-
The encoding happends separately and the deobfuscation happends on your client side
-
Each character is modified based on its neighbor
-
Provides basic transformation logic that isn’t reversible without knowing it
-
Don't forget to overwrite/wipe the decrypted plaintext buffer in your own program right after it's no longer needed using
-
memset(dest, 0, strlen(dest));
gcc -shared -o build/libdhex.dll -DDHEX_LIB -Iinc/ src/dhex.c -Limp/ -lb64 -Wl,--out-implib,imp/libdhex.dll.a
gcc -fPIC -shared -o build/libdhex.so -DDHEX_LIB -Iinc/ -Lbuild src/dhex.c
#include <errno.h>
#include "inc/dhex.h"
//gcc -o build/test1 -g -Wall -Wextra src/dhex.c src/test.c -L./build/ (use -Wl,-rpath,'$ORIGIN' for linking agianst libdhex)
int main(int argc, char* argv[]) {
if (argc < 2) {
fprintf(stderr, "Usage: %s <plaintext>\n", argv[0]);
return 1;
}
char* plaintext_str = argv[1];
char encrypted_dest[100], decrypted_dest[100];
int err_code;
int len_len = sizeof(encrypted_dest);
err_code = dhex_encode( encrypted_dest,len_len , plaintext_str, false);
if ( err_code == 0 && strlen(encrypted_dest) > 0 ) {
fprintf(stdout, "encoded string: %s\n ", encrypted_dest);
int i = 0;
while (encrypted_dest[i] != '\0';){
fprintf(stdout, "%02X ", (unsigned char)encrypted_dest[i]); // Show encoded in hex
}
}
else{
return 1;
}
err_code = dhex_decode(decrypted_dest, sizeof(decrypted_dest), &encrypted_dest[0]);
if (err_code == 0 && strlen(decrypted_dest) > 0) {
fprintf(stdout, "decrypted string :%s\n", decrypted_dest);
}
else {
perror("dhex failed \n");
return 1;
}
return 0;
}- code to inspect the processor time stamp that records the number of clock cycles since the last reset and look for a suspicous pause that indicates somebody is steping through the registers and bail out