Exetools  

Go Back   Exetools > General > Source Code

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 08-22-2020, 11:44
winndy winndy is offline
VIP
 
Join Date: Sep 2005
Posts: 236
Rept. Given: 104
Rept. Rcvd 26 Times in 12 Posts
Thanks Given: 27
Thanks Rcvd at 16 Times in 13 Posts
winndy Reputation: 26
nvml debug log decrypt

Just for fun:

__NVML_DBG_FILE=./nvml.log __NVML_DBG_LVL=DEBUG ./sample_nvml


Code:
static uint32_t x = 0, y = 0, z = 0,
                w = 0, v = 0, d = 0;

void xorwow_init_seed()
{
    x = 0x0D3DAECB8, y = 0x1D4D4848, z = 0x0AA7B8E81,
                w = 0x23CC0EC3, v = 0x7645F3ED, d = 0x0E44A4F49;
}

void xorwow_encrypt(char* buffer, int len)
{
    int i = 0;
    for(i=0 ; i < len; i++){
        uint32_t t = (x^(x>>2)); x = y; y = z; z = w; w = v; v = (v^(v<<4))^(t^(t<<1));
        uint32_t r = ((d+=362437)+v);
        buffer[i] += (r & 0xFF);
    }
    return;
}
Althernative LD_PRELOAD method from Lekensteyn

hxxps://gist.github.com/Lekensteyn/c8d41c02d118aa40bc100020efde3696
Reply With Quote
The Following User Says Thank You to winndy For This Useful Post:
niculaita (08-25-2020)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Decrypt Keysight WFM ... debugasm Source Code 1 01-01-2022 20:16


All times are GMT +8. The time now is 18:47.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )