(str, pstr, 25) == 0)
{
printf("It's OK!\n");
}