unit U_IBDUP; interface uses Classes, Dialogs, Types, zlibEx, SysUtils; procedure ReadPakIBDFile(aNameFile: string; var aIBDList: TStringList); //procedure CreateCryptMas(const key1, key2: string; aTestPassMas: BOOLean); procedure CreateCryptMas(const key1, key2: AnsiString; aTestPassMas: BOOLean); procedure UnCrypt(NumIn: Pointer; NumOut: Pointer; CryptMas: Pointer); procedure PackAndSaveIBD(aIBDData: TStringList; aNameFile: string); var PassMas: array[1..12*9] of Byte; PassMasAvk: array[1..12*9] of Byte = ($5E, $7F, $60, $44, $A3, $96, $22, $47, $DF, $DB, $47, $59, $E5, $55, $6B, $51, $CC, $2F, $CC, $BA, $0B, $5E, $12, $E8, $35, $FB, $39, $B5, $A9, $E5, $59, $A1, $F4, $05, $0F, $09, $A0, $84, $54, $10, $5B, $D4, $17, $9F, $04, $FA, $97, $87, $9A, $82, $AF, $29, $09, $C9, $C4, $DE, $43, $02, $BA, $CB, $10, $D2, $15, $D7, $15, $84, $6A, $4C, $95, $06, $B1, $D2, $26, $FF, $20, $8A, $6C, $0A, $4D, $C9, $E9, $4A, $F4, $58, $7E, $41, $1B, $DE, $C6, $35, $49, $ED, $AC, $74, $66, $7A, $D7, $52, $70, $BF, $12, $0D, $81, $8A, $00, $00, $00, $00); CryptMasAvk: array[1..16*14] of Byte = ($05, $22, $0D, $65, $FC, $D1, $42, $96, $05, $22, $0D, $65, $FC, $D1, $42, $96, $5F, $F0, $90, $40, $EE, $F2, $A5, $81, $AC, $74, $66, $7A, $FA, $DE, $3A, $CA, $E5, $21, $03, $DD, $E9, $4A, $F4, $58, $BD, $CD, $94, $F5, $E0, $75, $81, $BE, $95, $06, $B1, $D2, $9B, $E9, $EB, $7B, $EB, $28, $7D, $C1, $43, $02, $BA, $CB, $D3, $63, $F7, $36, $51, $D6, $82, $D7, $04, $FA, $97, $87, $0D, $74, $A5, $2B, $AC, $EF, $AF, $A3, $F4, $05, $0F, $09, $E8, $2E, $57, $1A, $C7, $4A, $6D, $A6, $0B, $5E, $12, $E8, $5D, $1E, $34, $D0, $95, $AE, $4C, $8F, $DF, $DB, $47, $59, $3C, $24, $A0, $BB, $5D, $69, $1E, $2B, $5E, $7F, $60, $44, $A3, $96, $22, $47, $DF, $DB, $47, $59, $E5, $55, $6B, $51, $CC, $2F, $CC, $BA, $0B, $5E, $12, $E8, $35, $FB, $39, $B5, $A9, $E5, $59, $A1, $F4, $05, $0F, $09, $A0, $84, $54, $10, $5B, $D4, $17, $9F, $04, $FA, $97, $87, $9A, $82, $AF, $29, $09, $C9, $C4, $DE, $43, $02, $BA, $CB, $10, $D2, $15, $D7, $15, $84, $6A, $4C, $95, $06, $B1, $D2, $26, $FF, $20, $8A, $6C, $0A, $4D, $C9, $E9, $4A, $F4, $58, $7E, $41, $1B, $DE, $C6, $35, $49, $ED, $AC, $74, $66, $7A, $D7, $52, $70, $BF, $12, $0D, $81, $8A); Header: array[1..88] of Byte = ($01, $CD, $AA, $55, $0A, $00, $C8, $C1, $C4, $5F, $32, $30, $30, $33, $5F, $31, // .ͪU..ÈÁÄ_2003_1 $0C, $00, $D2, $E5, $F1, $F2, $E8, $F0, $EE, $E2, $E0, $ED, $E8, $E5, $01, $00, // ..Òåñòèðîâàíèå.. $00, $00, $0C, $00, $00, $00, $0C, $00, $00, $00, $0C, $00, $00, $00, $0C, $00, // ................ $00, $00, $0C, $00, $00, $00, $0C, $00, $00, $00, $0C, $00, $00, $00, $0C, $00, // ................ $00, $00, $46, $00, $00, $00, $10, $00, $4E, $45, $57, $50, $41, $53, $53, $57, // ..F.....NEWPASSW $4F, $52, $44, $21, $40, $23, $24, $25 ); // ORD!@#$%@... implementation procedure PackAndSaveIBD(aIBDData: TStringList; aNameFile: string); const key1 = '3458gGrWEvfGytLK'; key2 = 'NEWPASSWORD!