You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

685 lines
43 KiB
C#

2 years ago
using System;
using System.Collections.Generic;
using System.Runtime.InteropServices;
using System.Text;
using System.IO;
using System.Linq;
namespace BirdyKeygen {
public class Crypt32 {
static long CRYPT_NEWKEYSET = 0x8;
static long CRYPT_DELETEKEYSET = 0x10;
static long CRYPT_MACHINE_KEYSET = 0x20;
static long CRYPT_SILENT = 0x40;
static long CRYPT_DEFAULT_CONTAINER_OPTIONAL = 0x80;
static long CRYPT_VERIFYCONTEXT = 0xF0000000;
static int PROV_RSA_FULL = 1;
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CryptAcquireContext(
ref IntPtr hProv,
string pszContainer,
string pszProvider,
uint dwProvType,
uint dwFlags);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CryptCreateHash(
IntPtr hProv,
uint algId,
IntPtr hKey,
uint dwFlags,
ref IntPtr phHash);
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CryptHashData(
IntPtr hHash,
byte[] pbData,
uint dataLen,
uint flags);
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool CryptSetKeyParam(
IntPtr hKey,
int dwParam,
ref uint pbData,
int dwFlags
);
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CryptDeriveKey(
IntPtr hProv,
int Algid,
IntPtr hBaseData,
int flags,
ref IntPtr phKey);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CryptEncrypt(
IntPtr hKey,
IntPtr hHash,
int Final,
uint dwFlags,
byte[] pbData,
ref uint pdwDataLen,
uint dwBufLen);
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool CryptDecrypt(
IntPtr hKey,
IntPtr hHash,
int Final,
uint dwFlags,
byte[] pbData,
ref uint pdwDataLen);
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool CryptDestroyHash(IntPtr hHash);
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool CryptDestroyKey(IntPtr phKey);
[DllImport("Advapi32.dll", EntryPoint = "CryptReleaseContext", CharSet = CharSet.Unicode, SetLastError = true)]
public static extern bool CryptReleaseContext(IntPtr hProv, Int32 dwFlags /* Reserved. Must be 0. */);
}
public class ShittyEncryptionManager : IDisposable {
private IntPtr phHandle = IntPtr.Zero;
private IntPtr phHash = IntPtr.Zero;
private IntPtr phKey = IntPtr.Zero;
private static byte[] tplShittyKey = new byte[] {
0x73, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00, 0x70, 0x00, 0x54, 0x00, 0x50, 0x00, 0x4c, 0x00,
0x70, 0x00, 0x61, 0x00, 0x67, 0x00, 0x65, 0x00, 0x72, 0x00, 0x73, 0x00, 0x6c, 0x00, 0x65, 0x00,
0x63, 0x00, 0x61, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x72, 0x00, 0x6f, 0x00, 0x75, 0x00, 0x6e, 0x00,
0x2e, 0x00, 0x4e, 0x00, 0x45, 0x00, 0x54, 0x00, 0x45, 0x00, 0x72, 0x00, 0x72, 0x00, 0x6f, 0x00,
0x72, 0x00, 0x20, 0x00, 0x25, 0x00, 0x31, 0x00, 0x4f, 0x00, 0x4b, 0x00, 0x5f, 0x00, 0x20, 0x00,
0x2b, 0x00, 0x2d, 0x00, 0x2a, 0x00, 0x2f, 0x00, 0x4d, 0x00, 0x65, 0x00, 0x73, 0x00, 0x73, 0x00,
0x61, 0x00, 0x67, 0x00, 0x65, 0x00, 0x20, 0x00, 0x25, 0x00, 0x31, 0x00, 0x20, 0x00, 0x4e, 0x00,
0x4f, 0x00, 0x45, 0x00, 0x52, 0x00, 0x52, 0x00, 0x4f, 0x00, 0x52, 0x00, 0x20, 0x00, 0x21, 0x00
};
