Compare commits
3 Commits
bd731786d3
...
05ad0c6364
Author | SHA1 | Date | |
---|---|---|---|
|
05ad0c6364 | ||
|
b758947a87 | ||
|
10b01187a4 |
333
INSTRUCTION_SET.md
Normal file
333
INSTRUCTION_SET.md
Normal file
@ -0,0 +1,333 @@
|
|||||||
|
# Architecture
|
||||||
|
|
||||||
|
Pasticciotto uses the Harvard Architecture meaning its code is separated from its data and also from its stack. This allowed me to materialize my idea for the **PoliCTF** challenge: I could run the code the partecipants assembled without any hassle!
|
||||||
|
![Structure]
|
||||||
|
|
||||||
|
There are 8 general purpose registers (`R0` to `S3`) with `S0 -> S3` being "scratch" ones. There is a `RP` register (Return Pointer) and obviously the `IP` (Instruction Pointer).
|
||||||
|
|
||||||
|
# Opcode encryption
|
||||||
|
|
||||||
|
The VM needs a decryption key to run: the opcodes are "encrypted" with the key by the assembler. The encryption algorithm is the `RC4` key scheduling shuffle. Once the values are shuffled, the `opcodes` are assigned according to their definition order.
|
||||||
|
|
||||||
|
```python
|
||||||
|
key_ba = bytearray(key, 'utf-8')
|
||||||
|
# RC4 KSA! :-P
|
||||||
|
arr = [i for i in range(256)]
|
||||||
|
j = 0
|
||||||
|
for i in range(len(arr)):
|
||||||
|
j = (j + arr[i] + key_ba[i % len(key)]) % len(arr)
|
||||||
|
arr[i], arr[j] = arr[j], arr[i]
|
||||||
|
|
||||||
|
for i, o in enumerate(ops):
|
||||||
|
o.set_value(arr[i])
|
||||||
|
```
|
||||||
|
|
||||||
|
# Instruction set
|
||||||
|
The instruction set I come out wants to be "RISC"-oriented but I have to admit that it is more "CISC"-oriented *(Confusing Instruction Set Computer)*.
|
||||||
|
Also, since I decided that every instruction had to be 4 chars long, some name adaptation may have encountered some quality issue... (yes, `POP`, I'm looking at you)
|
||||||
|
|
||||||
|
**The syntax used is the Intel one!**
|
||||||
|
|
||||||
|
There **three types** of instructions:
|
||||||
|
1. with 2 operands (*imm2reg*, *reg2imm*, *byt2reg*, *reg2reg*)
|
||||||
|
2. with 1 operand
|
||||||
|
3. with no operand at all (*single*)
|
||||||
|
|
||||||
|
![Instruction]
|
||||||
|
## MOVI
|
||||||
|
```
|
||||||
|
Full name: MOVe Immediate to register
|
||||||
|
Usage: MOVI R0, 0x00
|
||||||
|
Effect: R0 contains the value 0x00
|
||||||
|
```
|
||||||
|
## MOVR
|
||||||
|
```
|
||||||
|
Full name: MOVe Register to register
|
||||||
|
Usage: MOVR R1, R0
|
||||||
|
Effect: R0 is copied into R1
|
||||||
|
```
|
||||||
|
## LODI
|
||||||
|
```
|
||||||
|
Full name: LOaD Immediate offset @ data section to register
|
||||||
|
Usage: LODI R0, 0x0
|
||||||
|
Effect: R0 contains data[0x0]
|
||||||
|
```
|
||||||
|
## LODR
|
||||||
|
```
|
||||||
|
Full name: LOaD offset in Register @ data section to register
|
||||||
|
Usage: LODR R1, R0
|
||||||
|
Effect: R1 contains data[R1]
|
||||||
|
```
|
||||||
|
## STRI
|
||||||
|
```
|
||||||
|
Full name: SToRe @ immediate offset in data section from register
|
||||||
|
Usage: STRI 0x0, R0
|
||||||
|
Effect: data[0x0] contains R0
|
||||||
|
```
|
||||||
|
## STRR
|
||||||
|
```
|
||||||
|
Full name: SToRe @ offset of Register in data section from register
|
||||||
|
Usage: STRR R1, R0
|
||||||
|
Effect: data[R1] contains R0
|
||||||
|
```
|
||||||
|
## ADDI
|
||||||
|
```
|
||||||
|
Full name: ADD Immediate to register
|
||||||
|
Usage: ADDI R0, 0x1
|
||||||
|
Effect: R0 is incremented by 0x1
|
||||||
|
```
|
||||||
|
## ADDR
|
||||||
|
```
|
||||||
|
Full name: ADD Register to register
|
||||||
|
Usage: ADDR R1, R0
|
||||||
|
Effect: R1 is incremented by R0
|
||||||
|
```
|
||||||
|
## SUBI
|
||||||
|
```
|
||||||
|
Full name: SUBstract Immediate from register
|
||||||
|
Usage: SUBI R0, 0x1
|
||||||
|
Effect: R0 is decremented by 0x1
|
||||||
|
```
|
||||||
|
## SUBR
|
||||||
|
```
|
||||||
|
Full name: SUBstract Register from register