@#$%'; var FIBDStream: TFileStream; FileStream: TFileStream; //TempBuff: PChar; TempBuff: PAnsiChar; //SubKey2: string; SubKey2: AnsiString; SizeIBD: dword; PSizeIBD: Pointer; i, j: integer; //CryptData: PChar; CryptData: PAnsiChar; //UncryptData: PChar; UncryptData: PAnsiChar; //KeyIBD: string; KeyIBD: AnsiString; PakStream: TMemoryStream; UnpStream: TMemoryStream; compressStr: TZCompressionStream; SizeS: integer; //TmpBuff: PChar; TmpBuff: PAnsiChar; num: array [1..8] of byte; outnum: array [1..8] of byte; tempnum: byte; IBDSize: Integer; //OutIBD: string; OutIBD: AnsiString; //TempStr: string; TempStr: AnsiString; strlen: word; //temps: string; temps: AnsiString; nullsim: array [1..8] of byte; begin for i := 1 to 8 do nullsim[i] := 0; PakStream := TMemoryStream.Create; PakStream.Position := 0; for i := 0 to aIBDData.Count - 1 do begin temps := aIBDData.Strings[i]; if i < aIBDData.Count - 1 then begin temps := temps + #13#10; strlen := length(temps); end else begin strlen := length(temps); temps := temps + #$FF#$FF; end; PakStream.WriteBuffer(strlen, 2); PakStream.WriteBuffer(temps[1], length(temps)); end; SizeS := PakStream.Size; GetMem(TmpBuff, SizeS + 10); PakStream.Position := 0; PakStream.ReadBuffer(TmpBuff^, SizeS); PakStream.Clear; compressStr := TZCompressionStream.Create(PakStream, zcDefault); CompressStr.Write(pointer(TmpBuff)^, SizeS); CompressStr.Free; PakStream.Position := 0; SizeS := PakStream.Size; PakStream.Position := SizeS; if SizeS mod 8 <> 0 then begin PakStream.WriteBuffer(nullsim[1], 8 - SizeS mod 8); end; PakStream.Position := 0; SizeS := PakStream.Size; PakStream.ReadBuffer(Tmpbuff^, SizeS); PakStream.Position := 0; GetMem(UncryptData, PakStream.Size); PakStream.ReadBuffer(UncryptData^, PakStream.Size); PakStream.Position := 0; IBDSize := PakStream.Size; SizeIBD := IBDSize; PakStream.Position := 0; SubKey2 := Key2; KeyIBD := SubKey2; GetMem(CryptData, IBDSize + 10); GetMem(UncryptData, IBDSize + 10); PakStream.ReadBuffer(CryptData^, IBDSize); PakStream.Free; i := 0; while i < SizeIBD do begin for j := 1 to 8 do begin num[j] := byte((CryptData + i + j - 1)^); end; tempnum := num[1]; num[1] := num[2]; num[2] := tempnum; tempnum := num[3]; num[3] := num[4]; num[4] := tempnum; tempnum := num[5]; num[5] := num[6]; num[6] := tempnum; tempnum := num[7]; num[7] := num[8]; num[8] := tempnum; UnCrypt(@num, @outnum, @CryptMasAvk[17]); for j := 1 to 8 do begin Byte((UnCryptData + i + j - 1)^) := num[j]; end; i := i + 8; end; FreeMem(CryptData); PakStream := TMemoryStream.Create; PakStream.WriteBuffer(Header[1], 88); PakStream.WriteBuffer(SizeIBD, 4); PakStream.WriteBuffer(UnCryptData^, SizeIBD); PakStream.SaveToFile(aNameFile); PakStream.Free; FreeMem(UnCryptData); end; procedure ReadPakIBDFile(aNameFile: string; var aIBDList: TStringList); const key1 = '3458gGrWEvfGytLK'; var FIBDStream: TFileStream; FileStream: TFileStream; //TempBuff: PChar; TempBuff: PAnsiChar; //SubKey2: string; SubKey2: AnsiString; SizeIBD: dword; PSizeIBD: Pointer; i, j: integer; //CryptData: PChar; CryptData: PAnsiChar; //UncryptData: PChar; UncryptData: PAnsiChar; //KeyIBD: string; KeyIBD: Ansistring; PakStream: TMemoryStream; UnpStream: TMemoryStream; DecompressStr: TZDecompressionStream; SizeS: integer; //TmpBuff: PChar; TmpBuff: PAnsiChar; num: array [1..8] of byte; outnum: array [1..8] of byte; tempnum: byte; IBDSize: Integer; //OutIBD: string; OutIBD: AnsiString; //TempStr: string; TempStr: AnsiString; FFirstRecLen: Word; StrLen: Word; begin // ShowMessage('Begin'); FIBDStream := TFileStream.Create(aNameFile, fmOpenRead); // ShowMessage('File readed'); FIBDStream.Seek($4, soFromBeginning); FIBDStream.ReadBuffer(FFirstRecLen, $2); GetMem(TempBuff, FFirstRecLen + 1); FIBDStream.ReadBuffer(TempBuff^, FFirstRecLen); FIBDStream.ReadBuffer(FFirstRecLen, $2); FreeMem(TempBuff); GetMem(TempBuff, FFirstRecLen + 1); FIBDStream.ReadBuffer(TempBuff^, FFirstRecLen); FreeMem(TempBuff); GetMem(TempBuff, 