public ShittyEncryptionManager() {
if (Crypt32.CryptAcquireContext(ref phHandle, null, null, 0x18, 0) == false) throw new Exception();
if (Crypt32.CryptCreateHash(phHandle, 0x800C, IntPtr.Zero, 0, ref phHash) == false) throw new Exception();
if (Crypt32.CryptHashData(phHash, tplShittyKey, (uint)tplShittyKey.Length, 0) == false) throw new Exception();
if (Crypt32.CryptDeriveKey(phHandle, 0x660E, phHash, 0, ref phKey) == false) throw new Exception();
uint keyParams = 0x01;
if (Crypt32.CryptSetKeyParam(phKey, 4, ref keyParams, 0) == false) throw new Exception();
if (Crypt32.CryptDestroyHash(phHash) == false) throw new Exception();
}
public byte[] Encrypt(byte[] data) {
byte[] paramCopy = data;
uint paramCopyLen = (uint)paramCopy.Length;
uint paramCopyBufferLen = paramCopyLen;
Crypt32.CryptEncrypt(phKey, IntPtr.Zero, 1, 0, paramCopy, ref paramCopyLen, paramCopyBufferLen);
return paramCopy.Take((int)paramCopyLen).ToArray();
}
public byte[] Decrypt(byte[] data) {
byte[] paramCopy = data;
uint paramCopyLen = (uint)paramCopy.Length;
Crypt32.CryptDecrypt(phKey, IntPtr.Zero, 1, 0, paramCopy, ref paramCopyLen);
return paramCopy.Take((int)paramCopyLen).ToArray();
}
public void Dispose() {
if (Crypt32.CryptDestroyKey(phKey) == false) throw new Exception();
if (Crypt32.CryptReleaseContext(phHandle, 0) == false) throw new Exception();
}
}
public class TPLLicenseKanker : IDisposable {
ShittyEncryptionManager encryptionManager;
public TPLLicenseKanker() {
encryptionManager = new ShittyEncryptionManager();
}
public struct TPLKanker {
public string Datafuck;
public byte lastFuck;
}
private string CreateMD5(byte[] inputBytes) {
using (System.Security.Cryptography.MD5 md5 = System.Security.Cryptography.MD5.Create()) {
byte[] hashBytes = md5.ComputeHash(inputBytes);
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hashBytes.Length; i++) {
sb.Append(hashBytes[i].ToString("X2"));
}
return sb.ToString().ToLower();
}
}
public string ReadLicense(byte[] data) {
Console.WriteLine("ReadLicense");
List<string> serials = new List<string>();
string fileText = Encoding.ASCII.GetString(data);
if (fileText.StartsWith("BinaryFile") == false) throw new Exception("not a valid file");
string dataHash = fileText.Substring("BinaryFile".Length, 32);
Console.WriteLine("License MD5: {0}", dataHash);
string dataBase64 = fileText.Split("\n")[1];
Console.WriteLine("License B64: {0}", dataBase64);
byte[] encryptedData = System.Convert.FromBase64String(dataBase64);
encryptedData = encryptedData.Take(encryptedData.Length).ToArray();
Console.WriteLine("License BIN: {0}", System.BitConverter.ToString(encryptedData).Replace("-", ""));
byte[] decryptedData = encryptionManager.Decrypt(encryptedData);
Console.WriteLine("Decrypted BIN: {0} UStrLen={1:X2}", System.BitConverter.ToString(decryptedData).Replace("-", ""), UStrLen(decryptedData));
//byte[] weirdKankerData = Program.tpl_DeFuck(decryptedData);
//Console.WriteLine("Weird Kanker BIN: {0}", System.BitConverter.ToString(weirdKankerData).Replace("-", ""));
