4 Replies - 1275 Views - Last Post: 30 July 2012 - 08:14 AM

#1 user_name  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 4
  • Joined: 26-July 12

X86 assembly instructions

Posted 26 July 2012 - 12:06 PM

Hey guys,


Does anyone know how to decrypt the following encryption routine? Basically I have an encryption key, I enter it, then I am asked to enter a 6 letter word which then gets encrypted. How shall I decrypt this?
Thanks

 encrypt: push edx 
          push ecx 
          not eax 
          add eax,0x04 
          mov edx,eax 
          pop eax 
          xor eax,edx 
          pop edx 
          rol al,1 
          rol al,1
          rol al,1 
          sub al,0x02 
          ret

This post has been edited by GunnerInc: 26 July 2012 - 04:04 PM
Reason for edit:: Code tags


Is This A Good Question/Topic? 0
  • +

Replies To: X86 assembly instructions

#2 GunnerInc  Icon User is offline

  • "Hurry up and wait"
  • member icon




Reputation: 858
  • View blog
  • Posts: 2,277
  • Joined: 28-March 11

Re: X86 assembly instructions

Posted 26 July 2012 - 04:06 PM

Do you know any Assembly? I would start from the end of the function and inverse all the operations. If it is a sub, make it add, rotate left would become rotate right.
Was This Post Helpful? 1
  • +
  • -

#3 user_name  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 4
  • Joined: 26-July 12

Re: X86 assembly instructions

Posted 27 July 2012 - 06:33 AM

View PostGunnerInc, on 26 July 2012 - 04:06 PM, said:

Do you know any Assembly? I would start from the end of the function and inverse all the operations. If it is a sub, make it add, rotate left would become rotate right.


I have tried that but it didn't work.For the Inputs: register EAX = Encryption Key value and ECX = the character to be encrypted. Outputs: register EAX = the encrypted value of the source character. I am using the std calling convention to pass parameters. I have tried changing rol to ror and sub to add and vice versa but it isn't seem to be working.


decrypt:

push ebp             


mov  ebp , esp  

mov eax, [ebp + 8] 

mov ecx, [ebp + 12]        

push eax 

not eax 

add eax,0x04

mov edx,eax 

pop eax  

ror al,1

ror al,1    

ror al, 1 

xor eax,edx          

add al,0x02           

pop ebp 

 ret 



Was This Post Helpful? 0
  • +
  • -

#4 ishkabible  Icon User is offline

  • spelling expret
  • member icon




Reputation: 1622
  • View blog
  • Posts: 5,709
  • Joined: 03-August 09

Re: X86 assembly instructions

Posted 28 July 2012 - 04:41 PM

you have to reverse the order too, you have to undo the sub ...,2 first, then the rotations, then xor(xor with key to get to reverse it), then the add ...,4, then the not(not is it's own inverse), etc.. it's just like algebra really

pay attention to the use of 'al' in it as well and how the key and data are being moved around. as I was working this out it got a bit tricky. the meaning of the variables changes, also, sub al, 2 is not necessarily the same thing as sub eax, 2 so you have to to reverse it in the proper size too. also, you have to consider how the key changes and how that effects the order. you have to preform the *same* operations on the key to get what it was xor'd with.

This post has been edited by ishkabible: 28 July 2012 - 04:48 PM

Was This Post Helpful? 2
  • +
  • -

#5 user_name  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 4
  • Joined: 26-July 12

Re: X86 assembly instructions

Posted 30 July 2012 - 08:14 AM

View Postishkabible, on 28 July 2012 - 04:41 PM, said:

you have to reverse the order too, you have to undo the sub ...,2 first, then the rotations, then xor(xor with key to get to reverse it), then the add ...,4, then the not(not is it's own inverse), etc.. it's just like algebra really

pay attention to the use of 'al' in it as well and how the key and data are being moved around. as I was working this out it got a bit tricky. the meaning of the variables changes, also, sub al, 2 is not necessarily the same thing as sub eax, 2 so you have to to reverse it in the proper size too. also, you have to consider how the key changes and how that effects the order. you have to preform the *same* operations on the key to get what it was xor'd with.


You mentioned that I need to undo the operations, do you mean something along the lines of doing the opposite of everything so add eax,0x04 becomes sub eax,0x04 and sub al,0x02 becomes add al,0x02 etc.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1