发个老掉牙的bitlok脱壳程序,bitlok,其他平台 2008年06月23日 星期一 下午 11:37 在恢复一个崩溃的移动硬盘时发现10年前自己写的烂程序,发出来权当纪念。 ;[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~] ;[ BITLOK系列通用解密软件BITFREE V2.0 ] ;[ 1995年6月9日11时19分第一版 ] ;[_____________________________________________________] Mark0 EQU 0c0d7h ;BITLOK 之标志 '雷' Mark1 EQU 0d5c5h ;HARD DISK SIGN ? @Offset3_L EQU 52h ; @Offset3_H EQU 54h ; @Relocations EQU 56h ; @Head_Size EQU 58H ; @Locker_Size_L EQU 5AH ; @Locker_Size_H EQU 5CH ; @Ss0 EQU 5EH ; @Sp0 EQU 60H ; @Key1 EQU 62H ; @Ip0 EQU 64H ; @Cs0 EQU 66H ; @Relocation_Table_Entry EQU 68H ; @Key2 EQU 6AH ; @Code_Size_L EQU 6CH ; @Code_Size_H EQU 6EH ; @Scheme EQU 107H ; @Mark EQU 10EH ;-------------------------------------;-- stack segment stack ; stack ends ; ;-------------------------------------;-- data segment ; data ends ; ;-------------------------------------;-- code segment ; assume cs:code,ds:code,es:code ; org 100h ; start:jmp init ; ;--------------DATA AREA--------------;---- ; CMD_LINE DB 80h dup(0) ;命令行参数缓冲区 OVL_FILE db "@@@@@@@@.OVL",0 Scheme db 0 ; _PSP dw 0 ; Argv1 dw 0 ;参数1的指针 Argv2 dw 0 ; 2 Argv3 dw 0 ; 3 Buffer db 110h dup(0) ; ;---------------------------------------------------------------- Versions dw 18 ;目前可处理的BITLOK版本数 ;-------------------;--------------------------------------------- ; 1 ; BITLOK12 dw 2a89h ;加密头长 db 1, 7 ;BITLOK 1.2 Revision 1.71 (10/24/93,11/02/93) ;6种算法 : mov bl,schemesign ; xor bl,93h ;-------------------;--------------------------------------------- ; 2 ; BITSHELL dw 24b7h ; db 2, 15h ;BITSHELL 2.0 (08/16/94) ;20种算法 : mov bl,schemesign ; xor bl,93h ; del bl ; shr bl,1 ;-------------------;--------------------------------------------- ; 3 ; BITSHELL201 dw 264eh;BITSHELL 2.01 ? USED BY CHDict.EXE (1/95?) db 2,15h;20种算法 : mov bl,schemesign ; xor bl,93h ; del bl ; shr bl,1 ;-------------------;--------------------------------------------- ; 4 ; BITLOK20 dw 2b14h ; db 2, 15h ;BITLOK 2.0 (08/17/94) (8/29/94) ;20种算法 : mov bl,schemesign ; xor bl,93h ; del bl ; shr bl,1 ;-------------------;--------------------------------------------- ; ;-------------------;--------------------------------------------- ; 5 ; BITLOK10 dw 1a2ah ;(02/19/93) db 0,16h ;BITLOK 1.0? Used BY RCOPY03.EXE as shell ;无算法标志,1种算法,RCOPY03.EXE最外壳采用的 ;-------------------;--------------------------------------------- ; 6 ; BITLOK10? dw 1a28h ;(05/21/93) ? used by ui.exe (UNIMG.ExE) as shell db 0,16h ;>1995.6.16 added< ;-------------------;--------------------------------------------- ; 7 ; BITLOKUN1 dw 2eb3h ; db 1,0dh ;BITLOK Unknow Version (07/03/94) 1.5? ;12种算法 : mov bl,schemesign ; xor bl,93h ;-------------------;--------------------------------------------- ; 8 ; BITLOKUN2 dw 2ecbh ;Used By Gwsexe.exe <1995.6.10 added> db 1,0dh ;BITLOK Unknow Version maybe 1.5 or 1.6 ;12种算法 : mov bl,schemesign ; xor bl,93h ;-------------------;--------------------------------------------- ; 9 ; BITLOKUN3 dw 2f25h ;Used By ShuLin English CAI (2/28/94) db 1,0dh ; ? ; ; <1995.6.14 added> ;-------------------;--------------------------------------------- ; 10 ; BITLOKUN4 dw 25d5h ;Used by filer.exe Of ZRMNT 2.0 (10/12/94) db 2,15h ; <1995.7.4 added> ;-------------------;--------------------------------------------- ; 11 ; BITLOKUN5 dw 30f2h ;Used by wps.exe of ZRMNT 2.0 db 0,16h ; <1995.7.4 