This is another brief exercise created by my good friend Colin. The goal for this exercise was to reverse the encryption methodology and create a decryptor. This is what the binary looks like when running.

And here’s the assembly.

There’s five local variables here. Four of these are right at the start, the hex bytes { 0xDE, 0xAD, 0xCA, 0xFE }. The function itself is fairly simple. There’s a call to fgets which takes user input and stores it as a string. Next it gets the length of the string using strlen. The next call will take us into the encryption function. Finally, it prints the encrypted bytes.

Here’s the encrptor function.

Nothing too complex going on here really. Looking at the jumps it should be obvious that this is some type of loop. It’s taking our input string and checking each character to see if they’re alphabetic or alphanumeric, calling isalpha and isalnum(is this redundant?), and if so then they get encrypted. The method of encryption is to xor each character with the hex bytes { 0xDE, 0xAD, 0xCA, 0xFE } from earlier. The trick here is that the first xor is done with 0xDE and then the next xor will be performed with 0xAD, then 0xCA, and finally 0xFE. This loop will repeat for the same amount of characters in our string.

Now that I know how the encryption is being done, it’s time to write our own decryptor. This is what I came up with.

#include <Windows.h>
#include <iostream>

#define MAX_STRING_SIZE 256
#define HEX_FORMAT_SPECIFIER "%02x"

using namespace std;

int main()
{
    BYTE key[] = { 0xDE, 0xAD, 0xCA, 0xFE };
    char input[MAX_STRING_SIZE];
    BYTE hexInput[MAX_STRING_SIZE] = { 0 };
    BYTE decryptionpResult[MAX_STRING_SIZE] = { 0 };
    unsigned int keyIndex = 0;
    unsigned int byteIndex = 0;

    printf("Enter bytes to decrypt: \n\n");

    do
    {
        cin.getline(input, MAX_STRING_SIZE);
        unsigned int temp;
        sscanf_s(input, HEX_FORMAT_SPECIFIER, &temp);
        hexInput[byteIndex++] = temp;

    } while (_strcmpi(input, "") != 0);


    for (unsigned int i = 0; i < byteIndex - 1; i++)
    {
        decryptionpResult[i] = hexInput[i] ^ key[keyIndex];
        printf("input[%d]: 0x%X  ^  0x%X  =  0x%X \t %c \n", i, hexInput[i], key[keyIndex], decryptionpResult[i], decryptionpResult[i]);
        keyIndex++;

        if (keyIndex == sizeof(key))
        {
            keyIndex = 0;
        }
    }

        printf("\n");
        cin.get();
}

It’s not pretty, but it gets the job done. Here is the decryptor in action.

I printed out all the steps so you can see the process of how it was encrypted originally, as well as the decryption result. This one was very fun, thanks Colin!

Last modified: June 7, 2019