byte[] decodedData = TCrypt_Decode(decryptedData);
Console.WriteLine("Decoded BIN: {0}", System.BitConverter.ToString(decodedData).Replace("-", ""));
string decodedDataMD5 = CreateMD5(decodedData);
Console.WriteLine("Decoded MD5: {0}", decodedDataMD5);
string decodedText = Encoding.ASCII.GetString(decodedData);
Console.WriteLine("Decoded TXT: {0}", decodedText);
serials.AddRange(decodedText.Split('*'));
return decodedText;
}
public byte[] WriteLicense(string decodedText) {
Console.WriteLine("WriteLicense");
//string decodedText = "EncrLic*" + string.Join('*', serials) + "*";
byte[] decodedData = Encoding.ASCII.GetBytes(decodedText);
Console.WriteLine("Decoded BIN: {0}", System.BitConverter.ToString(decodedData).Replace("-", ""));
string decodedDataMD5 = CreateMD5(decodedData);
Console.WriteLine("Decoded MD5: {0}", decodedDataMD5);
byte[] encodedData = TCrypt_Encode(decodedData);
Console.WriteLine("Encoded BIN: {0}", System.BitConverter.ToString(encodedData).Replace("-", ""));
byte[] encryptedData = encryptionManager.Encrypt(encodedData);
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.Append("BinaryFile");
stringBuilder.AppendLine(decodedDataMD5);
stringBuilder.Append(Convert.ToBase64String(encryptedData));
return Encoding.ASCII.GetBytes(stringBuilder.ToString());
}
private uint UStrLen(byte[] bytes) {
return (uint)System.Text.Encoding.Unicode.GetString(bytes).Length;
}
private byte[] TCrypt_Decode(byte[] decryptedData) {
List<byte> output = new List<byte>();
uint length = UStrLen(decryptedData) - 1;
ushort wChar;
int i = 0;
for (; i < length * 2; i += 2) {
wChar = (ushort)(decryptedData[i] | decryptedData[i + 1] << 8);
wChar ^= 0x004D07A0 & 0xFFFF;
wChar /= 0x4D;
//output.Add((byte)((wChar >> 8) & 0xFF));
output.Add((byte)(wChar & 0xFF));
}
wChar = (ushort)(decryptedData[i] | decryptedData[i + 1] << 8);
wChar ^= 0x004D07A0 & 0xFFFF;
wChar /= 0x4D;
Console.WriteLine("Special Last Fuckbyte wChar={0:X2} | uint16={1:X4} | &i={2:X2} | &i+1={3:X2}", wChar, (ushort)(decryptedData[i] | decryptedData[i + 1] << 8), decryptedData[i], decryptedData[i + 1]);
//Console.WriteLine(BitConverter.ToString(output.ToArray()));
//Console.WriteLine(System.Text.Encoding.UTF8.GetString(output.ToArray()));
return output.ToArray();
}
private byte[] TCrypt_Encode(byte[] decodedData) {
List<byte> output = new List<byte>();
List<byte> _lol = new List<byte>();
_lol.AddRange(decodedData);
_lol.Add((byte)decodedData.Length);
ushort wChar;
foreach(byte chr in _lol) {
wChar = (ushort)chr;
//Console.WriteLine("wChar 0 hex={0:X4}", wChar);
//.WriteLine("wChar 1 hex={0:X4}", wChar);
wChar *= 0x4D;
wChar ^= 0x004D07A0 & 0xFFFF;
//Console.WriteLine("wChar 2 hex={0:X4}", wChar);
output.Add((byte)(wChar & 0xFF));
output.Add((byte)(wChar >> 8 & 0xFF));
}
wChar = 0x1337;
output.Add((byte)(wChar & 0xFF));
output.Add((byte)(wChar >> 8 & 0xFF));
return output.ToArray();
}
public void Dispose() {
this.encryptionManager.Dispose();
}
}
class Program {
static void Main2(string[] args) {
