RC4 KSA per shuffling opcodes

2017-05-18 18:21:01 +02:00 · 2017-05-18 18:21:01 +02:00 · 167230d18d
commit 167230d18d
parent 1490a6e6fc
3 changed files with 33 additions and 20 deletions
--- a/assembler/assembler.py
+++ b/assembler/assembler.py
@ -56,7 +56,7 @@ class VMAssembler:

    def __init__(self, key):
        self.assembled_code = bytearray()
-        self.define_ops(key)
+        self.encrypt_ops(key)

    def parse(self, instruction):
        action = getattr(self, "{}".format(instruction.opcode.method))
@ -179,15 +179,20 @@ class VMAssembler:
        self.assembled_code += opcode.uint8()
        return

-    def define_ops(self, key):
+    def encrypt_ops(self, key):
        key_ba = bytearray(key, 'utf-8')
        olds = copy.deepcopy(ops)
-        for b in key_ba:
-            for op_com in ops:
-                op_com.set_value(rol(b ^ op_com.value, b % 8, 8))
-        for i in ops:
-            for j in ops:
-                j.set_value(rol(j.value, i.value % 8, 8))
+        
+        # RC4 KSA! :-P
+        arr = [i for i in range(256)]
+        j = 0
+        for i in range(len(arr)):
+            j = (j + arr[i] + key_ba[i % len(key)]) % len(arr)
+            arr[i], arr[j] = arr[j], arr[i]
+        
+        for i, o in enumerate(ops):
+            o.set_value(arr[i])
+            
        for o, n in zip(olds, ops):
            print("{} : {}->{}".format(o.name, hex(o.value), hex(n.value)))

--- a/vm/vm.cpp
+++ b/vm/vm.cpp
@ -9,18 +9,26 @@ unsigned rol(unsigned x, int L, int N) {
  return (x << L) | (lsbs >> (N - L));
 }

-void VM::defineOpcodes(uint8_t *key) {
-  uint32_t i, j, keysize;
+void VM::encryptOpcodes(uint8_t *key) {
+  uint8_t arr[256];
+  uint32_t i, j, tmp, keysize;
  keysize = strlen((char *)key);
-  for (i = 0; i < keysize; i++) {
-    for (j = 0; j < NUM_OPS; j++) {
-      OPS[j] = rol(key[i] ^ OPS[j], key[i] % 8, 8);
+
+  /*
+  RC4 KSA! :-D
+  */
+  for (i = 0; i < 256; i++) {
+    arr[i] = i;
  }
+  j = 0;
+  for (i = 0; i < 256; i++) {
+    j = (j + arr[i] + key[i % keysize]) % 256;
+    tmp = arr[i];
+    arr[i] = arr[j];
+    arr[j] = tmp;
  }
  for (i = 0; i < NUM_OPS; i++) {
-    for (j = 0; j < NUM_OPS; j++) {
-      OPS[j] = rol(OPS[j], OPS[i] % 8, 8);
-    }
+    OPS[i] = arr[i];
  }
 #ifdef DBG
  //#TODO ASSEGNARE I NOMI AGLI OPCODES
@ -135,7 +143,7 @@ VM::VM(uint8_t *key) {
  DBG_SUCC(("Creating VM without code.\n"));
  as.allocate();
  initVariables();
-  defineOpcodes(key);
+  encryptOpcodes(key);
 }

 VM::VM(uint8_t *key, uint8_t *code, uint32_t codesize) {
@ -144,7 +152,7 @@ VM::VM(uint8_t *key, uint8_t *code, uint32_t codesize) {
    as.insCode(code, codesize);
  }
  initVariables();
-  defineOpcodes(key);
+  encryptOpcodes(key);
 }

 void VM::initVariables(void) {
--- a/vm/vm.h
+++ b/vm/vm.h
@ -23,7 +23,7 @@ private:
  // FUNCTIONS
  ///////////////////////
  void initVariables(void);
-  void defineOpcodes(uint8_t *key);
+  void encryptOpcodes(uint8_t *key);
  /*
  DBG UTILS
  */