|
論壇說明 |
歡迎您來到『史萊姆論壇』 ^___^ 您目前正以訪客的身份瀏覽本論壇,訪客所擁有的權限將受到限制,您可以瀏覽本論壇大部份的版區與文章,但您將無法參與任何討論或是使用私人訊息與其他會員交流。若您希望擁有完整的使用權限,請註冊成為我們的一份子,註冊的程序十分簡單、快速,而且最重要的是--註冊是完全免費的! 請點擊這裡:『註冊成為我們的一份子!』 |
|
主題工具 | 顯示模式 |
2003-12-12, 01:13 PM | #1 |
榮譽會員
|
Api32 keygen: learn how to use RSA
;**************** Api32 V2.5 KeyMaker for fun.asm *******************
;by: ArchFire/ATA @2002-12-14 ;* ;* ;* in this case, we will learn RSA algorithm. ;* ;* as we know that Vitaly Evseenko, the author of Apis32, once been a RCEer. So he shows how to use RAS in his little proggy ;* oh, well, it's not so hard, so just find what's happening.... ;* you'd better have look on PEDiy's BBS Seletion III for more help, thx goes to those who have witten the good tutors ;* ;* IN RSA: ;* 1. Find two prime number: p, q. the larger the better ;* 2. n=p*q, f=(p-1)*(q-1) ;* 3. Select a random number e, which is satisfied: GCD(f, e)=1. Often, we choose 7, 13, 65537.... ;* 4. Find d, where: (d*e) mod f=1 ;* 5. Encipher proc: C=(M^e) mod n ;* Decipher proc: M=(C^d) mod n ;* ;* In Apis32: ;* C=((M^7) mod 8899) mod 0bb=(M^7) mod 0bb, 'cause 8899 mod 0bb=0 ;* n=0bb=11*0b, f=10*0a=0a0, e=7, d=17 ;* so, Decipher proc: M=(C^17) mod 0bb ;* Learn and enjoy! ;* ;******************************************************************** .386 .model flat,stdcall option casemap:none include hd.h DlgProc proto WORD,WORD,WORD,WORD DeRSA proto WORD, WORD .const BUFF_SIZE equ 32 ID_MAKE equ 1002 ID_ABOUT equ 1003 ID_CLOSE equ 1004 IDC_NAME equ 1010 IDC_CODE equ 1011 OURICON equ 1020 DLG_MAIN equ 1000 .data szC db BUFF_SIZE dup (0) szM db BUFF_SIZE dup (0) szTemp db BUFF_SIZE dup (0) szFormat db "%02X", 0 MsgTitle db "TAAeyGen", 0 MsgContend db "Apis32 2.50 KeyGen for fun", 0dh, 0ah, 0dh, 0ah db " by ArchFire/ATA", 0 szInputError db "Input 8 chars please...", 0 .datat hInstance HANDLE E .code .RADIX 16 start: invoke GetModuleHandle, NULL mov hInstance,eax invoke DialogBoxParam,hInstance,DLG_MAIN,NULL,offset DlgProc,0 invoke ExitProcess,NULL DlgProc proc uses ebx edi esi, \ hWndWORD,wMsgWORD,wParamWORD,lParamWORD LOCAL Ps :PAINTSTRUCT mov eax,wMsg .if eax == WM_CLOSE invoke EndDialog,hWnd,NULL .elseif eax==WM_INITDIALOG invoke LoadIconA, hInstance, OURICON ;note: use "hInstance" instead of "hWnd"; if "dword ptr OURICON" -> PUSH WORD OURICON, wrong result test eax, eax je initerror push edi mov edi, eax invoke SendMessageA, hWnd, WM_SETICON, ICON_BIG, eax invoke SendMessageA, hWnd, WM_SETICON, ICON_SMALL, edi pop edi initerror: nop .elseif eax == WM_PAINT invoke BeginPaint,hWnd,ADDR Ps invoke FrameWindow,hWnd,0,1,1 invoke FrameWindow,hWnd,1,1,0 invoke EndPaint,hWnd,ADDR Ps xor eax, eax .elseif eax == WM_COMMAND mov eax,wParam .IF lParam!=0 .if ax==ID_MAKE invoke RtlZeroMemory, addr szC, BUFF_SIZE invoke RtlZeroMemory, addr szM, BUFF_SIZE invoke GetDlgItemText,hWnd,IDC_NAME,addr szM, BUFF_SIZE .if eax < 8 invoke SetDlgItemText,hWnd,IDC_NAME,addr szInputError .else lea esi, szC lea edi, szM invoke DeRSA, edi, esi .endif invoke SetDlgItemText,hWnd,IDC_CODE,addr szC .elseif ax==ID_CLOSE invoke EndDialog,hWnd,NULL .elseif ax==ID_ABOUT invoke MessageBox, hWnd, Addr MsgContend, Addr MsgTitle, MB_OK .endif .ENDIF .else mov eax,FALSE ret .endif mov eax,TRUE ret DlgProc ENDP DeRSA proc szNameWORD, szCodeWORD mov esi, szName push ebp xor ebp, ebp push 0bb pop ebx ; @loop2: mov edi, 16 ;hmmm, when edi=17h, we get a wrong result movzx eax, byte ptr [esi+ebp] mov ecx, eax @loop1: imul ecx cmp eax, ebx jl @next2 idiv ebx mov eax, edx @next2: dec edi jnz @loop1 add ebp, 50 xor ax, bp sub ebp, 50 mov [esi+ebp], al inc ebp cmp ebp, 8 jl @loop2 pop ebp mov edi, szCode xor ebx, ebx p_loop: xor eax, eax lodsb invoke wsprintf, addr szTemp, addr szFormat, eax cmp bl, 4 jnz @f mov al, '-' stosb @@: mov ax, word ptr [szTemp+0] stosw inc ebx cmp ebx, 08 jl p_loop ret DeRSA endp end start |
送花文章: 3,
|