//var rawText = "EncrLic*20200303598227*BI6TGP162123916*";
var rawText = "EncrLic*BI6133713371337*";
//BI6133713371337
Console.WriteLine("RAWText=({1})>{0}", rawText, rawText.Length);
byte[] raw = System.Text.Encoding.ASCII.GetBytes(rawText);
Console.WriteLine("RAWBytes=({1})>{0}", BitConverter.ToString(raw), raw.Length);
byte[] fucked = tpl_Enfuck2(raw);
Console.WriteLine("Fucked=({1})>{0}", BitConverter.ToString(fucked), fucked.Length);
if (fucked.Length > 0) {
byte[] unfucked = tpl_DeFuck2(fucked);
Console.WriteLine("Unfucked=({1})>{0}", BitConverter.ToString(unfucked), unfucked.Length);
Console.WriteLine("Unfucked=({1})>{0}", System.Text.Encoding.ASCII.GetString(unfucked), unfucked.Length);
}
}
static void Main(string[] args) {
using (TPLLicenseKanker tplLicenseKanker = new TPLLicenseKanker()) {
//string newSerials = tplLicenseKanker.ReadLicense(File.ReadAllBytes("210517.TPL_Encr"));
//new List<string> { "BI6TGP162123916", "" }; // BI613370CHEETAH // BI6133713371337 // B6133713374200
//File.WriteAllBytes("210517_DUPE.TPL_Encr", tplLicenseKanker.WriteLicense(newSerials));
Console.WriteLine("\n\nReadLic Original 1");
Console.WriteLine(tplLicenseKanker.ReadLicense(File.ReadAllBytes("BirdyWPEuroBOS_250521.TPL_Encr")));
Console.WriteLine("\n\nReadLic Original 2");
Console.WriteLine(tplLicenseKanker.ReadLicense(File.ReadAllBytes("210517.TPL_Encr")));
Console.WriteLine("\n\nReadLic Original 3");
Console.WriteLine(tplLicenseKanker.ReadLicense(File.ReadAllBytes("dirk.TPL_Encr")));
Console.WriteLine("FransenTest\n\n");
Console.WriteLine(tplLicenseKanker.ReadLicense(File.ReadAllBytes("Fransen.TPL_Encr")));
Console.WriteLine("\n\n");
//File.WriteAllBytes("Fransen.TPL_Encr", tplLicenseKanker.WriteLicense("EncrLic*BI6TGP162123916*"));
/*Console.WriteLine("ReadLic DUPE");
Console.WriteLine(tplLicenseKanker.ReadLicense(File.ReadAllBytes("210517_DUPE.TPL_Encr")));*/
/*
foreach (string serialNumber in tplLicenseKanker.ReadLicense(File.ReadAllBytes("BirdyWPEuroBOS_250521.TPL_Encr"))) {
Console.WriteLine("license serial {0}", serialNumber);
}*/
}
}
public void noexec() {
//////////////
var data = "8484caecd0ef65740c8dbdd094320aae99dc234c2a2455d056de4f61c7aafc389e9d68866118f19406647f6fa56f1ab26dacaff26efa2d6898841633e4e99bffbec6ec509809ea7de28428169d7911c0b11119a7a1afe980f50111e82a650e2479c06743ba361adf9952d77e7cfc93682b3c90d32dd82fa628d742e5f43a0083362f6df090e5816d9b189ce836daeb8c57bea5c0e69685f566cd86f88d2f9bb2d8073f58c5e0938d3ebcb6478113bf6361e074b637e5e28f542e24547498d7fcdb9e33d9868baea23efe9a0ba427bc555f1156751d40dfc6224cfef61d46c18173ede39efc45f20f574df0fbc2a4e36c2b5a9ac5817fd7b72f32ffaddd1105d65869e3815eaba8afd62f6d345793ae3f";
//var data = "6113b626671aea257c113518671a020b1d09aa081d095108f708d009f708d00985167817f7085108aa08020b1d09aa081d095108f708d009f708d00985167817f7089e177817020b7a147c111d09fb122f11d81d1d098516aa08d0091d09781785169e175108020b7a147c111d09fb122f11d81df708aa08aa08d009aa08d0099e172b175108020b7a147c111d09fb122f11d81df708aa08aa08d009aa08d0097817aa085108020b7a147c111d09fb122f11d81df708aa08aa08d009aa08d0099e172b177817020b7a147c111d09fb122f11d81df708aa08aa08d009aa08d0097817aa080408020b7a1455129e17e41efb12b01f1d099e17aa081d09aa08f70885161d099e17020ba608";