|
||||||
|
Usage: SUBR R1, R0
|
||||||
|
Effect: R1 is decremented by R0
|
||||||
|
```
|
||||||
|
## ANDB
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## ANDW
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## ANDR
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## YORB
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## YORW
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## YORR
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## XORB
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## XORW
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## XORR
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## NOTR
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## MULI
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## MULR
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## DIVI
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## DIVR
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## SHLI
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## SHLR
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## SHRI
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## SHRR
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## PUSH
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## POOP
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## CMPB
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## CMPW
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## CMPR
|
||||||
|
```
|
||||||
|
Full name:
|
||||||
|
Usage:
|
||||||
|
Effect:
|
||||||
|
```
|
||||||
|
## JMPI
|
||||||
|
```
|
||||||
|
Full name: JuMP to Immediate
|
||||||
|
Usage: JMPI 0x00
|
||||||
|
Effect: Unconditional jump to 0x00
|
||||||
|
```
|
||||||
|
## JMPR
|
||||||
|
```
|
||||||
|
Full name: JuMP to Register
|
||||||
|
Usage: JMPR R0
|
||||||
|
Effect: Unconditional jump to R0
|
||||||
|
```
|
||||||
|
## JPAI
|
||||||
|
```
|
||||||
|
Full name: JumP if Above to Immediate
|
||||||
|
Usage: JPAI 0x00
|
||||||
|
Effect: Jumps to code[0x00] according to last comparison
|
||||||
|
```
|
||||||
|
## JPAR
|
||||||
|
```
|
||||||
|
Full name: JumP if Above to Register
|
||||||
|
Usage: JPAR R0
|
||||||
|
Effect: Jumps to code[R0] according to last comparison
|
||||||
|
```
|
||||||
|
## JPBI
|
||||||
|
```
|
||||||
|
Full name: JumP if Below or equal to Immediate
|
||||||
|
Usage: JPBI 0x00
|
||||||
|
Effect: Jumps to code[0x00] according to last comparison
|
||||||
|
```
|
||||||
|
## JPBR
|
||||||
|
```
|
||||||
|
Full name: JumP if Below or equal to Register
|
||||||
|
Usage: JPBR R0
|
||||||
|
Effect: Jumps to code[R0] according to last comparison
|
||||||
|
```
|
||||||
|
## JPEI
|
||||||
|
```
|
||||||
|
Full name: JumP if Equal to Immediate
|
||||||
|
Usage: JPEI 0x00
|
||||||
|
Effect: Jumps to code[0x00] according to last comparison
|
||||||
|
```
|
||||||
|
## JPER
|
||||||
|
```
|
||||||
|
Full name: JumP if Equal to Register
|
||||||
|
Usage: JPER R0
|
||||||
|
Effect: Jumps to code[R0] according to last comparison
|
||||||
|
```
|
||||||
|
## JPNI
|
||||||
|
```
|
||||||
|
Full name: JumP if Not equal to Immediate
|
||||||
|
Usage: JPNI 0x00
|
||||||
|
Effect: Jumps to code[0x00] according to last comparison
|
||||||
|
```
|
||||||
|
## JPNR
|
||||||
|
```
|
||||||
|
Full name: JumP if Not equal to Register
|
||||||
|
Usage: JPNR R0
|
||||||
|
Effect: Jumps to code[R0] according to last comparison
|
||||||
|
```
|
||||||
|
## CALL
|
||||||
|
```
|
||||||
|
Full name: CALL function
|
||||||
|
Usage: CALL *function*
|
||||||
|
Effect: Saves the next instruction address into RP and jumps to the start of the function
|
||||||
|
```
|
||||||
|
## RETN
|
||||||
|
```
|
||||||
|
Full name: RETurN
|
||||||
|
Usage: RETN
|
||||||
|
Effect: Restores the RP into the IP and jumps to the IP
|
||||||
|
```
|
||||||
|
## SHIT
|
||||||
|
```
|
||||||
|
Full name: Well...