41); FIBDStream.ReadBuffer(TempBuff^, 40); FreeMem(TempBuff); FIBDStream.ReadBuffer(FFirstRecLen, $2); GetMem(TempBuff, FFirstRecLen + 1); FIBDStream.ReadBuffer(TempBuff^, FFirstRecLen); SubKey2 := TempBuff; KeyIBD := SubKey2; FreeMem(TempBuff); // ShowMessage('PreCreate'); CreateCryptMas(key1, keyIBD, False); // ShowMessage('Created'); PSizeIBD := @SizeIBD; FIBDStream.ReadBuffer(PSizeIBD^, 4); GetMem(CryptData, SizeIBD + 10); GetMem(UncryptData, SizeIBD + 10); FIBDStream.ReadBuffer(CryptData^, SizeIBD); FIBDStream.Free; i := 0; while i < SizeIBD do begin for j := 1 to 8 do begin num[j] := byte((CryptData + i + j - 1)^); end; tempnum := num[1]; num[1] := num[2]; num[2] := tempnum; tempnum := num[3]; num[3] := num[4]; num[4] := tempnum; tempnum := num[5]; num[5] := num[6]; num[6] := tempnum; tempnum := num[7]; num[7] := num[8]; num[8] := tempnum; UnCrypt(@num, @outnum, @PassMas); for j := 1 to 8 do begin Byte((UnCryptData + i + j - 1)^) := num[j]; end; i := i + 8; end; PakStream := TMemoryStream.Create; PakStream.WriteBuffer(UnCryptData^, SizeIBD); UnpStream := TMemoryStream.Create; PakStream.Position := 0; UnpStream := TMemoryStream.Create; // ShowMessage('PreDecompress'); DecompressStr := TZDecompressionStream.Create(PakStream); SizeS := 10000; while SizeS <> 0 do begin GetMem(TmpBuff, SizeS); SizeS := DecompressStr.Read(TmpBuff^, SizeS); UnpStream.WriteBuffer(Tmpbuff^, SizeS); FreeMem(TmpBuff); end; // ShowMessage('Decompress'); UnpStream.Position := 0; FreeMem(UncryptData); GetMem(UncryptData, UnpStream.Size); UnpStream.ReadBuffer(UncryptData^, UnpStream.Size); UnpStream.Position := 0; aIBDList.Text := ''; IBDSize := UnpStream.Size; i := 0; OutIBD := ''; while i < IBDSize do begin OutIBD := OutIBD + (UncryptData + i)^; inc(i); end; i := 1; { while i < IBDSize do begin TempStr := copy(OutIBD, 3, pos(#$0D#$0A, OutIBD) - 3); if TempStr = '' then begin TempStr := copy(OutIBD, 3, pos(#$FF#$FF, OutIBD) - 3); aIBDList.Add(TempStr); break; end; aIBDList.Add(TempStr); i := i + pos(#$0D#$0A, OutIBD); Delete(OutIBD, 1, pos(#$0D#$0A, OutIBD) + 1); end; } // ShowMessage('Save Buff'); while i < IBDSize do begin StrLen := byte(OutIBD[2])* $100 + byte(OutIBD[1]); if StrLen = $0FFFF then break; TempStr := copy(OutIBD, 3, StrLen); if pos(#$0D#$0A, TempStr) <> 0 then Delete(TempStr, pos(#$0D#$0A, TempStr), 2); Delete(OutIBD, 1, StrLen + 2); aIBDList.Add(TempStr); i := i + StrLen; end; UnpStream.Free; PakStream.Free; DecompressStr.Free; FreeMem(CryptData); FreeMem(UncryptData); end; procedure UnCrypt(NumIn: Pointer; NumOut: Pointer; CryptMas: Pointer); var NumPtr: Pointer; BP1: word; TempESP10: word; EBPTMP: Dword; OUTESP: Pointer; label proc1, AVKCr005056A5, AVKCr005056C4, beg; begin NumPtr := NumIn; asm mov EAX, numptr; mov ESI, EAX mov EDI, 8 mov EBX, CryptMas beg: mov EAX, ESI mov DX, word ptr ds:[EBX] Call Proc1; mov ax, word ptr ds:[EBX + 2] Add word ptr ds:[esi + 2], Ax mov ax, word ptr ds:[EBX + 4] Add word ptr ds:[esi + 4], Ax lea eax, dword ptr ds:[esi + 6] mov dx, word ptr ds:[EBX + 6] Call Proc1 MOV AX,WORD PTR DS:[ESI+4] MOV TempESP10, AX MOV AX,WORD PTR DS:[ESI] XOR WORD PTR DS:[ESI+4],AX LEA EAX,DWORD PTR DS:[ESI+4] MOV DX, word ptr ds:[EBX + 8] Call proc1 PUSH EAX MOV AX, WORD PTR DS:[ESI+2] MOV BP1, AX POP EAX MOV AX,WORD PTR DS:[ESI+6] XOR WORD PTR DS:[ESI+2],AX MOV AX,WORD PTR DS:[ESI+4] ADD WORD PTR DS:[ESI+2],AX LEA EAX,DWORD PTR DS:[ESI+2] MOV DX, word ptr ds:[EBX + $A] CALL Proc1 MOV AX,WORD PTR DS:[ESI+2] ADD WORD PTR DS:[ESI+4],AX MOV AX,WORD PTR DS:[ESI+2] XOR WORD PTR DS:[ESI],AX MOV AX,WORD PTR DS:[ESI+4] XOR WORD PTR DS:[ESI+6],AX MOV AX, TempESP10 XOR WORD PTR DS:[ESI+2],AX PUSH EAX MOV AX, Word ptr BP1 XOR WORD PTR DS:[ESI+4], AX POP EAX ADD EBX,$C DEC EDI JNZ Beg MOV EDX, CryptMas MOV DX, WORD PTR DS:[EDX + $D8 - $78] //$52D7 MOV EAX,ESI Call proc1 MOV EAX, CryptMas MOV AX, WORD PTR DS:[EAX + $DA - $78] //$BF70 ADD WORD PTR DS:[ESI+4],AX MOV EAX, CryptMas MOV AX, WORD PTR DS:[EAX + $DC - $78] //$0D12 ADD WORD PTR DS:[ESI+2],AX MOV EDX, CryptMas MOV DX, WORD PTR DS:[EDX + $DE - $78] //$8A81 LEA EAX, DWORD PTR DS:[ESI+6] CALL Proc1 MOV AX,WORD PTR DS:[ESI] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR DS:[ESI],DX MOV AX,WORD PTR DS:[ESI+4] PUSH EDX MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV DWORD PTR EBPTMP, EDX POP EDX MOV AX,WORD PTR DS:[ESI+2] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR DS:[ESI+4],DX MOV AX,WORD PTR DS:[ESI+6] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR DS:[ESI+6],DX MOV EAX,EBPTMP MOV WORD PTR DS:[ESI+2],AX MOVZX EAX,AX end; OUTESP := NumOut; asm MOV EDX, OUTESP MOV DWORD PTR DS:[EDX],EAX MOV EAX, OUTESP SHL DWORD PTR DS:[EAX],$10 MOVZX EAX,WORD PTR DS:[ESI] MOV EDX, OUTESP OR DWORD PTR DS:[EDX],EAX MOVZX EAX,WORD PTR DS:[ESI+6] MOV EDX, OUTESP MOV DWORD PTR DS:[EDX+4],EAX MOV EAX, OUTESP SHL DWORD PTR DS:[EAX+4],$10 MOVZX EAX,WORD PTR DS:[ESI+4] MOV EDX, OUTESP OR DWORD PTR DS:[EDX+4],EAX end; exit; asm Proc1: PUSH EBX MOVZX ECX,WORD PTR DS:[EAX] MOVZX EBX,DX IMUL ECX,EBX TEST ECX,ECX JNZ AVKCr005056A5 MOV CX,1 SUB CX,WORD PTR DS:[EAX] SUB CX,DX MOV WORD PTR DS:[EAX],CX POP EBX RETN AvkCr005056A5: MOV EDX,ECX SHR EDX, $10 MOV WORD PTR DS:[EAX],DX MOV EDX,ECX AND DX,$FFFF MOV ECX,EDX SUB CX,WORD PTR DS:[EAX] MOV WORD PTR DS:[EAX],CX CMP DX,WORD PTR DS:[EAX] JNB AVKCr005056C4 INC WORD PTR DS:[EAX] AVKCr005056C4: POP EBX RETN end; end; //procedure CreateCryptMas(const key1, key2: string; aTestPassMas: BOOLean); procedure CreateCryptMas(const key1, key2: AnsiString; aTestPassMas: BOOLean); var PreTempKey1: array[1..20] of Byte; TempKey1: array [1..16] of Byte; PreTempMas: array [1..4] of Byte; TempMas: array[1..$190] of Byte; PreMass: array[1..$190] of Byte; TempKey2: array[1..16] of byte; PostMass: array[1..$190] of Byte; PTempKey1: Pointer; PTempKey2: Pointer; PTempMas: Pointer; PPTempMas: Pointer; PTempMas2: Pointer; PPostMas: Pointer; TempESP74: dword; PPreTempKey1: Pointer; i: integer; TmpBP: word; TempEBP: Dword; TMPESP4: Dword; TMPESP10: word; TmpESP: Dword; TmpBP1: word; SaveESP: Dword; TempMas2: array[1..$190] of byte; TestPassMas: Boolean; label AVKCr005056A5, AVKCr005056C4, AVKCr00505688, AVKCr00505ECF, AVKCr00505EAD, AVKCr00505B7E, AVKCr005056C8, AVKCr00505736, AVKCr005056DC, AVKCr0050576A, AVKCr0050570B, AVKCr0050570F, AVKCr00505B14, AVKCr00505CF8, AVKCr00505CD6, AVKCr007E5FED, AVKCr007E5FCF, AvkCr00505C70, AvkCr007E6654, AVKCr007E6671, AvkCr007E5FB0, AVKCr0050602E, AVKCr007D51D8, AVKCr007D51EC, AVKCr00505770, AVKCr005057BA, AVKCr005057DF; begin TestPassMas := aTestPassMas; for i := 1 to 16 do TempKey1[i] := byte(key1[i]); for i := 1 to 16 do TempKey2[i] := byte(key2[i]); PTempKey1 := @TempKey1; PTempKey2 := @TempKey2; PTempMas := @TempMas; PPTempMas := @TempMas; PPostMas := @PostMass; PPreTempKey1 := @PreTempKey1; asm Mov SaveESP, ESP Push EBX mov EAX, $10 mov ECX, EAX SHL ECX, 3 mov edx, PTempKey1 mov ebx, PTempKey2 