XOR Runtime Code Encryp'n

Cryptography
Post Reply
User avatar
ltx_Lazzarus
Posts: 148
Joined: Tue Apr 09, 2024 8:05 pm

XOR Runtime Code Encryp'n

Postby ltx_Lazzarus » Tue Jul 09, 2024 6:07 am

We're gonna do a basic XOR-based encryption on a block of memory. It first generates a random key and initialization vector (IV). Then, we'll encrypt the data using the key and IV. The key and IV are arrays of unsigned characters, just so ya know.

I know there's a few glitches and limits in this and could better, but I'll leave this job for the reader.

Code: Select all

void rand(unsigned char* data, int len, unsigned char* key, int keylen, unsigned char* iv)
{
    for (int i = 0; i < len; ++i)
    {
        data[i] = data[i] ^ key[i % keylen] ^ iv[i % keylen];
        iv[i % keylen] = data[i];
    }
}

This function called

Code: Select all

rand()
takes these parameters:

1. data: This is a pointer to the memory that needs to be encrypted. Reckon it's like a map to where the data is stored.
2. len: This is the length of the memory that's gonna be encrypted. Gotta know how much space to cover, right?
3. key: This is the encryption key used in the XOR operation. It's like a secret code that scrambles the data.
4. keylen: This is the length of the encryption key. Gotta make sure it matches the key.
5. iv: This is the initialization vector (IV) used to randomize the encryption process. It adds a bit of extra scrambling to the mix.

Alright, so inside this function, there's a loop that goes through each byte of the data. For each byte, it does a few things:
First, it takes the current byte and does a special operation called XOR with the current key byte and the current IV byte. XOR is like a secret handshake between the bytes.
Then, it updates the IV byte with the result of the XOR operation. So the IV byte gets a new value based on the XOR result. This helps randomize the encryption even more.

Code: Select all

void enc(ULONG64 ofs, ULONG64 dwSize)
{
    UCHAR* ecx = reinterpret_cast<UCHAR*>(ofs + dwSize);
    UCHAR* eax = reinterpret_cast<UCHAR*>(ofs);

    std::random_device rd;
    std::mt19937 gen(rd());
    std::uniform_int_distribution<> dis(0, 255);

    unsigned char key[32];
    std::generate_n(key, sizeof(key), [&]() { return static_cast<unsigned char>(dis(gen)); });

    unsigned char iv[32];
    std::generate_n(iv, sizeof(iv), [&]() { return static_cast<unsigned char>(dis(gen)); });

    for (; eax < ecx; eax += sizeof(UCHAR))
    {
        *eax ^= static_cast<UCHAR>(dis(gen));
         rand(eax, sizeof(UCHAR), key, sizeof(key), iv);
    }
}

This function encrypts the data in a specified memory range:

Code: Select all

enc()

It takes the params ofs (start addy of mem zone), and dwSize (size of mem zone). First, it sets up a buffer named 'ecx' for the end addy of the mem zone. Then, it makes up a random key and IV using the rand function. After that, it does an XOR op on each byte in the mem zone using the gen key and IV. Last, it returns the end addy of the mem zone.

Note: a random key and an IV are made up using the Mersenne Twister algorithm and a random_device. The key and IV are both 32 arrays filled with random nums from 0 to 255.
Top
Post Reply

Return to “Cryptography”