added> ;-------------------;--------------------------------------------- ; 12 ;Bitlock 2.01 (11/24/94) BITLOK201 dw 2c32h ;Used by wps.exe of spdos nt 1.2 (12/07/94) db 2,15h ; <1995.7.4 added> ;-------------------;---------------------------------------------- ; 13 ; BITLOKUN7 dw 20bfh ;Used by install.exe of spdos nt 1.2 (11/ /93) db 1,7 ; <1995.7.4 added> ;-------------------;---------------------------------------------- ; 14 ; BITLOKUN8 dw 23e6h ;Used by install.exp of spdos nt 1.2 (11/24/94) db 2,15h ; <1995.7.5 added> ;-------------------;---------------------------------------------- ; 15 ;install.ovl of vcor ver 1.0 (02/23/95) BITLOKUN9 dw 265ah ;used by blinst.exe of Magic Key db 2,15h ; <1995.07.29 added> ;-------------------;---------------------------------------------- ;16 ; (01/16/95) BITLOKUNA dw 2cabh ;used by unall.exe of Unall 95 V4.0 db 2,15h ; <1995.09.18 added> ;-------------------;---------------------------------------------- ;17 ; (02/28/95) BITLOKUNB dw 2cb7h ;used by vcor2.ovl of vcor v1.0 db 2,15h ; <1995.09.19 added> ;-------------------;---------------------------------------------- ;18 ; (02/01/96) BITLOKUNC dw 2ce3h ;used by game.exe of Zhong-guan-chun v1.0 db 2,15h ; <1996.05.05 added> ;-------------------;---------------------------------------------- ;Waiting For New Version ;------------------------------------------------------------------ ;BITLOK 1.3 Has Different SRTUCT ;------------------------------------------------------------------ Case1 db 2 ; Case2 dw 16h ; 18 ;------------------------------------------------------------------ SchemeSign db 0ffh Force db 00h Handle1 dw 0 Handle2 dw 0 Head_Size dw 0 Offset3_L dw 0 Offset3_H dw 0 Offset2_L dw 0 Offset2_H dw 0 Relocations dw 0 Relocation_Table_Entry dw 0 Code_Size_L dw 0 Code_Size_H dw 0 Locker_Size_L dw 0 Locker_Size_h dw 0 Ss0 dw 0 Sp0 dw 0 Cs0 dw 0 Ip0 dw 0 Key1 dw 0 Key2 dw 0 ;----------------------------------------------------------------- init: mov _psp,es ;-----added 950629 push cs pop ds lea dx,Version_MSG mov ah,9 int 21h ;-------- cld xor bx,bx xor dx,dx mov ds,_psp mov si,80h xor ah,ah lodsb inc ax mov cx,ax ;CMD_LINE Length (include \r); push cs pop es lea di,CMD_LINE ;BUFF xor ax,ax ;----------------------------------------------------------------- Processing label near call NextChar ja NotQuote ;------------------------------------ InString label near jb BuildArgv call NextChar ja InString ;------------------------------------ NotQuote label near cmp al,' ' je EndArgument cmp al,13 je EndArgument cmp al,9 jne Processing ;----------------------------------- EndArgument label near xor al,al ;------------------------------ push bx ; push dx ; dec dx shl bx,1 mov word ptr cs:Argv2[bx],dx ; pop dx pop bx ;------------------------------- jmp short Processing NextChar proc near or ax,ax jz NextChar0 inc dx stosb or al,al jnz NextChar0 inc bx NextChar0 label near xchg ah,al xor al,al stc jcxz NextChar2 lodsb dec cx sub al,'"' jz NextChar2 add al,'"' cmp al,'' jnz NextChar1 cmp byte ptr ds:[si],'"' jne NextChar1 lodsb dec cx NextChar1 label near or si,si NextChar2 label near ret NextChar endp ;------------------------------------------------- BuildArgv label near push cs pop ds push cs pop es ; mov ds:_Argc,bx push bx mov cx,bx ;---added 95.6.29 jcxz Test_argu ;----- mov dx,cx lea bx,CMD_LINE lea si,Argv1 mov di,si @@1 label near lodsw add ax,bx cmp dx,cx jz @1st inc ax @1st label near stosw loop @@1 ;------------------------------------ pop bx cmp bx,3 jb Test_argu ;lea si,Argv3 mov si,cs:argv3 lodsb ;------------------ cmp al,'T' ; to try ! jz Forced ; I want make it can unlock some unknowe version bitlok cmp al,'t' jz Forced ;add 1995,9,20 ;------------------ cmp al,'0' jb Continue cmp al,'K' ja Continue cmp al,'9' jbe Ten cmp al,'A' jb Continue Hex: sub al,'A'-0ah jmp Set_Scheme Ten: sub al,'0' Set_Scheme: mov byte ptr ds:SchemeSign,al jmp short Continue Test_argu label near cmp bx,2 jnb Continue ;--------------------------- lea dx,Useage_Msg Quit label near mov ah,9 int 21h mov ah,4ch int 21h ;------------------------------------------------------ ;------------------------------------------------------ Forced: lea dx,Forced_MSG ;add 19950920 mov ah,9 int 21h mov byte ptr cs:Force,1 ;--------------------------------- Continue label near ;--------added 950629 lea dx,Processing_MSG mov ah,9 int 21h ;-------- mov dx,ds:Argv1 mov ax,3d00h int 21h jnb @@2 lea dx,Err1_MSG jmp Quit @@2 label near mov ds:handle1,ax mov dx,ds:Argv2 mov ax,3c00h int 21h jnb @@3 lea dx,Err2_MSG jmp Quit @@3 label near mov ds:handle2,ax lea dx,Buffer mov bx,ds:handle1 mov ah,3fh mov cx,20h int 21h jnb @@4 lea dx,Err3_MSG jmp Quit @@4 label near mov dx,word ptr ds:Buffer 8h mov cl,4 shl dx,cl mov ds:Head_Size,dx ;push dx xor cx,cx mov ax,4200h int 21h mov ah,3fh mov cx,110h lea dx,buffer int 21h jnb @@5 lea dx,Err3_MSG jmp Quit @@5 label near cmp word ptr ds:Buffer[@Mark],Mark0 jz @@6 cmp word ptr ds:Buffer[@Mark],Mark1 jz @@6 lea dx,Err4_MSG jmp Quit @@6 label near mov ax,word ptr ds:Buffer[@Offset3_L] mov word ptr ds:Offset3_L,ax mov ax,word ptr ds:Buffer[@Offset3_H] mov ds:Offset3_H,ax mov ax,word ptr ds:Buffer[@Locker_Size_L] mov ds:Locker_Size_L,ax mov ax,word ptr ds:Buffer[@Locker_Size_H] mov word ptr ds:Locker_Size_H,ax mov ax,word ptr ds:Buffer[@Code_Size_L] mov ds:Code_Size_L,ax mov ax,word ptr ds:Buffer[@Code_Size_H] mov ds:Code_size_H,ax mov ax,word ptr ds:Buffer[@Relocations] mov ds:Relocations,ax mov ax,word ptr ds:Buffer[@Relocation_Table_Entry] mov ds:Relocation_Table_Entry,ax mov ax,word ptr ds:Buffer[@Ss0] mov ds:Ss0,ax mov ax,word ptr ds:Buffer[@Sp0] mov ds:Sp0,ax mov ax,word ptr ds:Buffer[@Cs0] mov ds:Cs0,ax mov ax,word ptr ds:Buffer[@Ip0] mov ds:Ip0,ax mov ax,word ptr ds:Buffer[@Key1] mov ds:Key1,ax mov ax,word ptr ds:Buffer[@Key2] mov ds:Key2,ax mov al,byte ptr ds:Buffer[@Scheme] mov ds:Scheme,al cmp byte ptr ds:SchemeSign,0ffh ;Check if defined scheme jnz @@A ;----------------------------------------------------------------------- cmp byte ptr ds:Force,1 jz @@A ;----------------------------------------------------------------------- cmp ds:Locker_Size_H,0 ;Check if the defined version of bitlok jz @@7 ;if not show massage and quit @Err5: ;else set mode and schemes lea dx,Err5_MSG ; jmp Quit ; @@7 label near ; mov cx,ds:Versions ; lea si,BITLOK12 ; @@8 label near ; lodsw ; cmp ds:Locker_Size_L,ax ; jz @@9 ; inc si ; inc si ; loop @@8 ; jcxz @Err5 ; @@9 label near ; xor ah,ah ; lodsb ; mov byte ptr ds:Case1,al ; lodsb ; mov byte ptr ds:Case2,al ; @@A label near ; lea dx,Proc_LNG add dx,100h cli mov ax,cs mov ss,ax mov sp,dx