Text only | Text with Images

The MASM Forum Archive 2004 to 2012

Specialised Projects => Compiler Based Assembler => Assembler With Microsoft Visual C => Topic started by: six_L on May 05, 2008, 09:09:45 AM

Title: reverse CRC32
Post by: six_L on May 05, 2008, 09:09:45 AM
Code Select
#include <stdlib.h>
#include <windows.h>

const DWORD CRC32_Table[256] = {
0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, 0x706AF48F, 0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988,
0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91, 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE, 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7,
0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9, 0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172,
0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, 0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59,
0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423, 0xCFBA9599, 0xB8BDA50F, 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924,
0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D, 0x76DC4190, 0x01DB7106, 0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433,
0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818, 0x7F6A0DBB, 0x086D3D2D, 0x91646C97, 0xE6635C01, 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E,
0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457, 0x65B0D9C6, 0x12B7E950, 0x8BBEB8EA, 0xFCB9887C, 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65,
0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, 0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB, 0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0,
0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9, 0x5005713C, 0x270241AA, 0xBE0B1010, 0xC90C2086, 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F,
0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, 0x2EB40D81, 0xB7BD5C3B, 0xC0BA6CAD, 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A,
0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683, 0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8, 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1,
0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE, 0xF762575D, 0x806567CB, 0x196C3671, 0x6E6B06E7, 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC,
0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, 0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B,
0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55, 0x316E8EEF, 0x4669BE79, 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236,
0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F, 0xC5BA3BBE, 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D,
0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A, 0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713, 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38,
0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, 0x86D3D2D4, 0xF1D4E242, 0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777,
0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, 0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45, 0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2,
0xA7672661, 0xD06016F7, 0x4969474D, 0x3E6E77DB, 0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9,
0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605, 0xCDD70693, 0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94,
0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D
};


#define ARRAY_SIZE(__x)     sizeof(__x) / sizeof(__x[0])

// -----------------------------------------------------------------------------

HRESULT Hash_CalcCRC32(
                            __deref_in                  LPDWORD pCRC32Table,
                            __deref_inout               LPDWORD pdwSeed,
                            __in                        DWORD   dwSize,
                            __deref_in_ecount(dwSize)   LPBYTE  pBuffer )
{
    register DWORD dwCRC = *pdwSeed;

    __try
    {
        for( DWORD i = 0; i < dwSize; i++ )
        {
            dwCRC = pCRC32Table[LOBYTE( LOWORD(dwCRC) ) ^ pBuffer[i]] ^ (dwCRC>>8);
        }

        *pdwSeed = dwCRC;
        return S_OK;
    }
    __except( GetExceptionCode() == EXCEPTION_ACCESS_VIOLATION ? EXCEPTION_EXECUTE_HANDLER : EXCEPTION_CONTINUE_SEARCH )
    {
        return E_UNEXPECTED;
    }
}


// -----------------------------------------------------------------------------

static DWORD Hash_LookupCRC32(
                            __in                        DWORD   dwSize,
                            __deref_in_ecount(dwSize)   LPDWORD pCRCTable,
                            __in                        BYTE    index )
{
    for( DWORD i = 0; i < dwSize; i++ )
    {
        if( index == HIBYTE(HIWORD(pCRCTable[i]) ) )
            return i;
    }
    return (DWORD) -1;
}

// -----------------------------------------------------------------------------

HRESULT Hash_CalcReverseCRC32(
                            __deref_in                  LPDWORD pCRC32Table,
                            __in                        DWORD   dwSeed,
                            __in                        DWORD   dwExpectedCRC,
                            __in                        DWORD   dwSize,
                            __deref_in_ecount(dwSize)   LPBYTE  pBuffer )
{
    HRESULT hr = S_OK;
    DWORD   b, c, d, e, i[4];
    DWORD   dwLastCRC = dwSeed;
    LPBYTE  pAddr = pBuffer + dwSize - 4;

