C ++ XOR加密 [英] C++ XOR encryption
问题描述
这是GitHub的回购: https:// github。 com / Jyang772 / XOR_Crypter
我有两个问题。
- 首先,为什么我必须继续更改我的文件权限才能启动
每个输出的.exe(由Builder.exe创建的文件不是编译器)?它创建一个文件共享。我必须右键点击它,并选择与没有人分享。这是否与文件访问权限和安全权限有关?我使用CreateFile()和Readfile读写输入和输出文件。
http://msdn.microsoft.com/en-us/library/windows/desktop/aa363858(v = vs85).aspx
- 第二个,我似乎无法使XOR加密工作。对于我所做的工作,似乎很美元
。字节大小相同。当我正在调查时,我有Builder和Stub每个都输出一个没有加密的文件数据的文件。他们是一样的。然后我尝试用加密的数据。毫无疑问,使用密码对数据进行了加密,但是后来在存根解密时它会显示为空白。我很困惑。
这是我的XOR实现:
fs =字节大小
Rsize =字节大小
应该相同。
生成器:
char cipher [] =penguin; (int i = 0; i< fs; i ++)
{
FB [i] ^ = cipher [i%strlen(cipher)]; // Simple Xor chiper
}
存根:
char cipher [] =penguin; (int i = 0; i< Rsize; i ++)
{
RData [i] ^ = cipher [i%strlen(cipher)];
}
如果要在Builder和Stub中注释加密功能,封闭的文件运行正常。呃,除了权限错误。
我还试图添加一个选项菜单,用户可以在其中选择使用的加密方法。也许我可能在那里做错了? Builder.exe将一个包含用户选择的字节添加到 FB 缓冲区的末尾。 Stub.exe读取并确定使用哪种加密方法来解密数据。
首先,使用XOR加密,您的加密和解密功能应该相同: p>
void xor_crypt(const char * key,int key_len,char * data,int data_len)
{
for (int i = 0; i< data_len; i ++)
data [i] ^ = key [i%key_len];
}
您应该能够在XOR Crypter中使用相同的功能程序以及您的Stub程序。
这不是一个非常C ++的风格;通常你会使用 std :: string 或 std :: vector 。例如:
void xor_crypt(const std :: string& key,std :: vector< char> data)
{
for(size_t i = 0; i!= data.size(); i ++)
data [i] ^ = key [i%key.size()];
}
然后在调用这个的程序中,你会声明:
std :: string key =penguin;
你会像这样读你的文件:
std :: vector< char> file_data; //使用您当前的程序,使其成为全局。
fs = GetFileSize(efile,NULL);
file_data.resize(fs); //设置矢量长度等于文件大小
//注意:如果您有C ++ 11支持,则使用file_data.data()替换&((file_data [0])
ReadFile efile,(LPVOID)(&(file_data [0])),fs,& bt,NULL);
if(fs!= bt)
//读取文件错误:在这里报告。
然后,您只需使用 xor_crypt(key,file_data) code>。要将XOR加密数据写入您的资源,我相信您可以通过以下方式调用现有的函数:
//替换& (file_data [0]),file_data.data()如果C ++ 11
WriteToResources(输出,1,(BYTE *)&(file_data [0]),file_data.size());
我怀疑真正的问题是您正在使用的Windows API。 LoadResource 为您提供可变数据,还是需要复制?我不知道Windows API,但如果 LoadResource 给你一个只读副本,我不会感到惊讶。
如果您确实需要自己创建副本才能修改资源,那么在Stub程序中恢复XOR-crypted资源应该如下所示:
std :: vector< char> RDATA;
void资源(int id)
{
size_t Rsize;
HRSRC hResource = FindResource(NULL,MAKEINTRESOURCE(1),RT_RCDATA);
HGLOBAL temp = LoadResource(NULL,hResource);
Rsize = SizeofResource(NULL,hResource);
RData.resize(RSize);
memcpy((void *)&(RData [0]),temp,RSize); //用RData.data()替换& RData [0]如果C ++ 11
}
并且您的Stub中的解密应该只是 xor_crypt(key,RData); 。
switch(RData [strlen(RData)-1] )
一旦你对数据进行XOR加密,一些字节将变为零。因此, strlen()函数将不会返回 RData 中最后一个字节的索引。而且,还有一个不同的,更微妙的错误:它返回字符串的最后一个字节,而不是资源的最后一个字节。我看不出这条线是否正确无误;相反,我怀疑你的程序在加密被禁用时工作,尽管如此,通过切换到默认值。
如果您真的打算根据资源有效负载的最后一个字节来区分不同类型的数据,那么您应该只使用Windows API返回的大小来查找该字节。
如果您按照我上面的建议切换到使用 vector< char> ,那么可以使用 RData.back()。否则,如果继续使用 char * ,则该字节将为 RData [RSize - 1] 。
After reading several white papers on cryptography and runtime PE crypters, I decided to write my own. It's very simple and only for educational purposes.