Call AvkCr00505C70 mov EAX, PTempKey1 mov ECX, $10 mov EBX, PTempKey2 Mov Edx, EBX CALL AVKCr007D51D8 MOV EAX, PTempKey1 Lea EDX, TempMas Mov ECX, EAX XCHG EAX,EDX CALL AVKCr00505770 LEA EAX,DWORD PTR TempKey1 + 8 LEA EDX,DWORD PTR TempKey1 + $14 ADD PTempKey1, 8 MOV ECX,EAX XCHG EAX,EDX CALL AVKCr00505770 MOV EAX, $10 MOV ECX,EAX SHL ECX,3 end; for i := 1 to $10 do PreMass[i] := TempKey1[i]; PreMass[$11] := 0; PreMass[$12] := 0; PreMass[$13] := 0; PreMass[$14] := 0; for i := 1 to $180 - 4 do PreMass[$14 + i] := TempMas[i]; for i := 1 to $180 do PostMass[i] := 0; asm LEA EDX, PreMass MOV EAX, PPostMas CALL AVKCr00505C70 end; if TestPassMas then begin for i := 1 to 12*9 do begin if PassMasAvk[i] <> PostMass[i] then begin // ShowMessage('Error crypt massiv'); break; end; end; end; for i := 1 to 12*9 do PassMas[i] := PostMass[i]; asm Mov ESP, SaveESP Pop Ebx end; exit; asm /////// AVKCr00505770 AVKCr00505770: PUSH EBX PUSH ESI PUSH EDI PUSH EBP MOV TMPESP4, ECX MOV TMPESP,EAX LEA ESI, PreTempKey1 MOV AX,WORD PTR DS:[EDX] AND AX,$FFFF MOV WORD PTR DS:[ESI],AX MOV EAX,DWORD PTR DS:[EDX] SHR EAX,$10 AND AX, $FFFF MOV WORD PTR DS:[ESI+2],AX MOV AX,WORD PTR DS:[EDX+4] AND AX,$FFFF MOV WORD PTR DS:[ESI+4],AX MOV EAX,DWORD PTR DS:[EDX+4] SHR EAX,$10 AND AX,$FFFF MOV WORD PTR DS:[ESI+6],AX MOV EDI,4 MOV EAX,ESI AVKCr005057BA: MOV DX,WORD PTR DS:[EAX] MOV ECX,EDX SHL ECX,8 MOVZX EDX,DX SHR EDX,8 OR CX,DX MOV WORD PTR DS:[EAX],CX ADD EAX,2 DEC EDI JNZ AVKCr005057BA MOV EDI,8 MOV EBX, PPTempMas ADD EBX,$10 AVKCr005057DF: MOV EAX,ESI MOV DX,WORD PTR DS:[EBX] CALL AVKCr00505688 MOV AX,WORD PTR DS:[EBX+2] ADD WORD PTR DS:[ESI+2],AX MOV AX,WORD PTR DS:[EBX+4] ADD WORD PTR DS:[ESI+4],AX LEA EAX,DWORD PTR DS:[ESI+6] MOV DX,WORD PTR DS:[EBX+6] CALL AVKCr00505688 MOV AX,WORD PTR DS:[ESI+4] MOV TMPESP10,AX MOV AX,WORD PTR DS:[ESI] XOR WORD PTR DS:[ESI+4],AX LEA EAX,DWORD PTR DS:[ESI+4] MOV DX,WORD PTR DS:[EBX+8] CALL AVKCr00505688 PUSH EAX MOV AX,WORD PTR DS:[ESI+2] MOV TMPBP1, AX POP EAX MOV AX,WORD PTR DS:[ESI+6] XOR WORD PTR DS:[ESI+2],AX MOV AX,WORD PTR DS:[ESI+4] ADD WORD PTR DS:[ESI+2],AX LEA EAX,DWORD PTR DS:[ESI+2] MOV DX,WORD PTR DS:[EBX+$A] CALL AVKCr00505688 MOV AX,WORD PTR DS:[ESI+2] ADD WORD PTR DS:[ESI+4],AX MOV AX,WORD PTR DS:[ESI+2] XOR WORD PTR DS:[ESI],AX MOV AX,WORD PTR DS:[ESI+4] XOR WORD PTR DS:[ESI+6],AX MOV AX, TMPESP10 XOR WORD PTR DS:[ESI+2],AX PUSH EAX MOV AX, TMPBP1 XOR WORD PTR DS:[ESI+4], AX POP EAX ADD EBX,$C DEC EDI JNZ AVKCr005057DF MOV EDX, PPTempMas MOV DX,WORD PTR DS:[EDX+$70] MOV EAX,ESI CALL AVKCr00505688 MOV EAX, PPTempMas MOV AX,WORD PTR DS:[EAX+$72] ADD WORD PTR DS:[ESI+4],AX MOV EAX, PPTempMas MOV AX,WORD PTR DS:[EAX+$74] ADD WORD PTR DS:[ESI+2],AX MOV EDX, PPTempMas MOV DX,WORD PTR DS:[EDX+$76] LEA EAX,DWORD PTR DS:[ESI+6] CALL AVKCr00505688 MOV AX,WORD PTR DS:[ESI] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR DS:[ESI],DX MOV AX,WORD PTR DS:[ESI+4] PUSH EBX MOV EBX,EAX SHL EBX,8 MOVZX EAX,AX SHR EAX,8 OR BX,AX MOV AX,WORD PTR DS:[ESI+2] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR DS:[ESI+4],DX MOV AX,WORD PTR DS:[ESI+6] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR DS:[ESI+6],DX MOV EAX,EBX POP EBX MOV WORD PTR DS:[ESI+2],AX MOVZX EAX,AX MOV EDX, PTempKey1 MOV DWORD PTR DS:[EDX],EAX MOV EAX, PTempKey1 SHL DWORD PTR DS:[EAX],$10 MOVZX EAX,WORD PTR DS:[ESI] MOV EDX, PTempKey1 OR DWORD PTR DS:[EDX],EAX MOVZX EAX,WORD PTR DS:[ESI+6] MOV EDX, PTempKey1 