aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2025-12-19 15:14:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update re102_section4.md

Browse Source
This commit is contained in:
SECURED.ORG
2017-08-10 22:50:57 -07:00
committed by GitHub
parent 2453e1959d
commit 97b2164241
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
RE102/re102_section4.md
View File

@@ -60,7 +60,7 @@ Cryptographic algorithms are often grouped into two major categories: symmetric
![alt text](https://securedorg.github.io/RE102/images/Section4_cipher.png "Section4_cipher") ![alt text](https://securedorg.github.io/RE102/images/Section4_cipher.png "Section4_cipher")
For every subkey K in this algorithm, it has to loop through each K to XOR and Swap. In the disassembly you will be able to see this looping, incrementing, and swapping action going on. Now lets look at sub_45B5AC. For every subkey K in this algorithm, it has to loop through each K to XOR and Swap. In the disassembly you will be able to see this looping, incrementing, and swapping action going on. Now lets look at `sub_45B5AC`.
![alt text](https://securedorg.github.io/RE102/images/Section4_looping.png "Section4_looping") ![alt text](https://securedorg.github.io/RE102/images/Section4_looping.png "Section4_looping")
@@ -84,4 +84,4 @@ In the beginning of this section, it mentioned you need to be suspicious of NOP
The next subsection will go over identifying which cryptographic algorithm this malware is using. The next subsection will go over identifying which cryptographic algorithm this malware is using.
[Section 3.2 <- Back](https://securedorg.github.io/RE102/section3.2) | [Next -> Section 4.1](https://securedorg.github.io/RE102/section4.1) [Section 3.2 <- Back](https://securedorg.github.io/RE102/section3.2) | [Next -> Section 4.1](https://securedorg.github.io/RE102/section4.1)