//var data = "8484caecd0ef65740c8dbdd094320aae89db1c21add76f58cde0bd647e1bee2bb116a7a70c7aaffaf89d25d2cc190a37";
uint dataLen = (uint)(data.Length / 2);
var byteArray = new byte[dataLen];
StringToByteArrayFastest(data).CopyTo(byteArray, 0);
//Console.WriteLine(BitConverter.ToString(byteArray));
/*
Console.WriteLine(
Crypt32.CryptDecrypt(phKey, IntPtr.Zero, 1, 0, byteArray, ref dataLen)
);
Console.WriteLine("Re-Encrypted {0} {1}", dataLenReEncryptB, BitConverter.ToString(reEncryptedPayload));
var decryptedPayload = byteArray;
var reEncryptedPayload = byteArray;
uint dataLenReEncrypt = (uint)reEncryptedPayload.Length;
uint dataLenReEncryptB = dataLenReEncrypt;
Crypt32.CryptEncrypt(phKey, IntPtr.Zero, 1, 0, reEncryptedPayload, ref dataLenReEncrypt, dataLenReEncryptB);
Console.WriteLine("Re-Encrypted {0} {1}", dataLenReEncryptB, BitConverter.ToString(reEncryptedPayload));
/*
//Console.WriteLine("{0} {1}", System.Text.Encoding.ASCII.GetString(decryptedPayload).Length, System.Text.Encoding.Unicode.GetString(decryptedPayload).Length);
//byte[] unfuckKanker1 = tpl_DeFuck(decryptedPayload);
//byte[] unfuckKanker1 = tpl_DeFuck22(decryptedPayload);
if (decryptedPayload.Length > 0) {
byte[] unfucked = tpl_DeFuck2(decryptedPayload);
Console.WriteLine("Unfucked=({1})>{0}", BitConverter.ToString(unfucked), unfucked.Length);
Console.WriteLine("Unfucked=({1})>{0}", System.Text.Encoding.ASCII.GetString(unfucked), unfucked.Length);
//byte[] fucked = tpl_Enfuck2(raw);
//Console.WriteLine("Fucked=({1})>{0}", BitConverter.ToString(fucked), fucked.Length);
}
byte[] unfuckKanker2 = tpl_DeFuck22(decryptedPayload);
*/
Console.ReadLine();
}
public static uint UStrLen(byte[] bytes) {
return (uint)System.Text.Encoding.Unicode.GetString(bytes).Length;
}
public static string UStrFromWChar(ushort data) {
return System.Text.Encoding.Unicode.GetString(new byte[] { ((byte)((byte)(data << 8) & 0xFF)), (byte)(data & 0xFF) });
}
public static byte[] tpl_DeFuck(byte[] bytes) {
byte[] mem02E3BD10 = new byte[] {
0x14,0xAA,0x87,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFC,0x09,0x4A,0x00,0x0C,0x0A,0x4A,0x00,
0x7C,0x35,0x02,0x08,0xFC,0xA1,0xFF,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xA0,0x07,0x4D,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
};
uint imul = 0x00000000;
uint ebp_04 = 0x02DF6850;
uint ebp_08 = 0x08021A67;
uint ebp_0C = 0x02E1EF7C;
uint ebp_0E = 0x0802357C;
uint ebp_10 = 0x00000000;
uint ebp_18 = 0x00000000;
uint ebp_14 = 0x00000000;
uint ebp_1C = 0x00000000;
uint ebp_20 = 0x00000000;
uint ebp_24 = 0x00000000;
uint ebp_28 = 0x00000000;
uint edx = 0x00000000;
uint eax = 0x00000000;
List<byte> ebp08String = new List<byte>();
eax = UStrLen(bytes); // @UStrLen
Console.WriteLine("eax strlen hex={0:X2} dec={0}", eax);
ebp_20 = eax; // mov [ebp-20], eax
ebp_14 = 0x00000001; // mov [ebp-14], 00000001