MOV DWORD PTR DS:[EDX+4],EAX MOV EAX, PTempKey1 SHL DWORD PTR DS:[EAX+4],$10 MOVZX EAX,WORD PTR DS:[ESI+4] MOV EDX, PTempKey1 OR DWORD PTR DS:[EDX+4],EAX POP EBP POP EDI POP ESI POP EBX RETN /////////// AVKCr007D51D8 AVKCr007D51D8: PUSH EDI PUSH ESI PUSH EBX MOV ESI,EAX MOV EDI,EDX MOV EBX,ECX XOR AL,AL TEST ECX,ECX JE AVKCr007D51EC REPNE SCAS BYTE PTR ES:[EDI] JNZ AVKCr007D51EC INC ECX AVKCr007D51EC: SUB EBX,ECX MOV EDI,ESI MOV ESI,EDX MOV EDX,EDI MOV ECX,EBX SHR ECX,2 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI] MOV ECX,EBX AND ECX,3 REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI] STOS BYTE PTR ES:[EDI] MOV EAX,EDX POP EBX POP ESI POP EDI RETN ///////// AvkCr00505C70 AvkCr00505C70: Push EBP MOv TEMPEBP, ESP PUSH EBX PUSH ESI PUSH EDI MOV EBX, ECX MOV edi, edx SAR EBX,3 lea EAX, TempMas add Eax, $10 XOR ECX, ECX MOV EDX, $68 Call AvkCr007E6654 // TempMas <-- 0 lea edx, TempMas add edx, $10 mov eax, edi mov Ecx, $10 call AvkCr007E5FB0 // TempMas <-- TempKey1 mov EBx, 8 lea eax, TempMas add eax, $10 AVKCr00505CD6: MOV DX,WORD PTR DS:[EAX] MOV ECX,EDX SHL ECX,8 MOVZX EDX,DX SHR EDX,8 OR CX,DX MOV WORD PTR DS:[EAX],CX ADD EAX,2 DEC EBX JNZ AVKCr00505CD6 mov Ebx, 1 lea EAX, TempMas add EAX, $20 lea ESI, TempMas AVKCr00505CF8: MOV EDX,EBX DEC EDX SHL EDX,3 MOV DX,WORD PTR DS:[ESI+EDX*2+$12] SHL EDX,9 MOV ECX,EBX DEC ECX SHL ECX,3 MOVZX ECX,WORD PTR DS:[ESI+ECX*2+$14] SHR ECX,7 OR DX,CX MOV WORD PTR DS:[EAX],DX MOV EDX,EBX DEC EDX SHL EDX,3 MOV DX,WORD PTR DS:[ESI+EDX*2+$14] SHL EDX,9 MOV ECX,EBX DEC ECX SHL ECX,3 MOVZX ECX,WORD PTR DS:[ESI+ECX*2+$16] SHR ECX,7 OR DX,CX MOV WORD PTR DS:[EAX+2],DX MOV EDX,EBX DEC EDX SHL EDX,3 MOV DX,WORD PTR DS:[ESI+EDX*2+$16] SHL EDX,9 MOV ECX,EBX DEC ECX SHL ECX,3 MOVZX ECX,WORD PTR DS:[ESI+ECX*2+$18] SHR ECX,7 OR DX,CX MOV WORD PTR DS:[EAX+4],DX MOV EDX,EBX DEC EDX SHL EDX,3 MOV DX,WORD PTR DS:[ESI+EDX*2+$18] SHL EDX,9 MOV ECX,EBX DEC ECX SHL ECX,3 MOVZX ECX,WORD PTR DS:[ESI+ECX*2+$1A] SHR ECX,7 OR DX,CX MOV WORD PTR DS:[EAX+6],DX MOV EDX,EBX DEC EDX SHL EDX,3 MOV DX,WORD PTR DS:[ESI+EDX*2+$1A] SHL EDX,9 MOV ECX,EBX DEC ECX SHL ECX,3 MOVZX ECX,WORD PTR DS:[ESI+ECX*2+$1C] SHR ECX,7 OR DX,CX MOV WORD PTR DS:[EAX+8],DX MOV EDX,EBX DEC EDX SHL EDX,3 MOV DX,WORD PTR DS:[ESI+EDX*2+$1C] SHL EDX,9 MOV ECX,EBX DEC ECX SHL ECX,3 MOVZX ECX,WORD PTR DS:[ESI+ECX*2+$1E] SHR ECX,7 OR DX,CX MOV WORD PTR DS:[EAX+$A],DX MOV EDX,EBX DEC EDX SHL EDX,3 MOV DX,WORD PTR DS:[ESI+EDX*2+$1E] SHL EDX,9 MOV ECX,EBX DEC ECX SHL ECX,3 MOVZX ECX,WORD PTR DS:[ESI+ECX*2+$10] SHR ECX,7 OR DX,CX MOV WORD PTR DS:[EAX+$C],DX MOV EDX,EBX DEC EDX SHL EDX,3 MOV DX,WORD PTR DS:[ESI+EDX*2+$10] SHL EDX,9 MOV ECX,EBX DEC ECX SHL ECX,3 MOVZX ECX,WORD PTR DS:[ESI+ECX*2+$12] SHR ECX,7 OR DX,CX MOV WORD PTR DS:[EAX+$E],DX INC EBX ADD EAX,$10 CMP EBX,$6 JNZ AVKCr00505CF8 // End Change Key MOV AX,WORD PTR DS:[ESI+$62] SHL EAX,9 MOVZX EDX,WORD PTR DS:[ESI+$64] SHR EDX,7 OR AX,DX MOV WORD PTR DS:[ESI+$70],AX MOV AX,WORD PTR DS:[ESI+$64] SHL EAX,9 MOVZX EDX,WORD PTR DS:[ESI+$66] SHR EDX,7 OR AX,DX MOV WORD PTR DS:[ESI+$72],AX MOV AX,WORD PTR DS:[ESI+$66] SHL EAX,9 MOVZX EDX,WORD PTR DS:[ESI+$68] SHR EDX,7 OR AX,DX MOV WORD PTR DS:[ESI+$74],AX MOV AX,WORD PTR DS:[ESI+$68] SHL EAX,9 MOVZX EDX,WORD PTR DS:[ESI+$6A] SHR EDX,7 OR AX,DX MOV WORD PTR DS:[ESI+$76],AX LEA EDX,DWORD PTR DS:[ESI+$78] LEA EAX,DWORD PTR DS:[ESI+$10] CALL AVKCr00505B14 lea ESI, TempMas lea EAX, TempMas MOV ECX,$FF MOV