    __try
    {
        hr = Hash_CalcCRC32(
                            pCRC32Table,
                            &dwLastCRC,
                            dwSize - 4,
                            pBuffer );
        if( FAILED(hr) )
            return hr;

        i[3] = Hash_LookupCRC32( 256, pCRC32Table, HIBYTE(HIWORD(dwExpectedCRC)) );
        if( (DWORD) -1 == i[3] )
            return E_UNEXPECTED;
        e = pCRC32Table[i[3]];

        i[2] = Hash_LookupCRC32( 256, pCRC32Table, LOBYTE(HIWORD(dwExpectedCRC) ^ LOBYTE(HIWORD(e))) );
        if( (WORD) -1 == i[2] )
            return E_UNEXPECTED;
        d = pCRC32Table[i[2]];

        i[1] = Hash_LookupCRC32( 256, pCRC32Table, HIBYTE(LOWORD(dwExpectedCRC)) ^ HIBYTE(LOWORD(e)) ^ LOBYTE(HIWORD(d)) );
        if( (WORD) -1 == i[1] )
            return E_UNEXPECTED;
        c = pCRC32Table[i[1]];

        i[0] = Hash_LookupCRC32( 256, pCRC32Table, LOBYTE(LOWORD(dwExpectedCRC)) ^ LOBYTE(LOWORD(e)) ^ HIBYTE(LOWORD(d)) ^ LOBYTE(HIWORD(c)) );
        if( (WORD) -1 == i[0] )
            return E_UNEXPECTED;
        b = pCRC32Table[i[0]];

        pAddr[0] = LOBYTE(LOWORD(i[0])) ^ LOBYTE(LOWORD(dwLastCRC));
        pAddr[1] = LOBYTE(LOWORD(i[1])) ^ HIBYTE(LOWORD(dwLastCRC)) ^ LOBYTE(LOWORD(b));
        pAddr[2] = LOBYTE(LOWORD(i[2])) ^ LOBYTE(HIWORD(dwLastCRC)) ^ HIBYTE(LOWORD(b)) ^ LOBYTE(LOWORD(c));
        pAddr[3] = LOBYTE(LOWORD(i[3])) ^ HIBYTE(HIWORD(dwLastCRC)) ^ LOBYTE(HIWORD(b)) ^ HIBYTE(LOWORD(c)) ^ LOBYTE(LOWORD(d));
        return S_OK;
    }
    __except( GetExceptionCode() == EXCEPTION_ACCESS_VIOLATION ? EXCEPTION_EXECUTE_HANDLER : EXCEPTION_CONTINUE_SEARCH )
    {
        return HRESULT_FROM_WIN32( ERROR_INVALID_DATA );
    }
}

;//=====================================================================
if u r interesting, help to translate it into asm
Title: Re: reverse CRC32
Post by: evlncrn8 on May 06, 2008, 01:48:29 PM
looks pretty simplistic.. you can't convert it?
Title: Re: reverse CRC32
Post by: six_L on May 08, 2008, 02:41:31 AM
you have not enough interest in such codes.
Title: Re: reverse CRC32
Post by: evlncrn8 on May 08, 2008, 06:36:09 AM
huh? its hardly rocket science.. the first part is a table.. no translation needed..
procs themselves are INCREDIBLY simplistic...
Title: Re: reverse CRC32
Post by: Mark Jones on May 24, 2008, 05:33:32 PM
How about compiling with debug info, loading it into OllyDbg, and copying the code listing into an .asm file as "commented" assembler? Then just refine that into typical MASM32 code. Assuming this is unlicensed code, of course. Or run it through IDA if you own that. (Never used it personally, but heard it was nice.)
Title: Re: reverse CRC32
Post by: six_L on May 26, 2008, 03:07:33 AM
hello, Mark Jones
Thanks. this is a better way to try.
Text only | Text with Images