text_47AB2A:
// // mov eax, [ebp-0C]
edx = ebp_14; // mov edx,[ebp-14]
Console.WriteLine("219 edx={0:X8}", edx);
eax = (uint)(bytes[edx * 2 - 01] << 8 | bytes[edx * 2 - 02]); // movzx eax,word ptr [eax+edx*2-02]
Console.WriteLine("223 eax={0:X8}", eax);
eax = eax + ebp_18; // add eax,[ebp-18]
Console.WriteLine("225 eax={0:X8}", eax);
eax = eax & 0x0000FFFF; // and eax,0000FFFF
ebp_18 = eax; // mov [ebp-18],eax
eax = ebp_0C; // mov eax,[ebp-0C]
edx = ebp_14; // mov edx,[ebp-14]
eax = (uint)((eax & 0xFFFF0000) | (
(bytes[(edx * 2) - 01] << 8 |
bytes[(edx * 2) - 02]) & 0xFFFF)); // mov ax,[eax+edx*2-02]
//Console.WriteLine("eax={0:X8}", eax);
edx = ebp_04; // mov edx,[ebp-04]
edx = ((uint)0x000000FF & mem02E3BD10[(int)(/*edx +*/ 0x52)]); // movzx edx,byte ptr[edx+52]
//////////////////////////////////////////////////////////////////////
//Console.WriteLine("eax={0:X8} edx={1:X8}", eax, edx);
imul = (eax & 0xFFFF) * (edx & 0xFFFF); // imul dx
edx = (edx & 0xFFFF0000) | (imul >> 16) & 0xFFFF;
eax = (eax & 0xFFFF0000) | (imul & 0xFFFF);
Console.WriteLine("eax={0:X8} edx={1:X8} imul={2:X12}", eax, edx, imul);
//////////////////////////////////////////////////////////////////////
edx = ebp_04; // mov edx,[ebp-04]
eax = (eax & 0xFFFF0000) | ((eax & 0xFFFF) ^ (0x004D07A0 & 0xFFFF));// xor ax,[ebp+50]
ebp_10 = (ebp_10 & 0xFFFF) | (eax & 0xFFFF) << 16; // mov [ebp-0E],ax
Console.WriteLine("eax={0:X8} edx={1:X8}", eax, edx);
eax = 0x0019F854; // lea eax,[ebp-24]
edx = (edx & 0xFFFF0000) | (ebp_10 >> 16 & 0xFFFF); // mov dx,[ebp-0E]
Console.WriteLine("eax={0:X8} edx={1:X8}", eax, edx);
ushort unicodeStrFromWChar =
(ushort)((edx & 0xFF) << 8 | (edx >> 8 & 0xFF)); // call @UStrFromWChar
edx = 0xFFFFFFFF; // pointer of new char lol // mov edx,[ebp-24]
eax = ebp_08; // mov eax,[ebp-08] // 08021A67
ebp08String.Add((byte)((unicodeStrFromWChar >> 8) & 0xFF)); // @UStrCat
ebp08String.Add((byte)(unicodeStrFromWChar & 0xFF));
eax = ebp_08; // mov eax,[ebp-08] // 08021A67
ebp_14++; // inc [ebp-14]
ebp_20--; // dec [ebp-20]
if (ebp_20 > 0) goto text_47AB2A; // jne
// 47AB6C
eax = ebp_08; // mov eax,[ebp-08]
if (ebp08String[0] == 0x00) // cmp dword ptr[eax],00
goto text_47ABC2; // je text_47ABC2
Console.WriteLine("loop exit");
eax = ebp_04; // mov eax,[ebp-04]
Console.WriteLine("437 eax={0:X8} edx={1:X8}", eax, edx);
eax = ((uint)0x000000FF & mem02E3BD10[(int)(/*edx +*/ 0x52)]); // movzx eax,byte ptr[edx+52]
Console.WriteLine("439 eax={0:X8} edx={1:X8}", eax, edx);
Console.WriteLine("440 ebp_18={0:X8}", ebp_18);
//////////////////////////////////////////////////////////////////////
//Console.WriteLine("eax={0:X8} edx={1:X8}", eax, edx);
imul = (eax & 0xFFFF) * (ebp_18 & 0xFFFF); // imul byte ptr[eax+52]
edx = (edx & 0xFFFF0000) | (imul >> 16) & 0xFFFF;
eax = (eax & 0xFFFF0000) | (imul & 0xFFFF);
Console.WriteLine("eax={0:X8} edx={1:X8} imul={2:X12}", eax, edx, imul);
//////////////////////////////////////////////////////////////////////
edx = ebp_04; // mov edx,[ebp-04]