|
||||||
|
Usage: SHIT
|
||||||
|
Effect: Halts the execution
|
||||||
|
```
|
||||||
|
## NOPE
|
||||||
|
```
|
||||||
|
Full name: NOP(e)
|
||||||
|
Usage: NOPE
|
||||||
|
Effect: Does nothing for an instruction
|
||||||
|
```
|
||||||
|
## GRMN
|
||||||
|
```
|
||||||
|
Full name: GeRMaNo
|
||||||
|
Usage: GRMN
|
||||||
|
Effect: Sets every register (excluding IP and RP) to GG
|
||||||
|
```
|
||||||
|
## DEBG
|
||||||
|
```
|
||||||
|
Full name: DEBuG
|
||||||
|
Usage: DEBG
|
||||||
|
Effect: Prints the status of every register and the flags
|
||||||
|
```
|
||||||
|
|
||||||
|
[Instruction]: ./res/instruction.png
|
||||||
|
[Structure]: ./res/structure.png
|
48
README.md
48
README.md
@ -1 +1,47 @@
|
|||||||
VM con ISA diversi e bytecode generati casualmente.
|
![Pasticciotto]
|
||||||
|
|
||||||
|
# What is this?
|
||||||
|
Pasticciotto is a virtual machine which can be used to obfuscate code. It was developed for the **PoliCTF 17** as a reversing challenge.
|
||||||
|
|
||||||
|
I wanted to experiment with VM obfuscation since it was a topic that caught my attention while reversing challenges for various CTFs. So, I decided to write one **from scratch** in order to understand better how instruction set architectures are implemented!
|
||||||
|
|
||||||
|
The design and the implementation behind Pasticciotto are not state-of-the-art but hey, it works!
|
||||||
|
|
||||||
|
# What about the challenge?
|
||||||
|
I do not want to spoil the challenge for those that haven't completed it yet. Check out some write-up online!
|
||||||
|
|
||||||
|
# Instruction set
|
||||||
|
Check out the file [INSTRUCTION_SET.MD](IS) to understand how the VM works and which operations it can do! Watch out for some spoilers if you haven't completed the challenge though!
|
||||||
|
|
||||||
|
# Why "Pasticciotto"?
|
||||||
|
In Italian, "Pasticciotto" has two meanings!
|
||||||
|
|
||||||
|
The first one is **"little mess"** which perfectly describes how I put up this project. The second one is a typical dessert from Southern Italy, Salento! It's filled with cream! Yum!
|
||||||
|
|
||||||
|
# Contributions
|
||||||
|
|
||||||
|
Any contribution is **very** welcome! Feel free to open issues and pull requests!
|
||||||
|
|
||||||
|
|
||||||
|
# License
|
||||||
|
```
|
||||||
|
Copyright 2017 Giulio De Pasquale
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy of this
|
||||||
|
software and associated documentation files (the "Software"), to deal in the Software
|
||||||
|
without restriction, including without limitation the rights to use, copy, modify, merge,
|
||||||
|
publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons
|
||||||
|
to whom the Software is furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all copies or
|
||||||
|
substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
|
||||||
|
INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
|
||||||
|
PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE
|
||||||
|
FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
|
||||||
|
OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
|
||||||
|
DEALINGS IN THE SOFTWARE.
