Welcome
Ladies and Gents:

These forums are now closed and registration disabled.

Please join us at our new forum on Proboards. Our hope is that these new forums are more stable, provide more and better features, and allow continuation of the project forums in a safer, more secure, long term environment.

me3explorer.proboards.com

--The ME3Explorer Team

XORing function parameters

Coder-centric area for programming advice and questions.

XORing function parameters

Postby WarrantyVoider » 06 Dec 2013, 00:34

from another forum I found following reverse-engineering-trap and here a demo how it works. when you call a function the parameters get put as 32/64bit pointers on the stack, now you could XOR them so some interception would lead to garbage pointers :D, here an example I wrote for testing:

#include "stdafx.h"

void DecryptArgs(int* args)
{
int key = 0x12345678;
int* p = args;
while(*p !=0)
{
*p = *p ^ key;
p++;
}
}

struct SpecialFunc1Args
{
int a;
int b;
char* c;
};

void SpecialFunc1(int* args)
{
DecryptArgs(args);
SpecialFunc1Args* Args = (struct SpecialFunc1Args*)args;
printf("Special Function1: Decrypted Arguments a=%i, b=%i, c=%s\n", Args->a, Args->b, Args->c);

}

struct SpecialFunc2Args
{
double a;
char* b;
int c;
};

void SpecialFunc2(int* args)
{
DecryptArgs(args);
SpecialFunc2Args* Args = (struct SpecialFunc2Args*)args;
printf("Special Function2: Decrypted Arguments a=%f, b=%s, c=%i\n", Args->a, Args->b, Args->c);

}

typedef void (__cdecl * dummy)(int * args);

void EncryptArgs(dummy func, ...)
{
int* p = (int*)&func;
p ++;
int* t = p;
int key = 0x12345678;
int count = 0;
while(*p !=0)
{
*p = key ^ *p;
p++;
}
func(t);
}

int _tmain(int argc, _TCHAR* argv[])
{
EncryptArgs(SpecialFunc1, 1, 2, "Hello");
EncryptArgs(SpecialFunc2, 3.1415, "World", 4);
while(true);
return 0;
}


Output:

Special Function1: Decrypted Arguments a=1, b=2, c=Hello
Special Function2: Decrypted Arguments a=3.141500, b=World, c=4


greetz WV
always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Return to Coders' Help

Who is online

Users browsing this forum: No registered users and 0 guests

suspicion-preferred