Console.WriteLine("448 eax={0:X8} edx={1:X8}", eax, edx);
eax = (eax & 0xFFFF0000) | ((eax & 0xFFFF) ^ (0x004D07A0 & 0xFFFF));// xor ax,[ebp+50]
Console.WriteLine("450 eax={0:X8} edx={1:X8}", eax, edx);
ebp_0E = (ebp_0E & 0xFFFF) | (eax & 0xFFFF) << 16; // mov [ebp-0E],ax
eax = ebp_0E >> 16 & 0xFFFF; // mov ax,[ebp-0E]
ebp_1C = (ebp_1C & 0xFFFFFF) | (eax & 0xFFFF) << 16; // mov [ebp-1A],ax
eax = 0x0019F854; // lea eax,[ebp-28]
edx = (edx & 0xFFFF0000) | (ebp_1C >> 16 & 0xFFFF); // mov dx,[ebp-1A]
Console.WriteLine("eax={0:X8} edx={1:X8}", eax, edx);
unicodeStrFromWChar =
(ushort)((edx & 0xFF) << 8 | (edx >> 8 & 0xFF)); // call @UStrFromWChar
Console.WriteLine("{0:X4}", unicodeStrFromWChar);
edx = 0xFFFFFFFF; // pointer of new char lol // mov edx,[ebp-28]
eax = ebp_08; // mov eax,[ebp-08] // 08021A67
ebp08String.Add((byte)((unicodeStrFromWChar >> 8) & 0xFF)); // @UStrCat
ebp08String.Add((byte)(unicodeStrFromWChar & 0xFF));
eax = ebp_08; // mov eax,[ebp-08] // 08021A67
text_47ABC2:
eax = 0x00000000; // xor eax,eax
// // pop edx
// // pop ecx
// // pop ecx
// //
Console.WriteLine(BitConverter.ToString(ebp08String.ToArray()));
Console.WriteLine(System.Text.Encoding.UTF8.GetString(ebp08String.ToArray()));
return ebp08String.ToArray();
}
public static byte[] tpl_Enfuck2(byte[] bytes) {
byte[] mem02E3BD10 = new byte[] {
0x14,0xAA,0x87,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFC,0x09,0x4A,0x00,0x0C,0x0A,0x4A,0x00,
0x7C,0x35,0x02,0x08,0xFC,0xA1,0xFF,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xA0,0x07,0x4D,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
};
List<byte> fuckedUp = new List<byte>();
foreach(byte chr in bytes) {
ushort lol = (ushort)(chr * mem02E3BD10[ 0x52 ]);
fuckedUp.Add((byte)(lol >> 8 & 0xFF));
fuckedUp.Add((byte)(lol & 0xFF));
}
return fuckedUp.ToArray();
}
public static byte[] tpl_DeFuck2(byte[] decryptedData) {
List<byte> output = new List<byte>();
uint length = UStrLen(decryptedData);
for (int i=0; i < length*2; i += 2) {
ushort wChar = (ushort)(decryptedData[i] | decryptedData[i+1] << 8);
wChar ^= 0x004D07A0 & 0xFFFF;
wChar /= 0x4D;
output.Add((byte)((wChar >> 8) & 0xFF));
output.Add((byte)(wChar & 0xFF));
}
Console.WriteLine(BitConverter.ToString(output.ToArray()));
Console.WriteLine(System.Text.Encoding.UTF8.GetString(output.ToArray()));
return output.ToArray();
}
public static byte[] tpl_DeFuck22(byte[] decryp) {
byte[] mem02E3BD10 = new byte[] {
0x14,0xAA,0x87,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFC,0x09,0x4A,0x00,0x0C,0x0A,0x4A,0x00,
0x7C,0x35,0x02,0x08,0xFC,0xA1,0xFF,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xA0,0x07,0x4D,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
};
uint imul = 0x00000000;
uint ebp_04 = 0x0019F878;
uint ebp_08 = 0x08021A67;
uint ebp_0C = 0x02E1EF7C;
uint ebp_0E = 0x0802357C;
uint ebp_10 = 0x00000000;
uint ebp_18 = 0x00000000;
uint ebp_14 = 0x00000000;
uint ebp_1C = 0x00000000;
uint ebp_20 = 0x00000000;
uint ebp_24 = 0x00000000;
uint ebp_28 = 0x00000000;
uint edx = 0x00000000;