|
||||||
|
```
|
||||||
|
[Pasticciotto]: ./res/pasticciotto.png
|
||||||
|
[IS]: ./INSTRUCTION_SET.md
|
@ -55,7 +55,7 @@ class VMAssembler:
|
|||||||
self.data = data
|
self.data = data
|
||||||
self.assembled_code = bytearray()
|
self.assembled_code = bytearray()
|
||||||
self.functions = []
|
self.functions = []
|
||||||
self.decrypt_ops(key)
|
self.encrypt_ops(key)
|
||||||
self.parse_functions()
|
self.parse_functions()
|
||||||
self.resolve_functions_offsets()
|
self.resolve_functions_offsets()
|
||||||
self.resolve_symbols()
|
self.resolve_symbols()
|
||||||
@ -252,7 +252,7 @@ class VMAssembler:
|
|||||||
self.assembled_code += opcode.uint8()
|
self.assembled_code += opcode.uint8()
|
||||||
return
|
return
|
||||||
|
|
||||||
def decrypt_ops(self, key):
|
def encrypt_ops(self, key):
|
||||||
key_ba = bytearray(key, 'utf-8')
|
key_ba = bytearray(key, 'utf-8')
|
||||||
olds = copy.deepcopy(ops)
|
olds = copy.deepcopy(ops)
|
||||||
|
|
||||||
|
81
polictf/pasticciotto_server.cpp
Normal file
81
polictf/pasticciotto_server.cpp
Normal file
@ -0,0 +1,81 @@
|
|||||||
|
#include "../vm/vm.h"
|
||||||
|
#include "../vm/debug.h"
|
||||||
|
#include <fstream>
|
||||||
|
#include <iostream>
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <time.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
#define KEYLEN 15
|
||||||
|
#define CODESIZE 0x300
|
||||||
|
#define DATAKEYLEN 30
|
||||||
|
|
||||||
|
void gen_random(uint8_t *s, const int len) {
|
||||||
|
srand(time(NULL));
|
||||||
|
static const char alphanum[] = "0123456789"
|
||||||
|
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||||
|
"abcdefghijklmnopqrstuvwxyz";
|
||||||
|
for (int i = 0; i < len; ++i) {
|
||||||
|
s[i] = alphanum[rand() % (sizeof(alphanum) - 1)];
|
||||||
|
}
|
||||||
|
|
||||||
|
s[len] = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
unsigned char encrypted_data[] = {
|
||||||
|
0xcc, 0x8d, 0x5a, 0xcc, 0x73, 0xb5, 0xf2, 0xa3, 0xf3, 0x92,
|
||||||
|
0xa8, 0x8f, 0x2f, 0xf1, 0x3e, 0xf4, 0x69, 0x00, 0x4a, 0xcb,
|
||||||
|
0xed, 0xc4, 0x57, 0x9b, 0xf6, 0x9a, 0x78, 0x46, 0x83, 0xe9};
|
||||||
|
unsigned int encrypted_data_len = 30;
|
||||||
|
|
||||||
|
int main(int argc, char *argv[]) {
|
||||||
|
uint8_t *key = new uint8_t[KEYLEN], *decdatasec = new uint8_t[DATAKEYLEN],
|
||||||
|
*flag = new uint8_t[DATAKEYLEN];
|
||||||
|
uint8_t *clientcode;
|
||||||
|
uint8_t i;
|
||||||
|
uint32_t clientcodesize, bytesread;
|
||||||
|
FILE *datap, *flagp;
|
||||||
|
|
||||||
|
gen_random(key, KEYLEN);
|
||||||
|
printf("Use this: \"%s\"\n", key);
|
||||||
|
printf("How much data are you sending me?\n");
|
||||||
|
scanf("%d", &clientcodesize);
|
||||||
|
printf("Go ahead then!\n");
|
||||||
|
clientcode = new uint8_t[clientcodesize];
|
||||||
|
bytesread = read(0, clientcode, clientcodesize);
|
||||||
|
if (bytesread != clientcodesize) {
|
||||||
|
printf("ERROR! Couldn't read everything!\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
VM vm(key, clientcode, clientcodesize);
|
||||||
|
vm.as.insData(encrypted_data, encrypted_data_len);
|
||||||
|
vm.run();
|
||||||
|
|
||||||
|
datap = fopen("./res/decrypteddatasection.txt", "r");
|
||||||
|
if (datap == NULL) {
|
||||||
|
printf("Couldn't open decrypteddatasection.txt!\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
fscanf(datap, "%s", decdatasec);
|
||||||
|
fclose(datap);
|
||||||
|
|
||||||
|
for (i = 0; i < DATAKEYLEN; i++) {
|
||||||
|
if (vm.as.data[i] != decdatasec[i]) {
|
||||||
|
DBG_INFO(("Checking data[%d]..\n", i));
|
||||||
|
printf("Nope!\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
