;**************** Api32 V2.5 KeyMaker for fun.asm *******************
;by:
ArchFire/ATA @2002-12-14
;*
;*
;* in this case, we will learn RSA
algorithm.
;*
;* as we know that Vitaly Evseenko, the author of Apis32,
once been a RCEer. So he shows how to use RAS in his little proggy
;* oh,
well, it's not so hard, so just find what's happening....
;* you'd better
have look on PEDiy's BBS Seletion III for more help, thx goes to those who have
witten the good tutors :)
;*
;* IN RSA:
;* 1. Find two prime number:
p, q. the larger the better
;* 2. n=p*q, f=(p-1)*(q-1)
;* 3. Select
a random number e, which is satisfied: GCD(f, e)=1. Often, we choose 7, 13, 65537....
;* 4. Find d, where: (d*e) mod f=1
;* 5. Encipher proc: C=(M^e) mod
n
;* Decipher proc: M=(C^d) mod n
;*
;* In Apis32:
;* C=((M^7) mod 8899) mod 0bb=(M^7) mod 0bb, 'cause 8899 mod 0bb=0
;*
n=0bb=11*0b, f=10*0a=0a0, e=7, d=17
;* so, Decipher proc: M=(C^17) mod 0bb
;* Learn and enjoy!
;*
;********************************************************************
.386
.model flat,stdcall
option casemap:none
include
hd.h
DlgProc proto :DWORD,:DWORD,:DWORD,:DWORD
DeRSA proto :DWORD, :DWORD
.const
BUFF_SIZE
equ 32
ID_MAKE equ
1002
ID_ABOUT equ 1003
ID_CLOSE equ 1004
IDC_NAME
equ 1010
IDC_CODE
equ 1011
OURICON equ
1020
DLG_MAIN equ 1000
.data
szC
db BUFF_SIZE dup (0)
szM
db BUFF_SIZE dup (0)
szTemp
db BUFF_SIZE dup (0)
szFormat
db "%02X", 0
MsgTitle
db "ATAKeyGen", 0
MsgContend db
"Apis32 2.50 KeyGen for fun", 0dh, 0ah, 0dh, 0ah
db "
by ArchFire/ATA", 0
szInputError db
"Input 8 chars please...", 0
.data?
hInstance HANDLE ?
.code
.RADIX 16
start:
invoke
GetModuleHandle, NULL
mov hInstance,eax
invoke DialogBoxParam,hInstance,DLG_MAIN,NULL,offset
DlgProc,0
invoke ExitProcess,NULL
DlgProc
proc uses ebx edi esi, \
hWnd:DWORD,wMsg:DWORD,wParam:DWORD,lParam:DWORD
LOCAL Ps :PAINTSTRUCT
mov
eax,wMsg
.if eax == WM_CLOSE
invoke EndDialog,hWnd,NULL
.elseif eax==WM_INITDIALOG
invoke LoadIconA, hInstance, OURICON
;note: use "hInstance" instead of "hWnd"; if "dword ptr OURICON" ->
PUSH WORD OURICON, wrong result
test
eax, eax
je initerror
push edi
mov edi, eax
invoke SendMessageA, hWnd, WM_SETICON, ICON_BIG,
eax
invoke SendMessageA, hWnd, WM_SETICON,
ICON_SMALL, edi
pop edi
initerror:
nop
.elseif eax == WM_PAINT
invoke BeginPaint,hWnd,ADDR Ps
invoke FrameWindow,hWnd,0,1,1
invoke FrameWindow,hWnd,1,1,0
invoke EndPaint,hWnd,ADDR
Ps
xor eax, eax
.elseif eax == WM_COMMAND
mov eax,wParam
.IF
lParam!=0
.if ax==ID_MAKE
invoke RtlZeroMemory,
addr szC, BUFF_SIZE
invoke RtlZeroMemory, addr szM, BUFF_SIZE
invoke GetDlgItemText,hWnd,IDC_NAME,addr szM, BUFF_SIZE
.if eax < 8
invoke SetDlgItemText,hWnd,IDC_NAME,addr
szInputError
.else
lea
esi, szC
lea
edi, szM
invoke
DeRSA, edi, esi
.endif
invoke SetDlgItemText,hWnd,IDC_CODE,addr
szC
.elseif ax==ID_CLOSE
invoke
EndDialog,hWnd,NULL
.elseif ax==ID_ABOUT
invoke MessageBox,
hWnd, Addr MsgContend, Addr MsgTitle, MB_OK
.endif
.ENDIF
.else
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
DlgProc ENDP
DeRSA proc szName:DWORD, szCode:DWORD
mov esi, szName
push
ebp
xor ebp, ebp
push 0bb
pop ebx
;
@loop2:
mov edi, 16
;hmmm, when
edi=17h, we get a wrong result
movzx eax, byte ptr [esi+ebp]
mov ecx, eax
@loop1:
imul ecx
cmp eax, ebx
jl @next2
idiv
ebx
mov eax, edx
@next2:
dec edi
jnz @loop1
add ebp, 50
xor ax, bp
sub ebp, 50
mov [esi+ebp],
al
inc ebp
cmp ebp, 8
jl @loop2
pop ebp
mov edi, szCode
xor ebx, ebx
p_loop:
xor eax, eax
lodsb
invoke wsprintf, addr szTemp, addr szFormat,
eax
cmp bl, 4
jnz @f
mov al, '-'
stosb
@@:
mov ax, word
ptr [szTemp+0]
stosw
inc ebx
cmp ebx, 08
jl p_loop
ret
DeRSA endp
end start