ADWorld [rev] EASYHOOK

一个对WriteFile进行hook的windows逆向. 很容易就找到加密函数,(明天还要期末考试)就不硬刚汇编了,虽然这道题的汇编也不难.

本来密码学基础就不好外加很久没做逆向题,刚开始写脚本还磕磕绊绊.

def encrypt(text):
    for i in range(len(text)):
        if i == 18:
            text[i] ^= 0x13
        else:
            if i % 2 == 0:
                tmp = text[i + 2]
            else:
                tmp = text[i] - i
            text[i] = i ^ tmp


def decrypt(text):
    for i in range(len(text) - 1, -1, -1):
        if i == 18:
            text[i] ^= 0x13
        else:
            tmp = text[i] ^ i
            if i % 2 == 0:
                text[i + 2] = tmp
            else:
                text[i] = tmp + i


s = [0x61, 0x6A, 0x79, 0x67, 0x6B, 0x46, 0x6D, 0x2E, 0x7F, 0x5F, 0x7E, 0x2D, 0x53, 0x56, 0x7B, 0x38, 0x6D, 0x4C, 0x6E]
decrypt(s)
print(''.join(list(map(chr, s))))