uint eax = 0x00000000;
uint ecx = 0x00000000;
List<byte> ebp08String = new List<byte>();
eax = UStrLen(decryp); // @UStrLen
eax--; // dec eax
if (eax == 0) // test eax,eax
goto text_47AC91; // jna
Console.WriteLine("eax strlen hex={0:X2} dec={0}", eax);
ebp_20 = eax; // mov [ebp-20], eax
ebp_14 = 0x00000001; // mov [ebp-14], 00000001
text_47AC49:
eax = ebp_04; // mov eax,[ebp-04]
eax = 0x02E1F13C; // mov eax[eax+40]
edx = ebp_14; // mov edx,[ebp-14]
//Console.WriteLine("384 eax={0:X8}", eax);
eax = eax & 0xFFFF0000 | ((uint)
(decryp[edx * 2 - 01] << 8 | decryp[edx * 2 - 02]) & 0xFFFF); // mov ax,[eax+edx*2-02]
//Console.WriteLine("387 eax={0:X8}", eax);
eax = (eax & 0xFFFF0000) | ((eax & 0xFFFF) ^ (0x004D07A0 & 0xFFFF));// xor ax,[ebp+50]
//Console.WriteLine("389 eax={0:X8}", eax);
eax = eax & 0xFFFF; // movzx eax,ax
Console.WriteLine("453 eax={0:X8}", eax);
edx = ebp_04; // mov edx,[ebp-04]
edx = ((uint)0x000000FF & mem02E3BD10[(int)(/*edx +*/ 0x52)]); // movzx edx,byte ptr[edx+52]
ecx = edx; // mov ecx,edx
edx = 0x00; // xor edx,edx
Console.WriteLine("prediv eax={0:X8} ecx={1:X8}", eax, ecx);
eax = eax / ecx; // div ecx
//Console.WriteLine("ebp_0E={0:X8}", ebp_0E);
ebp_0E = (ebp_0E & 0xFFFF) | (eax & 0xFFFF) << 16; // mov [ebp-0E],ax
//Console.WriteLine("ebp_0E={0:X8}", ebp_0E);
//Console.WriteLine("postdiv eax={0:X8} ecx={1:X8} {2}", eax, ecx, System.Text.Encoding.ASCII.GetString(new byte[] { (byte)eax }));
eax = 0x0019F854; // lea eax,[ebp-24]
edx = (edx & 0xFFFF0000) | (ebp_0E >> 16 & 0xFFFF); // mov dx,[ebp-0E]
Console.WriteLine("eax={0:X8} ecx={1:X8}", eax, edx);
ushort unicodeStrFromWChar = (ushort)edx; // call @UStrFromWChar
edx = 0xFFFFFFFF; // pointer of new char lol // mov edx,[ebp-24]
eax = ebp_0C; // mov eax,[ebp-0C] // 08021A67
ebp08String.Add((byte)((unicodeStrFromWChar >> 8) & 0xFF)); // @UStrCat
ebp08String.Add((byte)(unicodeStrFromWChar & 0xFF));
eax = ebp_08; // mov eax,[ebp-08] // 08021A67
ebp_14++; // inc [ebp-14]
ebp_20--; // dec [ebp-20]
if (ebp_20 > 1) goto text_47AC49; // jne
/*
* eax=14C1
* ecx=4D
*
*/
text_47AC91:
eax = ebp_04; // mov eax,[ebp-04]
text_47ABC2:
eax = 0x00000000; // xor eax,eax
// // pop edx
// // pop ecx
// // pop ecx
// //
Console.WriteLine(BitConverter.ToString(ebp08String.ToArray()));
Console.WriteLine(System.Text.Encoding.UTF8.GetString(ebp08String.ToArray()));
return ebp08String.ToArray();
}
public static byte[] StringToByteArrayFastest(string hex) {
if (hex.Length % 2 == 1)
throw new Exception("The binary key cannot have an odd number of digits");
byte[] arr = new byte[hex.Length >> 1];
for (int i = 0; i < hex.Length >> 1; ++i) {
arr[i] = (byte)((GetHexVal(hex[i << 1]) << 4) + (GetHexVal(hex[(i << 1) + 1])));
}
return arr;
}
public static int GetHexVal(char hex) {
int val = (int)hex;
//For uppercase A-F letters:
//return val - (val < 58 ? 48 : 55);
//For lowercase a-f letters:
//return val - (val < 58 ? 48 : 87);
//Or the two combined, but a bit slower:
return val - (val < 58 ? 48 : (val < 97 ? 55 : 87));
}
}
}