CODEWITHSUNDEEP
cpointersencryptioncryptography
Yung Lew
Yung Lew

Reputation: 81

Pointer decryption function not working as intended

First of all, it is important to say that the code will be a mess, I know that and there is a reason behind the messy code, but I prefer not to specify why to avoid going off track.

This snippet of code decrypts a pointer:

//LLUNGO is long long
//PLLUNGO is long long pointer
//SCANVELOCE is __fastcall

LLUNGO SCANVELOCE DecryptPointer(PPTR_SECRET _pSecret, PLLUNGO _OldPointer)
{

    _OldPointer = (PLLUNGO) PTR_ENCRYPTION_ALGORITHM(*_OldPointer, _pSecret->Segreto);
    INTERO Reference = GetReferenceToPtr(_pSecret, _OldPointer);

    if (PTR_BAD_REFERENCE(Reference))
        QUICK_PRINT("Bad reference error.\n");

    return PTR_ENCRYPTION_ALGORITHM((LLUNGO)_pSecret->Riferimenti[Reference], _pSecret->Segreto);
}

using the following macros:

#define PTR_ENCRYPTION_ALGORITHM(PTR, KEY)              (~(PTR ^ KEY))
#define PTR_BAD_REFERENCE(PTR)                          ((-1) == (PTR))

Now the problem is when I use the macro stated below, for some reason even if I am using the right arguments it is still throwing me this error:

no instance of overloaded function "DecryptPointer" corresponds to the arguments.

Consider that NBYTE is BYTE and REGISTRA is the register keyword.

 NBYTE SCANVELOCE MFINIT(LLUNGO _FuncAddr, PMUTILATE_FUNCTION _Function)
    {
        if (!_FuncAddr || !_Function)
            return FALSO;
    
        SELF_PTR_DECRYPTION( _FuncAddr );    //error thrown here
        SELF_PTR_DECRYPTION( _Function );    //and here too!
    
        for (REGISTRA PNBYTE Current = (PNBYTE)_FuncAddr; ; Current--)
        {
            if (MF_PUSH_EBP == *Current)
            {
                _Function->Inizio = (LLUNGO)Current;
                break;
            }
                
        }

And the SELF_PTR_DECRYPTION macro + everything else necessary for the DecryptPointer function to work: (PTR_SECRET being a struct)

#define SELF_PTR_DECRYPTION(X)              ((X) = (PTR_DECRYPTION(X)))
#define PTR_DECRYPTION(X)                   DecryptPointer(&PTR_SECRET_NAME, X)
#define PTR_SECRET_NAME             g_PTR_SECRET
INIT(PTR_SECRET PTR_SECRET_NAME);

Again sorry for the stupidly messy code, I'm struggling too, just like everyone reading this probably will, but again there is a reason behind the mess.

Upvotes: 0

Views: 79

Answers (1)

Yung Lew
Yung Lew

Reputation: 81

The solution has been found in the comments by @yano:

you've taken me straight to macro hell. If I'm following correctly, _FuncAddr in the SELF_PTR_DECRYPTION( _FuncAddr ); call ends up being the 2nd argument to DecryptPointer, which expects a PLLUNGO type. However, _FuncAddr is a LLUNGO type. And if its complaining about "no overloaded function" it sounds like you're using a C++ compiler, not C.

Many thanks, and sorry for the absolute mess of code I presented here.

Upvotes: 1

Related Questions