Foro de elhacker.net

Este post lo encontre en otro foro, es acerca de una proteccion ideada por Leonid para proteger Exes de Vfp, me parecio interesante compartirlo con ustedes para que lo analicen.

I have decompiled both app leonid. My merit is minor (a have used diverse tools find on the net).You must improved your security. Anyway nice tools leonid.
Sorry for my english.

Here is renew_k_file.prg from defox :

lparameters m.fname,m.st1,m.st2
local m.pth,ad(1),m.cnt,m.rez,m.ln,m.buf
m.pth = ADDBS(GETENV("temp"))
declare integer DeleteFile in Win32API string
declare integer GetLastError in Win32API
declare CloseHandle in Win32API integer
declare integer CreateFile in Win32API string, integer, integer, string, integer, integer, integer
declare integer WriteFile in Win32API integer, string, integer, integer @, string @
declare integer ReadFile in Win32API integer, string @, integer, integer @, string @
m.cnt = ADIR(ad,m.pth+m.fname)
if m.cnt > 0
m.rez = deletefile(m.pth+m.fname)
if m.rez = 0
return 1
endif
endif
m.hnd = createfile(m.pth+m.fname,-130023424,0,.null.,2,0,0)
if m.hnd <= 0
return 2
endif
m.cnt = 0
writefile(m.hnd,"01234",5,@m.cnt,.null.)
if m.cnt <> 5
closehandle(m.hnd)
return 3
endif
closehandle(m.hnd)
m.hnd = createfile(m.pth+m.fname,2147483648,0,.null.,3,0,0)
if m.hnd <= 0
return 4
endif
m.cnt = 0
m.buf = SPACE(11)
readfile(m.hnd,@m.buf,10,@m.cnt,.null.)
if m.cnt <> 5
closehandle(m.hnd)
return 5
endif
closehandle(m.hnd)
m.rez = deletefile(m.pth+m.fname)
if m.rez = 0
return 6
endif
m.hnd = createfile(m.pth+m.fname,-130023424,0,.null.,2,0,0)
if m.hnd <= 0
return 7
endif
m.ln = LEN(m.st1)+LEN(m.st2)
m.cnt = 0
writefile(m.hnd,m.st1+m.st2,m.ln,@m.cnt,.null.)
if m.cnt <> m.ln
closehandle(m.hnd)
return 8
endif
closehandle(m.hnd)
return 0
return
if .f.
if .F.
endif

And here is decr_si.prg from urf :

lparameters m.si,m.sg1,m.sg2
local m.main,m.key1,m.crc
local m.cc,m.i,m.r1,m.rp,m.cp
local m.rv,m.rd,m.rc
m.main = SUBSTR(m.si,4,18)
m.key1 = SUBSTR(m.si,22,16)
m.crc = SUBSTR(m.si,38,2)
local armain(18),arkey1(16)
for m.i = 1 to 18
armain(i) = ASC(SUBSTR(m.main,m.i,1))
endfor
for m.i = 1 to 16
arkey1(i) = ASC(SUBSTR(m.key1,m.i,1))
endfor
m.cc = str2word(m.crc)
m.r1 = 0
for m.i = 1 to 16
if BITTEST(arkey1(m.i),MOD((m.i-1),8))
m.r1 = BITSET(m.r1,16-m.i)
endif
if BITTEST(m.cc,m.i-1)
arkey1(m.i) = BITSET(arkey1(m.i),MOD((m.i-1),8))
else
arkey1(m.i) = BITCLEAR(arkey1(m.i),MOD((m.i-1),8))
endif
endfor
local m.sd1,m.sd2,armainp(18),m.flg
m.flg = .f.
for m.sd1 = 1 to 255
for m.sd2 = 1 to 255
m.cp = 254
m.rp = MOD(m.r1,256)
for m.i = 1 to 18
armainp(m.i) = armain(m.i)
armainp(m.i) = BITXOR(armainp(m.i),BITXOR(m.rp,m.cp))
m.cp = armainp(m.i)
if m.i = 1 and m.cp <> 32
armainp(18) = 1
exit
endif
if m.i = 2 and m.cp <> 2
armainp(18) = 1
exit
endif
m.rp = BITAND(m.sd1+m.rp*m.sd2,255)
endfor
if armainp(18) = 0
if armainp(15)+armainp(16)*256+armainp(17)*256*256+armainp(18)*256*256*256 = armainp(7)+armainp(8)*256+armainp(9)*256*256+armainp(10)*256*256*256-(armainp(11)+armainp(12)*256+armainp(13)*256*256+armainp(14)*256*256*256)
m.flg = .t.
exit
endif
endif
endfor
if m.flg
exit
endif
endfor
m.sg1 = m.sd1
m.sg2 = m.sd2
if not m.flg
return -1
endif
for m.i = 1 to 18
armain(m.i) = armainp(m.i)
endfor
for m.i = 1 to 16
arkey1(m.i) = BITXOR(arkey1(m.i),BITXOR(m.rp,m.cp))
m.cp = arkey1(m.i)
m.rp = BITAND(m.sd1+m.rp*m.sd2,255)
endfor
m.rv = .f.
m.rd = 0
m.rc = 4
for m.i = 1 to 16
if BITTEST(arkey1(m.i),m.rc) and not m.rv or not BITTEST(arkey1(m.i),m.rc) and m.rv
m.rd = BITSET(m.rd,m.i-1)
endif
m.rc = BITAND(arkey1(m.i),7)
m.rv = BITTEST(arkey1(m.i),5)
endfor
local m.maind,m.key1d
m.maind = ""
for i = 1 to 18
m.maind = m.maind+CHR(armain(i))
endfor
m.key1d = ""
for i = 1 to 16
m.key1d = m.key1d+CHR(arkey1(i))
endfor
m.si = LEFT(m.si,3)+m.maind+m.key1d+SUBSTR(m.si,38)
return m.rd+13
return
if .f.
if .f.
endif