xedarius

GCHQ - The grid decode

Dec 4th, 2011
343
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. // GCHQ.cpp : part 1 - the grid
  2. // (c) 2011 Rich Carless
  3.  
  4. #include "stdafx.h"
  5. #include <windows.h>
  6.  
  7.  
  8. unsigned char code[] = {
  9.     0xeb, 0x04, 0xaf, 0xc2, 0xbf, 0xa3, 0x81, 0xec,   0x00, 0x01, 0x00, 0x00, 0x31, 0xc9, 0x88, 0x0c,
  10.     0x0c, 0xfe, 0xc1, 0x75, 0xf9, 0x31, 0xc0, 0xba,   0xef, 0xbe, 0xad, 0xde, 0x02, 0x04, 0x0c, 0x00,
  11.     0xd0, 0xc1, 0xca, 0x08, 0x8a, 0x1c, 0x0c, 0x8a,   0x3c, 0x04, 0x88, 0x1c, 0x04, 0x88, 0x3c, 0x0c,
  12.     0xfe, 0xc1, 0x75, 0xe8, 0xe9, 0x5c, 0x00, 0x00,   0x00, 0x89, 0xe3, 0x81, 0xc3, 0x04, 0x00, 0x00,
  13.     0x00, 0x5c, 0x58, 0x3d, 0x41, 0x41, 0x41, 0x41,   0x75, 0x43, 0x58, 0x3d, 0x42, 0x42, 0x42, 0x42,
  14.     0x75, 0x3b, 0x5a, 0x89, 0xd1, 0x89, 0xe6, 0x89,   0xdf, 0x29, 0xcf, 0xf3, 0xa4, 0x89, 0xde, 0x89,
  15.     0xd1, 0x89, 0xdf, 0x29, 0xcf, 0x31, 0xc0, 0x31,   0xdb, 0x31, 0xd2, 0xfe, 0xc0, 0x02, 0x1c, 0x06,
  16.     0x8a, 0x14, 0x06, 0x8a, 0x34, 0x1e, 0x88, 0x34,   0x06, 0x88, 0x14, 0x1e, 0x00, 0xf2, 0x30, 0xf6,
  17.     0x8a, 0x1c, 0x16, 0x8a, 0x17, 0x30, 0xda, 0x88,   0x17, 0x47, 0x49, 0x75, 0xde, 0x31, 0xdb, 0x89,
  18.     0xd8, 0xfe, 0xc0, 0xcd, 0x80, 0x90, 0x90, 0xe8,   0x9d, 0xff, 0xff, 0xff, 0x41, 0x41, 0x41, 0x41,
  19. };
  20.  
  21. unsigned char exe[4096]={0};
  22.  
  23. // this is base 64 encoded data from png (web site used http://www.rbl.jp/base64.php)
  24. char png_data_base_64[] = {"QkJCQjIAAACR2PFtcCA6q2eaC8SR+8dmD/zNzLQC+td3tFQ4qx8O447TDeuZw5P+0SsbEcYR\n78jKLw=="};
  25.  
  26. unsigned char png_data_32[] = {
  27.     0x42, 0x42, 0x42, 0x42, 0x32, 0x00, 0x00, 0x00,   0x91, 0xd8, 0xf1, 0x6d, 0x70, 0x20, 0x3a, 0xab,
  28.     0x67, 0x9a, 0x0b, 0xc4, 0x91, 0xfb, 0xc7, 0x66,   0x0f, 0xfc, 0xcd, 0xcc, 0xb4, 0x02, 0xfa, 0xd7,
  29.     0x77, 0xb4, 0x54, 0x38, 0xab, 0x1f, 0x0e, 0xe3,   0x8e, 0xd3, 0x0d, 0xeb, 0x99, 0xc3, 0x93, 0xfe,
  30.     0xd1, 0x2b, 0x1b, 0x11, 0xc6, 0x11, 0xef, 0xc8,   0xca, 0x2f
  31. };
  32.  
  33. void Decode(const unsigned char *in_buff, unsigned char *out_buff,unsigned char cyper, int len)
  34. {
  35.     for( int i = 0; i < len; ++i )
  36.     {
  37.         out_buff[i] = in_buff[i] ^ cyper;
  38.     }
  39. }
  40.  
  41. void LongDecode(const unsigned long *in_buff, unsigned long *out_buff,unsigned long cyper, int len)
  42. {
  43.     for( int i = 0; i < len; ++i )
  44.     {
  45.         out_buff[i] = in_buff[i] ^ cyper;
  46.     }
  47. }
  48.  
  49. void Switch(wchar_t *in_source, wchar_t *out_buff)
  50. {
  51.     ((char*)out_buff)[0] = ((char*)in_source)[1];
  52.     ((char*)out_buff)[1] = ((char*)in_source)[0];
  53. }
  54.  
  55. int _tmain(int argc, _TCHAR* argv[])
  56. {
  57.     // allows windows to run the code (needed in VS2010+)
  58.     DWORD old = 0;
  59.     BOOL res = VirtualProtect(exe,sizeof(exe),PAGE_EXECUTE_READWRITE,&old);
  60.     // clear some buffer space
  61.     memset(exe,0,4096);
  62.     // code
  63.     memcpy(exe,code,sizeof(code));
  64.     // message to be decoded
  65.     memcpy(exe+sizeof(code),png_data_32,sizeof(png_data_32));
  66.     // run
  67.     ((void(*)(void))&exe)();
  68.  
  69.     return 0;
  70. }
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×