sti add dx,100h mov cl,4 shr dx,cl mov ax,cs add ax,dx mov ds,ax mov es,ax xor si,si xor di,di xor dx,dx xor cx,cx mov ax,4200h mov bx,cs:Handle1 int 21h mov cx,cs:Head_Size xor dx,dx mov ah,3fh int 21h cmp word ptr cs:relocations,0 jz @@10 mov bx,cs:Key1 mov cx,cs:Relocations shl cx,1 shl cx,1 mov si,word ptr cs:Relocation_table_entry call Unlock_Process @@10 label near mov ax,word ptr cs:Relocations mov ds:6h,ax mov ax,word ptr cs:Ss0 mov ds:0eh,ax mov ax,word ptr cs:Sp0 mov ds:10h,ax mov ax,word ptr cs:Ip0 mov ds:14h,ax mov ax,word ptr cs:Cs0 mov ds:16h,ax ;-------------------- mov ax,word ptr cs:Code_Size_L mov dx,word ptr cs:Code_Size_H add ax,cs:Head_Size adc dx,0 mov cs:Offset2_L,ax mov cs:Offset2_H,dx mov cx,200h div cx or dx,dx jz @@11 inc ax @@11 label near mov ds:02h,dx mov ds:04h,ax xor dx,dx mov cx,cs:Head_size call write mov cx,cs:Code_size_L mov dx,cs:Code_size_H push cx push dx call read mov bx,cs:handle1 ;;;; mov dx,cs:Offset3_L mov cx,cs:Offset3_H mov ax,4200h int 21h mov cx,cs:Locker_Size_L mov dx,cs:Locker_Size_H ;push cx ;push dx call read xor dx,dx xor si,si call decode pop dx pop cx call write ;----------------------------------------------------------------- ; 处理OVL ;------------ mov bx,cs:handle1 mov dx,cs:Offset2_L mov cx,cs:Offset2_H mov ax,4200h int 21h mov cx,cs:Offset3_L mov dx,cs:Offset3_H sub cx,cs:Offset2_L sbb dx,cs:Offset2_H or dx,dx jnz @@12 jcxz @@13 @@12 label near push cx push dx call read pop dx pop cx call write @@13 label near ; mov bx,cs:Handle2 ; mov ah,3eh ; int 21h ;----------Do with App_OVL added 950629 mov ax,4202h xor cx,cx xor dx,dx mov bx,cs:Handle1 int 21h push ax ;L push dx ;H mov ax,cs:Offset3_L mov dx,cs:Offset3_H add ax,cs:Locker_Size_L adc dx,cs:Locker_Size_H pop bx ;H pop cx ;L cmp dx,bx ;cmp ax,cx jnz @nomatch cmp ax,cx ;cmp dx,bx jnz @nomatch jmp @match @nomatch: push bx ;H push cx ;L mov cx,ax xchg cx,dx mov ax,4200h mov bx,cs:Handle1 int 21h pop cx ;L pop bx ;H sub cx,ax sbb bx,dx mov dx,bx ;H ;;;;; push cx push dx call read mov bx,cs:Handle2 mov ah,3eh int 21h mov ax,3c00h xor cx,cx push ds push cs pop ds lea dx,OVL_FILE int 21h mov ds:handle2,ax mov ah,9 lea dx,APP_OVL_MSG int 21h pop ds pop dx pop cx call write @match: ;--------------------- mov bx,cs:Handle1 mov ah,3eh int 21h ;----added 950629 push cs pop ds lea dx,OK_MSG mov ah,9 int 21h ;----- mov ah,4ch int 21h ;----------------------------------------------------- UnLocking db 0,0 ; Schem_0 dw offset Unlock0 ; Schem_1 dw offset Unlock1 ; Schem_2 dw offset Unlock2 ; Schem_3 dw offset Unlock3 ; Schem_4 dw offset Unlock ; Schem_5 dw offset Unlock5 ; Schem_6 dw offset Unlock6 ; Schem_7 dw offset Unlock7 ; Schem_8 dw offset Unlock8 ; Schem_9 dw offset Unlock9 ; Schem_A dw offset UnlockA ; Schem_B dw offset UnlockB ; Schem_C dw offset UnlockC ; Schem_D dw offset UnlockD ; Schem_E dw offset UnlockE ; Schem_F &nbs, p; dw offset UnlockF ; Schem_10 dw offset Unlock10 ; Schem_11 dw offset Unlock11 ; Schem_12 dw offset Unlock12 ; Schem_13 dw offset Unlock13 ; Schem_14 dw offset Unlock14 ; Schem_FF dw offset UnlockFF ; ;-----------------------------------------------; |
|小黑屋|最新主题|手机版|微赢网络技术论坛
( 苏ICP备08020429号 )
GMT+8, 2024-9-29 11:28 , Processed in 0.196742 second(s), 12 queries , Gzip On, MemCache On.
Powered by Discuz! X3.5
© 2001-2023 Discuz! Team.
