朋友叫我帮个忙分析一款棋牌游戏通信协议以为有难度,分析了半小时搞定既然如此简单,游戏公司赶紧改算法吧不然脱机都出来了。
加密
1:00410860 53 push ebx
2:00410861 8B5C24 08 mov ebx, dword ptr [esp+8]
3:00410865 56 push esi
4:00410866 57 push edi
5:00410867 8BCB mov ecx, ebx
6:00410869 FF15 DC7A4D00 call dword ptr 7:[<&MSVCP71.std::basic_string<char,st>;
8:MSVCP71.std::basic_string<char,std::char_traits<char>,std::allocator<char> >::data
9:0041086F 8BCB mov ecx, ebx
11:00410873 BE 02000000 mov esi, 2
12:00410878 FF15 7C7B4D00 call dword ptr [<&MSVCP71.std::basic_string<char,st>;
13:MSVCP71.std::basic_string<wchar_t,std::char_traits<wchar_t>,st14:d::allocator<wchar_t> >::size
16:00410880 76 20 jbe short 004108A2
17:00410882 8A043E mov al, byte ptr [esi+edi]
18:00410885 8AC8 mov cl, al
19:00410887 C0E9 04 shr cl, 4
20:0041088A C0E0 04 shl al, 4
21:0041088D 0AC8 or cl, al
22:0041088F 80F1 36 xor cl, 36
23:00410892 880C3E mov byte ptr [esi+edi], cl
24:00410895 8BCB mov ecx, ebx
25:00410897 46 inc esi
26:00410898 FF15 7C7B4D00 call dword ptr [<&MSVCP71.std::basic_string<char,st>;
27:MSVCP71.std::basic_string<wchar_t,std::char_traits<wchar_t>,st28:d::allocator<wchar_t> >::size
29:0041089E 3BF0 cmp esi, eax
30:004108A0 ^ 72 E0 jb short 00410882
31:004108A2 5F pop edi
32:004108A3 5E pop esi
33:004108A4 5B pop ebx
34:004108A5 C3 retn
35:解密
36:00414830 57 push edi
37:00414831 8B7C24 0C mov edi, dword ptr 38:[esp+C]
39:00414835 33C9 xor ecx, ecx
40:00414837 85FF test edi, edi
41:00414839 7E 1D jle short 00414858
42:0041483B 56 push esi
43:0041483C 8B7424 0C mov esi, dword ptr [esp+C]
44:00414840 8A0431 mov al, byte ptr [ecx+esi]
45:00414843 34 36 xor al, 36
46:00414845 8AD0 mov dl, al
47:00414847 C0EA 04 shr dl, 4
48:0041484A C0E0 04 shl al, 4
49:0041484D 0AD0 or dl, al
50:0041484F 881431 mov byte ptr [ecx+esi], dl
51:00414852 41 inc ecx
52:00414853 3BCF cmp ecx, edi
53:00414855 ^ 7C E9 jl short 00414840
54:00414857 5E pop esi
55:00414858 5F pop edi
56:00414859 C3 retn
