// NOTE(brendan): INPUT: Ciphertext in hex, length of ciphertext.
// OUTPUT: string with max score based on frequency analysis, and from trying
// all byte ciphers
real32 ByteCipherInHexDecode(char *DecodedString, char *Ciphertext,
uint32 CipherLength)
{
uint32 DecodedStringLength = CipherLength/2 + 1;
char Key[CipherLength + 1];
// NOTE(brendan): decrypt
real32 MinScore = INFINITY;
uint32 MinCipher = 0;
char XORResult[CipherLength + 1];
// TODO(brendan): calculate frequencies and subtract from expected
// frequencies; maximize that value
for (uint32 ByteCipher = 0; ByteCipher < 256; ++ByteCipher) {
CreateKey(Key, ByteCipher, CipherLength);
XORStrings(XORResult, Key, Ciphertext, CipherLength);
DecodeHexString(DecodedString, XORResult, CipherLength);
real32 Score = ScoreString(DecodedString, DecodedStringLength - 1);
if (Score < MinScore) {
MinScore = Score;
MinCipher = ByteCipher;
}
}
CreateKey(Key, MinCipher, CipherLength);
XORStrings(XORResult, Key, Ciphertext, CipherLength);
DecodeHexString(DecodedString, XORResult, CipherLength);
return MinScore;
}
void *MemoryUtils::DecodeAndFindPattern(const void *libPtr, const char *pattern)
{
unsigned char real_sig[511];
size_t real_bytes = DecodeHexString(real_sig, sizeof(real_sig), pattern);
if (real_bytes >= 1)
{
return FindPattern(libPtr, (char*)real_sig, real_bytes);
}
return NULL;
}
static int NaClDebugExceptionHandlerStandaloneMain(int argc, char **argv) {
int target_pid;
NaClHandle socket;
char *rest1;
char *rest2;
void *info;
size_t info_size;
HANDLE process_handle;
DWORD written;
if (argc != 3) {
NaClLog(LOG_FATAL, "NaClDebugExceptionHandlerStandaloneMain: "
"Expected 3 arguments: target_pid, socket, data\n");
}
target_pid = strtol(argv[0], &rest1, 0);
socket = (NaClHandle)(uintptr_t) strtol(argv[1], &rest2, 0);
if (*rest1 != '\0' || *rest2 != '\0') {
NaClLog(LOG_FATAL, "NaClDebugExceptionHandlerStandaloneMain: "
"Bad string argument\n");
}
info_size = strlen(argv[2]);
if (info_size % 2 != 0) {
NaClLog(LOG_FATAL, "NaClDebugExceptionHandlerStandaloneMain: "
"Odd string length\n");
}
info_size /= 2;
info = malloc(info_size);
if (info == NULL) {
NaClLog(LOG_FATAL, "NaClDebugExceptionHandlerStandaloneMain: "
"malloc() failed\n");
}
DecodeHexString((uint8_t *) info, argv[2], info_size);
if (!DebugActiveProcess(target_pid)) {
NaClLog(LOG_FATAL, "NaClDebugExceptionHandlerStandaloneMain: "
"Failed to attach with DebugActiveProcess()\n");
}
process_handle = OpenProcess(PROCESS_QUERY_INFORMATION |
PROCESS_SUSPEND_RESUME |
PROCESS_TERMINATE |
PROCESS_VM_OPERATION |
PROCESS_VM_READ |
PROCESS_VM_WRITE |
PROCESS_DUP_HANDLE |
SYNCHRONIZE,
/* bInheritHandle= */ FALSE,
target_pid);
if (process_handle == NULL) {
NaClLog(LOG_FATAL, "NaClDebugExceptionHandlerStandaloneMain: "
"Failed to get process handle with OpenProcess()\n");
}
/* Send message to indicate that we attached to the process successfully. */
if (!WriteFile(socket, "k", 1, &written, NULL) || written != 1) {
NaClLog(LOG_FATAL, "NaClDebugExceptionHandlerStandaloneMain: "
"Failed to send reply\n");
}
NaClDebugExceptionHandlerRun(process_handle, info, info_size);
return 0;
}
