aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2025-12-19 23:14:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

adding final sections

Browse Source
This commit is contained in:
Amanda Rousseau
2017-08-10 15:55:32 -07:00
parent b7d24bccba
commit 190c7206be
7 changed files with 359 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
RE102/decrypt_shellcode.py Normal file
View File

@@ -0,0 +1,44 @@
import os
import sys
def key_schedule(key):
keylength = len(key)
S = range(256)
j = 0
for i in range(256):
k = ord(key[i % keylength])
j = (j + S[i] + k) % 256
S[i], S[j] = S[j], S[i] # swap
return S, j
with open(sys.argv[1], 'rb') as key_file, open(sys.argv[2], 'rb') as encrypted, open("decrypted_shellcode.bin", 'wb') as out:
key_size = os.path.getsize(sys.argv[1]) # 0x20
key = key_file.read(key_size)
S, j = key_schedule(key)
"""
A normal RC4 stream algorithm
resets j before a second use.
"""
# j = 0
i = 0
shellcode_size = os.path.getsize(sys.argv[2]) # 0x65E4
while (shellcode_size > 0):
char = encrypted.read(1)
i = (i + 1) % 256
j = (j + S[i]) % 256
# swap
S[i], S[j] = S[j], S[i]
k = S[(S[i] + S[j]) % 256]
shellcode_size -= 1
out.write(chr(ord(char) ^ k))
out.close()
key_file.close()
encrypted.close()