EDX,8 CALL AVKCr007E6654 // FFFFFF -> PTempMas LEA EDX, PreTempKey1 MOV EAX, ESI MOV ECX,8 CALL AVKCr007E5FB0 MOV EBX,4 LEA EAX, TempMas // Local2 AVKCr00505EAD: MOV DX,WORD PTR DS:[EAX] MOV ECX,EDX SHL ECX,8 MOVZX EDX,DX SHR EDX,8 OR CX,DX MOV WORD PTR DS:[EAX],CX ADD EAX,2 DEC EBX JNZ AVKCr00505EAD MOV EBX,8 LEA EDI,DWORD PTR DS:[ESI+$10] AVKCr00505ECF: MOV DX,WORD PTR DS:[EDI] lea EAX, TempMas // Local2 CALL AVKCr00505688 MOV AX,WORD PTR DS:[EDI+2] ADD WORD PTR SS:[TempMas + 2],AX MOV AX,WORD PTR DS:[EDI+4] ADD WORD PTR SS:[TempMas + 4],AX MOV DX,WORD PTR DS:[EDI+6] LEA EAX,DWORD PTR SS:[TempMas + 6] CALL AVKCr00505688 MOV AX,WORD PTR SS:[TempMas + 4] MOV WORD PTR SS:[TempMas - $2],AX MOV AX,WORD PTR SS:[TempMas] XOR WORD PTR SS:[TempMas + 4],AX MOV DX,WORD PTR DS:[EDI+8] LEA EAX, DWORD PTR ss:[TempMas + 4] CALL AVKCr00505688 MOV AX,WORD PTR SS:[TempMas + 2] MOV WORD PTR SS:[TempMas-$4],AX MOV AX,WORD PTR SS:[TempMas + 6] XOR WORD PTR SS:[TempMas + 2],AX MOV AX,WORD PTR SS:[TempMas + 4] ADD WORD PTR SS:[TempMas + 2],AX MOV DX,WORD PTR DS:[EDI+$A] LEA EAX,DWORD PTR SS:[TempMas + 2] CALL AVKCr00505688 MOV AX,WORD PTR SS:[TempMas +2] ADD WORD PTR SS:[TempMas + 4], AX MOV AX,WORD PTR SS:[TempMas + 2] XOR WORD PTR SS:[TempMas],AX MOV AX,WORD PTR SS:[TempMas + 4] XOR WORD PTR SS:[TempMas + 6],AX MOV AX,WORD PTR SS:[TempMas - 2] XOR WORD PTR SS:[TempMas + 2],AX MOV AX,WORD PTR SS:[TempMas- 4] XOR WORD PTR SS:[TempMas + 4],AX ADD EDI,$0C DEC EBX JNZ AVKCr00505ECF lea ESI, TempMas MOV DX,WORD PTR DS:[ESI+$70] LEA EAX, TempMas CALL AVKCr00505688 MOV AX,WORD PTR DS:[ESI+$72] ADD WORD PTR SS:[TempMas + 4],AX MOV AX,WORD PTR DS:[ESI+$74] ADD WORD PTR SS:[TempMas + 2],AX MOV DX,WORD PTR DS:[ESI+$76] LEA EAX,DWORD PTR SS:[TempMas + 6] CALL AVKCr00505688 MOV AX,WORD PTR SS:[TempMas] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR SS:[TempMas],DX MOV AX,WORD PTR SS:[TempMas + 4] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR SS:[TempMas - 4],DX MOV AX,WORD PTR SS:[TempMas + 2] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR SS:[TempMas + 4],DX MOV AX,WORD PTR SS:[TempMas + 6] MOV EDX,EAX SHL EDX,8 MOVZX EAX,AX SHR EAX,8 OR DX,AX MOV WORD PTR SS:[TempMas + 6],DX MOV AX,WORD PTR SS:[TempMas - 4] MOV WORD PTR SS:[TempMas + 2],AX MOV EDX,ESI LEA EAX, TempMas MOV ECX,8 CALL AVKCr007E5FB0 LEA EDX,DWORD PTR DS:[ESI+8] MOV EAX,ESI MOV ECX,8 CALL AVKCr007E5FB0 JMP AVKCr0050602E MOV EDX,ESI MOV EAX, 0 MOV ECX,8 CALL AVKCr007E5FB0 LEA EDX,DWORD PTR DS:[ESI+8] MOV EAX,ESI MOV ECX,8 CALL AVKCr007E5FB0 AVKCr0050602E: POP EDI POP ESI POP EBX MOV ESP, TEMPEBP POP EBP retn ///////// AVKCr00505B14 AVKCr00505B14: PUSH EBX PUSH ESI PUSH EDI PUSH EBP MOV DWORD PTR TEMPESP74 ,EDX MOV ESI,EAX MOV EBX, PPostMas ADD EBX, $68 SUB EBX,2 MOV AX,WORD PTR DS:[ESI] CALL AVKCr005056C8 MOV EDI,EAX ADD ESI,2 PUSH EAX MOV AX, WORD PTR DS:[ESI] NEG AX MOV TMPBP, AX POP EAX ADD ESI,2 MOV AX,WORD PTR DS:[ESI] NEG AX MOV WORD PTR SS:[ESP+8],AX ADD ESI,2 MOV AX,WORD PTR DS:[ESI] CALL AVKCr005056C8 MOV WORD PTR DS:[EBX],AX ADD ESI,2 SUB EBX,2 MOV AX,WORD PTR SS:[ESP+8] MOV WORD PTR DS:[EBX],AX SUB EBX,2 PUSH EAX MOV AX, TMPBP MOV WORD PTR DS:[EBX], AX POP EAX SUB EBX,2 MOV WORD PTR DS:[EBX],DI SUB EBX,2 MOV DWORD PTR SS:[ESP+4],7 AVKCr00505B7E: MOV DI,WORD PTR DS:[ESI] ADD ESI,2 MOV AX,WORD PTR DS:[ESI] MOV WORD PTR DS:[EBX],AX ADD ESI,2 SUB EBX,2 MOV WORD PTR DS:[EBX],DI SUB EBX,2 MOV AX,WORD PTR DS:[ESI] CALL AVKCr005056C8 MOV