BPX on _lwrite Wednesday, 17-Feb-99 15:37:39
Hi, BPXing on _lwrite in softice and then typing in the correct password brings you to the part of code which writes out the file to disk. You will see that AL holds the hex value of the number of bytes to write to the file. _lwrite uses the parameters [filehandle],[Number of bytes to write to file],[address where buffer is]. This means we can now backtrack to the point where the buffer is manipulated and see how the first byte of the buffer was reached. I have concluded so far that the encryption routine uses whats called a stream cypher. It encrypts the file byte by byte. In other words the first byte affects all subsequent bytes. If you locate the _lwrite in the disassembled code you will find only two _lwrite calls. The second one is the one we have just breakpointed on. If you then backtrack you will find two unconditional jums and two conditional jumps. These need to be explored. L8R Mushy!! Mushy |
The Mushy thread (mushy) (09-Feb-99 16:31:15) |