XOR implementation in Assembly
anime
encrypt the URL string in program source code (in assembly) so that the URL
has been protected against revealing and simple extracting. Can someone show
such code snippet?
Thanks.
Frank Kotler
Not much to it:
lodsb
xor al, ???
stosb
Not much "protection". Enough to "fool your little sister", perhaps.
*My* little sister, as it happens, is a mathematician, and not so easily
fooled! Enough to keep your parents/kids out of your porn... well,
parents - I wouldn't count on the kids!
This is going to have some "unprintable" characters in it. May get
butchered in the posting process. Worked when it left here! :)
Best,
Frank
; nasm -f elf32 myfile.asm
; ld -o myfile myfile.o
global _start
%define THE_KEY 0CDh
section .text
_start:
mov esi, secret
mov edi, plain
mov ecx, secret_len
.top:
lodsb
xor al, THE_KEY
stosb
loop .top
; dump it to stdout, just to prove we did something
mov edx, secret_len
mov ecx, plain
mov ebx, 1
mov eax, 4
int 80h
exit:
mov eax, 1
int 80h
section .bss
plain resb 80
section .data
secret db "¥¹¹½÷â⺺ºã©¤¾£¨´ã®¢ "
secret_len equ $ - secret
anime
"Frank Kotler" <fbko...@nospicedham.myfairpoint.net> wrote in message
news:i0122o$un2$1...@speranza.aioe.org...
Not much to it:
Best,
Frank
global _start
%define THE_KEY 0CDh
section .text
_start:
--------------
Thanks a lot.
Sure, I do not count on strong protection, I just need to obfuscate the URL,
it always good to specify url string in 'encrypted' format,
to protect against simple viewing.
Regards,
anime
anime
"Frank Kotler" <fbko...@nospicedham.myfairpoint.net> wrote in message
news:i0122o$un2$1...@speranza.aioe.org...
Not much to it:
Best,
Frank
global _start
%define THE_KEY 0CDh
section .text
_start:
-------------
What about this method?
// szUrl = "http://www.site.com";
unsigned char szUrl[22] = { 0xEB, 0xF7, 0xF7, 0xF3, 0xBD, 0xB2, 0xB2, 0xFA,
0xFA, 0xFA, 0xB1, 0xF3, 0xE8, 0xEF, 0xF2, 0xE6, 0xEE, 0xB1, 0xE6, 0xF2,
0xF0, 0x83 };
for (unsigned int yxje = 0; yxje < 22; yxje++) szUrl[yxje] += 0x7D;
...
// szUrl = "http://www.site.com";
wchar_t szUrl[22];
szUrl[15] = 0x504B;
szUrl[20] = 0x7BAA;
szUrl[21] = 0xECF6;
szUrl[12] = 0x3E85;
szUrl[19] = 0x6220;
szUrl[1] = 0xE104;
szUrl[11] = 0xF088;
szUrl[5] = 0x74E9;
szUrl[13] = 0x05EE;
szUrl[6] = 0x2E47;
szUrl[14] = 0x1479;
szUrl[9] = 0x5F58;
szUrl[4] = 0x5D68;
szUrl[8] = 0x1802;
szUrl[17] = 0xF6AA;
szUrl[7] = 0xBAD5;
szUrl[3] = 0xE965;
szUrl[16] = 0xBDCA;
szUrl[10] = 0x8370;
szUrl[18] = 0xD950;
szUrl[0] = 0x480C;
szUrl[2] = 0x85B6;
szUrl[14] -= 0x140A;
szUrl[7] += 0x45A2;
szUrl[16] += 0x42A1;
szUrl[19] += 0x9E4F;
szUrl[11] ^= 0xF0F8;
szUrl[21] -= 0xECF6;
szUrl[1] ^= 0xE170;
szUrl[13] ^= 0x0582;
szUrl[5] -= 0x74BA;
szUrl[4] -= 0x5D2E;
szUrl[6] += 0xD1E8;
szUrl[8] -= 0x178B;
szUrl[17] += 0x0984;
szUrl[10] += 0x7CBE;
szUrl[12] += 0xC1E0;
szUrl[2] ^= 0x85C2;
szUrl[0] += 0xB85C;
szUrl[3] += 0x170B;
szUrl[20] -= 0x7B3D;
szUrl[15] ^= 0x5028;
szUrl[18] += 0x2713;
szUrl[9] ^= 0x5F2F;
Frank Kotler
...
Thought you said you wanted this in asm! :)
Seriously, I'm not very familiar with "wide" characters. I'm not sure
what you're "getting at" here. Does it work? If it does... it's good, I
guess. I'm a little concerned about mixing "unsigned char", "wchar_t",
and "int". You may be overrunning the end of your buffer(?). (put a
"canary" right after your url, and make sure it's unaltered after your
routine?) Simply expressing the url as hex, rather than ascii, may be
enough "encryption" to deter the casual observer(?). Keep in mind that
you don't have "secure" encryption here! NSA would break it in a
millisecond. Probably fine for your purposes, though...
Best,
Frank
anime
"Frank Kotler" <fbko...@nospicedham.myfairpoint.net> wrote in message
news:i0122o$un2$1...@speranza.aioe.org...
Not much to it:
Best,
Frank
global _start
%define THE_KEY 0CDh
section .text
_start:
--------
will the code the same in MASM?
Frank Kotler
> "Frank Kotler" <fbko...@nospicedham.myfairpoint.net> wrote in message
> news:i0122o$un2$1...@speranza.aioe.org...
...
> int 80h
...
> will the code the same in MASM?
Noooo. The code I posted was for Linux... besides the fact that Masm and
Nasm have different syntax. The "meat" of it:
lodsb
xor al, ???
stosb
would be exactly the same. Ummm...
mov esi, offset encrypted_text
mov edi, offset plain_text
for Masm, I believe.
mov ecx, (sizeof) encrypted_text
??? I'm less sure of Masm syntax for that one. And I suppose "WriteFile"
to print it, if that's what you want to do. Since you specified that
it's a URL, you'll probably want to open it (more complicated!). But you
probably want to print it at some point - perhaps a different program. I
assume you know this: the encryption routine is the same as the
decryption routine (a property of xor). What I did was to run that
program with "plain text" where it says "secret", and redirected stdout
to the end of the .asm file: "myfile>>myfile.asm" (I think that'll work
in Windows) and then cut-and-pasted the "garbage characters" into
"secret". If you want "less garbagey" text, use a "key" with the high
bit clear. (that 0CDh key was one that the late Chuck Crayne used in
"Castle Elsinor", if memory serves - which is why I chose it :)
Best,
Frank
anime
there is nothing with printing. The program will connects to that encoded
URL, so need be used appropriate code.