EDI,EAX ADD ESI,2 PUSH EAX MOV AX, WORD PTR DS:[ESI] NEG AX MOV TMPBP, AX POP EAX ADD ESI,2 MOV AX,WORD PTR DS:[ESI] NEG AX MOV WORD PTR SS:[ESP+8],AX ADD ESI,2 MOV AX,WORD PTR DS:[ESI] CALL AVKCr005056C8 MOV WORD PTR DS:[EBX],AX ADD ESI,2 SUB EBX,2 PUSH EAX MOV AX, TMPBP MOV WORD PTR DS:[EBX], AX POP EAX SUB EBX,2 MOV AX,WORD PTR SS:[ESP+8] MOV WORD PTR DS:[EBX],AX SUB EBX,2 MOV WORD PTR DS:[EBX],DI SUB EBX,2 DEC DWORD PTR SS:[ESP+4] JNZ AVKCr00505B7E MOV DI,WORD PTR DS:[ESI] ADD ESI,2 MOV AX,WORD PTR DS:[ESI] MOV WORD PTR DS:[EBX],AX SUB EBX,2 ADD ESI,2 MOV WORD PTR DS:[EBX],DI SUB EBX,2 MOV AX,WORD PTR DS:[ESI] CALL AVKCr005056C8 MOV EDI,EAX ADD ESI,2 PUSH EAX MOV AX,WORD PTR DS:[ESI] NEG AX MOV TMPBP, AX POP EAX ADD ESI,2 MOV AX,WORD PTR DS:[ESI] NEG AX MOV WORD PTR SS:[ESP+8],AX ADD ESI,2 MOV AX,WORD PTR DS:[ESI] CALL AVKCr005056C8 MOV WORD PTR DS:[EBX],AX SUB EBX,2 MOV AX,WORD PTR SS:[ESP+8] MOV WORD PTR DS:[EBX],AX SUB EBX,2 PUSH EAX MOV AX, TMPBP MOV WORD PTR DS:[EBX], AX POP EAX SUB EBX,2 MOV WORD PTR DS:[EBX],DI lea EDX, TempMas Add Edx, $78 Mov EAX, PPostMas MOV ECX,$68 CALL AVKCr007E5FB0 POP EBP POP EDI POP ESI POP EBX retn ///////// AVKCr00505688 AVKCr00505688: PUSH EBX MOVZX ECX,WORD PTR DS:[EAX] MOVZX EBX,DX IMUL ECX,EBX TEST ECX,ECX JNZ AVKCr005056A5 MOV CX,1 SUB CX,WORD PTR DS:[EAX] SUB CX,DX MOV WORD PTR DS:[EAX],CX POP EBX RETN AVKCr005056A5: MOV EDX,ECX SHR EDX,$10 MOV WORD PTR DS:[EAX],DX MOV EDX,ECX AND DX,$FFFF MOV ECX,EDX SUB CX,WORD PTR DS:[EAX] MOV WORD PTR DS:[EAX],CX CMP DX,WORD PTR DS:[EAX] JNB AVKCr005056C4 INC WORD PTR DS:[EAX] AVKCr005056C4: POP EBX RETN //////// AVKCr005056C8 AVKCr005056C8: PUSH EBX PUSH ESI PUSH EDI PUSH EBP PUSH ECX MOV ECX,EAX CMP CX,1 JA AVKCr005056DC MOV EAX,ECX JMP AVKCr0050576A AVKCr005056DC: MOVZX EBX,CX MOV EAX, $10001 XOR EDX,EDX DIV EBX MOV WORD PTR SS:[ESP],AX MOV EAX,$10001 XOR EDX,EDX DIV EBX MOV EBX,EDX CMP BX,1 JNZ AVKCr0050570B MOV AX,1 SUB AX,WORD PTR SS:[ESP] AND AX,$FFFF JMP AVKCr0050576A AVKCr0050570B: MOV BP,1 AVKCr0050570F: MOVZX EAX,CX MOVZX EDI,BX XOR EDX,EDX DIV EDI MOV ESI,EAX MOVZX EAX,CX XOR EDX,EDX DIV EDI MOV ECX,EDX IMUL SI,WORD PTR SS:[ESP] ADD BP,SI CMP CX,1 JNZ AVKCr00505736 MOV EAX,EBP JMP AVKCr0050576A AVKCr00505736: MOV EAX,EDI MOVZX EDX,CX MOV ESI,EDX XOR EDX,EDX DIV ESI MOV ESI,EAX MOV EAX,EDI MOVZX EDX,CX MOV EBX,EDX XOR EDX,EDX DIV EBX MOV EBX,EDX IMUL SI,BP ADD WORD PTR SS:[ESP],SI CMP BX,1 JNZ AVKCr0050570F MOV AX,1 SUB AX,WORD PTR SS:[ESP] AND AX, $FFFF AVKCr0050576A: POP EDX POP EBP POP EDI POP ESI POP EBX RETN ///////////// AvkCr007E6654 AvkCr007E6654: PUSH EDI MOV EDI,EAX MOV CH,CL MOV EAX,ECX SHL EAX,$10 MOV AX,CX MOV ECX,EDX SAR ECX,2 JS AVKCr007E6671 REP STOS DWORD PTR ES:[EDI] MOV ECX,EDX AND ECX,3 REP STOS BYTE PTR ES:[EDI] AVKCr007E6671: POP EDI RETN /////////// AvkCr007E5FB0 AvkCr007E5FB0: PUSH ESI PUSH EDI MOV ESI,EAX MOV EDI,EDX MOV EAX,ECX CMP EDI,ESI JA AVKCr007E5FCF JE AVKCr007E5FED SAR ECX,2 JS AVKCr007E5FED REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI] MOV ECX,EAX AND ECX,3 REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI] POP EDI POP ESI RETN AVKCr007E5FCF: LEA ESI,DWORD PTR DS:[ECX+ESI-4] LEA EDI,DWORD PTR DS:[ECX+EDI-4] SAR ECX,2 JS AVKCr007E5FED STD REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI] MOV ECX,EAX AND ECX,3 ADD ESI,3 ADD EDI,3 REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI] CLD AVKCr007E5FED: POP EDI POP ESI RETN end; end; end.