diff options
| author | segfault <segfault@secmail.pro> | 2019-05-05 17:48:42 +0200 |
|---|---|---|
| committer | segfault <segfault@secmail.pro> | 2019-05-05 17:48:42 +0200 |
| commit | 76e89361f6cba455934dd19bce0deae1ab1c73e6 (patch) | |
| tree | a5301b897a725171cffc73149932220b6c322e7d | |
| parent | 21144d5cb548f8fad5583e77fcce51e2e0a707e9 (diff) | |
_DEBUG macro check example, CRET_CHECK *before* (en|de)cryption but *after* validating, crypt_return documentation, fix for Windoze VirtualProtect: DWORD *old_protect can not be NULL
Signed-off-by: segfault <segfault@secmail.pro>
| -rw-r--r-- | example.c | 7 | ||||
| -rw-r--r-- | funccrypt.c | 16 | ||||
| -rw-r--r-- | funccrypt.h | 8 |
3 files changed, 21 insertions, 10 deletions
@@ -37,6 +37,7 @@ int main(void) { srand(time(NULL)); +#ifdef _DEBUG printf("Before Encryption:\n"); printf("crypted_fn:\n"); printHexBuf((uint8_t *)crypted_fn, 160, 32); @@ -44,7 +45,7 @@ int main(void) printHexBuf((uint8_t *)crypted_fn2, 160, 32); printf("crypted_fn3:\n"); printHexBuf((uint8_t *)crypted_fn3, 160, 32); - +#endif printf("\nAfter Encryption:\n"); printf("crypted_fn return val: %s\n", crypt_strs[ crypt_func((void *)crypted_fn) ]); @@ -59,11 +60,11 @@ int main(void) printHexBuf((uint8_t *)crypted_fn2, 160, 32); printf("crypted_fn3:\n"); printHexBuf((uint8_t *)crypted_fn3, 160, 32); - +#ifdef _DEBUG printf("\noutput:\n"); printf("crypted_fn: 0x%X\n", crypted_fn(0, NULL, NULL)); crypted_fn2(); crypted_fn3(NULL, (unsigned int)-1, "TEST"); - +#endif return 0; } diff --git a/funccrypt.c b/funccrypt.c index de51405..bfb0b31 100644 --- a/funccrypt.c +++ b/funccrypt.c @@ -61,7 +61,6 @@ crypt_return crypt_func(void *fn_start) if (cret == CRET_EPILOGUE && i >= sizeof *hdr) { - cret = CRET_CHECK; #if _DEBUG printf("Prologue Marker: %p\n", pro); printf("Epilogue Marker: %p\n", epi); @@ -81,6 +80,7 @@ crypt_return crypt_func(void *fn_start) #endif ) { + cret = CRET_CHECK; #ifdef __linux__ mbuf = (uint8_t *)( (long int)hdr & ~(sysconf(_SC_PAGESIZE) - 1) ); if (!mprotect(mbuf, sysconf(_SC_PAGESIZE), PROT_READ|PROT_WRITE|PROT_EXEC)) @@ -92,17 +92,23 @@ crypt_return crypt_func(void *fn_start) { if (hdr->crpyted == 0x00) { hdr->crpyted = 0xFF; - hdr->key = (uint64_t) rand() << 32; - hdr->key |= rand(); +#ifdef __linux__ + hdr->key = (uint64_t) rand() << 32; + hdr->key |= (uint64_t) rand(); +#else + hdr->key = (uint64_t) rand() << 48; + hdr->key |= (uint64_t) rand() << 32; + hdr->key |= (uint64_t) rand() << 16; + hdr->key |= (uint64_t) rand(); +#endif } for (i = 0; i < crypt_size / 0x8; ++i) { hdr->func_body[i] ^= hdr->key; } - #ifdef __linux__ if (!mprotect(mbuf, sysconf(_SC_PAGESIZE), PROT_READ|PROT_EXEC)) #else - if (VirtualProtect(mbuf, crypt_size, old_prot, NULL)) + if (VirtualProtect(mbuf, crypt_size, old_prot, &old_prot)) #endif cret = CRET_OK; } diff --git a/funccrypt.h b/funccrypt.h index 6b1f95c..2e80340 100644 --- a/funccrypt.h +++ b/funccrypt.h @@ -5,7 +5,7 @@ #include <stdint.h> #if !defined(__GNUC__) || !defined(__GNUC_MINOR__) -#error "This is only verified to work with GCC compiler!" +#error "This is only verified to work with a GCC compiler!" #endif /* Force GCC struct for MingW compilers and pack them, @@ -21,7 +21,11 @@ typedef struct crypt_header { } GCC_PACKED crypt_header; typedef enum crypt_return { - CRET_ERROR, CRET_PROLOGUE, CRET_EPILOGUE, CRET_CHECK, CRET_OK + CRET_ERROR /* Neither prologue marker nor epilogue marker found. */, + CRET_PROLOGUE /* prologue marker found */, + CRET_EPILOGUE /* epilogue marker found */, + CRET_CHECK /* all pre (en|de)cryption checks successful */, + CRET_OK /* (en|de)cryption succeeded */ } crypt_return; #define CRYPT_FUNC_MAXSIZ 0x100 |