flagp = fopen("./res/flag.txt", "r");
|
||||||
|
if (flagp == NULL) {
|
||||||
|
printf("Couldn't open flag.txt!\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
fscanf(flagp, "%s", flag);
|
||||||
|
fclose(flagp);
|
||||||
|
printf("Congratulations!\nThe flag is: %s\n", flag);
|
||||||
|
return 0;
|
||||||
|
}
|
1
polictf/res/decrypteddatasection.txt
Normal file
1
polictf/res/decrypteddatasection.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
TheDataSectionHasBeenEncrypted
|
1
polictf/res/flag.txt
Normal file
1
polictf/res/flag.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
PoliCTF17{DajeFunziona}
|
BIN
res/instruction.png
Normal file
BIN
res/instruction.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 18 KiB |
BIN
res/pasticciotto.png
Normal file
BIN
res/pasticciotto.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 186 KiB |
BIN
res/structure.png
Normal file
BIN
res/structure.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 23 KiB |
2
res/structure.svg
Normal file
2
res/structure.svg
Normal file
File diff suppressed because one or more lines are too long
After Width: | Height: | Size: 19 KiB |
@ -11,15 +11,15 @@ void encrypt(uint16_t *v) {
|
|||||||
uint16_t k1 = 0x7065; // "pe"
|
uint16_t k1 = 0x7065; // "pe"
|
||||||
uint16_t k2 = 0x7275; // "ru"
|
uint16_t k2 = 0x7275; // "ru"
|
||||||
uint16_t k3 = 0x6e73; // "ns"
|
uint16_t k3 = 0x6e73; // "ns"
|
||||||
printf("v0: 0x%x, v1: 0x%x\n", v0, v1);
|
// printf("v0: 0x%x, v1: 0x%x\n", v0, v1);
|
||||||
for (i = 0; i < 128; i++) {
|
for (i = 0; i < 128; i++) {
|
||||||
sum += delta;
|
sum += delta;
|
||||||
v0 += ((v1 << 4) + k0) ^ (v1 + sum) ^ ((v1 >> 5) + k1);
|
v0 += ((v1 << 4) + k0) ^ (v1 + sum) ^ ((v1 >> 5) + k1);
|
||||||
v1 += ((v0 << 4) + k2) ^ (v0 + sum) ^ ((v0 >> 5) + k3);
|
v1 += ((v0 << 4) + k2) ^ (v0 + sum) ^ ((v0 >> 5) + k3);
|
||||||
//printf("Intermediate v0: 0x%x | v1: 0x%x\n", v0, v1);
|
// printf("Intermediate v0: 0x%x | v1: 0x%x\n", v0, v1);
|
||||||
}
|
}
|
||||||
printf("SUM: 0x%x\n", sum);
|
// printf("SUM: 0x%x\n", sum);
|
||||||
printf("v0: 0x%x, v1: 0x%x\n", v0, v1);
|
// printf("v0: 0x%x, v1: 0x%x\n", v0, v1);
|
||||||
v[0] = v0;
|
v[0] = v0;
|
||||||
v[1] = v1;
|
v[1] = v1;
|
||||||
}
|
}
|
||||||
@ -35,13 +35,10 @@ int main(int argc, char *argv[]) {
|
|||||||
buf = (uint8_t *)malloc(buflen);
|
buf = (uint8_t *)malloc(buflen);
|
||||||
memcpy(buf, argv[1], buflen);
|
memcpy(buf, argv[1], buflen);
|
||||||
for (i = 0; i < buflen; i++) {
|
for (i = 0; i < buflen; i++) {
|
||||||
printf("----\n");
|
|
||||||
encrypt((uint16_t *)&buf[i]);
|
encrypt((uint16_t *)&buf[i]);
|
||||||
}
|
}
|
||||||
printf("Result:\n");
|
|
||||||
for (i = 0; i < buflen; i++) {
|
for (i = 0; i < buflen; i++) {
|
||||||
printf("%02x", buf[i]);
|
printf("%c", buf[i]);
|
||||||
}
|
}
|
||||||
printf("\n");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
2
vm/vm.h
2
vm/vm.h
@ -18,7 +18,6 @@ private:
|
|||||||
uint16_t regs[0xb];
|
uint16_t regs[0xb];
|
||||||
flags_t flags;
|
flags_t flags;
|
||||||
|
|
||||||
VMAddrSpace as;
|
|
||||||
////////////////////////
|
////////////////////////
|
||||||
// FUNCTIONS
|
// FUNCTIONS
|
||||||
///////////////////////
|
///////////////////////
|
||||||
@ -82,6 +81,7 @@ private:
|
|||||||
public:
|
public:
|
||||||
VM(uint8_t *key);
|
VM(uint8_t *key);
|
||||||
VM(uint8_t *key, uint8_t *code, uint32_t codesize);
|
VM(uint8_t *key, uint8_t *code, uint32_t codesize);
|
||||||
|
VMAddrSpace as;
|
||||||
void status(void);
|
void status(void);
|
||||||
void run();
|
void run();
|
||||||
};
|
};
|
||||||
|
Loading…
Reference in New Issue
Block a user