Here is the GitHub repo: https://github.com/Jyang772/XOR_Crypter
I have two questions.
- First, why do I have to keep changing my file permissions to start
every outputted .exe (File created by Builder.exe not the compiler)? It creates a file that is
Shared. I have to right click it and select share withNobody. Does this have something to do with the File Access and Security Rights? I am usingCreateFile()andReadfileto read and write the input and output files.
http://msdn.microsoft.com/en-us/library/windows/desktop/aa363858(v=vs.85).aspx
- Second, I can't seem to get XOR encryption to work. It seems pretty straight forward for what I have done. The byte sizes are the same. While I was investigating, I had the Builder and the Stub each output a file with the file data unencrypted. They are the same. Then I tried with the data encrypted. There is no doubt the data is encrypted with the cipher, however it shows up blank when it is decrypted by the stub later on. I'm confused.
Here is my XOR implementation:
fs = byte size Rsize = byte size Should be the same.
Builder:
char cipher[] ="penguin";
for (int i = 0; i < fs; i++)
{
FB[i] ^= cipher[i % strlen(cipher)]; // Simple Xor chiper
}
Stub:
char cipher[] = "penguin";
for (int i = 0; i < Rsize; i++)
{
RData[i] ^= cipher[i % strlen(cipher)];
}
If I were to comment out the encryption function in the Builder and Stub, the crypted file runs fine. Uhh, except with the permissions error.
I'm also trying to include a options menu where the user can select the encryption method used. Perhaps I might have done something wrong there? The Builder.exe adds one byte containing the user's choice to the end of FB buffer. Stub.exe reads that and determines which encryption method is used to decrypt the data.
First off, with XOR "encryption", your "encrypt" and "decrypt" functions should be the same:
void xor_crypt(const char *key, int key_len, char *data, int data_len)
{
for (int i = 0; i < data_len; i++)
data[i] ^= key[ i % key_len ];
}
You should be able to use this same function in both the "XOR Crypter" program as well as your "Stub" program.
It's not a very C++ style; ordinarily you'd use std::string or std::vector. For example:
void xor_crypt(const std::string &key, std::vector<char> data)
{
for (size_t i = 0; i != data.size(); i++)
data[i] ^= key[ i % key.size() ];
}
Then in the program that calls this, you'd declare:
std::string key = "penguin";
and you'd read your file in like so:
std::vector<char> file_data; // With your current program, make this a global.
fs = GetFileSize(efile, NULL);
file_data.resize(fs); // set vector length equal to file size
// Note: Replace &( file_data[0] ) with file_data.data() if you have C++11 support
ReadFile(efile, (LPVOID)( &( file_data[0] )), fs, &bt, NULL);
if (fs != bt)
// error reading file: report it here.
Then you would simply encrypt with xor_crypt( key, file_data );. To write the XOR-crypted data to your resource, I believe you'd call your existing function with:
// replace &( file_data[0] ) with file_data.data() if C++11
WriteToResources(output, 1, (BYTE *)&( file_data[0] ), file_data.size() );
I suspect the real issue is with the Windows APIs you're using. Does LoadResource give you mutable data, or are you required to copy it? I don't know the Windows API, but I wouldn't be surprised if LoadResource gives you a read-only copy.
If you do need to make your own copy in order to modify the resource, then in your "Stub" program recovering the XOR-crypted resource should look something like this:
std::vector<char> RData;
void Resource(int id)
{
size_t Rsize;
HRSRC hResource = FindResource(NULL, MAKEINTRESOURCE(1), RT_RCDATA);
HGLOBAL temp = LoadResource(NULL, hResource);
Rsize = SizeofResource(NULL, hResource);
RData.resize(RSize);
memcpy( (void*)&(RData[0]), temp, RSize ); // replace &RData[0] with RData.data() if C++11
}
and the decryption in your "Stub" should just be xor_crypt( key, RData );.
I have one last thought. The biggest bug I see in your "Stub" program is this line:
switch (RData[strlen(RData)-1])
Once you've XOR-crypted your data, some of the bytes will become zero. The strlen() function will not return the index of the last byte in your RData as a result. And, there's a different, more subtle error: This returns the last byte of the string, not the last byte of the resource. I can't really see how this line was ever correct; rather, I suspect your program was working when encryption was disabled in spite of itself, by falling through to the default of the switch-case.
If you really intend to distinguish between different types of data based on the last byte of the resource payload, then you really should just use the size returned by the Windows API to find that byte.
If you switch to using vector<char> as I suggest above, then you can find that with RData.back(). Otherwise, if you continue using char *, then that byte would be RData[RSize - 1].
这篇关于C ++ XOR加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
