Exetools
(
https://forum.exetools.com/index.php)
-
Source Code
(
https://forum.exetools.com/forumdisplay.php?f=46)
nvml debug log decrypt
Just for fun:
__NVML_DBG_FILE=./nvml.log __NVML_DBG_LVL=DEBUG ./sample_nvml
Code:
static uint32_t x = 0, y = 0, z = 0,
w = 0, v = 0, d = 0;
void xorwow_init_seed()
{
x = 0x0D3DAECB8, y = 0x1D4D4848, z = 0x0AA7B8E81,
w = 0x23CC0EC3, v = 0x7645F3ED, d = 0x0E44A4F49;
}
void xorwow_encrypt(char* buffer, int len)
{
int i = 0;
for(i=0 ; i < len; i++){
uint32_t t = (x^(x>>2)); x = y; y = z; z = w; w = v; v = (v^(v<<4))^(t^(t<<1));
uint32_t r = ((d+=362437)+v);
buffer[i] += (r & 0xFF);
}
return;
}
Althernative LD_PRELOAD method from Lekensteyn
hxxps://gist.github.com/Lekensteyn/c8d41c02d118aa40bc100020efde3696
|
All times are GMT +8. The time now is 11:09. |
|
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX