daily pastebin goal
49%
SHARE
TWEET

GCHQ Stage 2 Solution VM disassembled

a guest Dec 5th, 2011 1,020 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Instructions decoded at 0x00 - decrypts second stage decrypter (below)
  2. --------------------------------------------------------------
  3. First program - decrypts 0x100->0x14F (second stage)
  4. r1 = 4
  5. r3 = 170
  6. loop
  7. r0 = [ds:r2]
  8. r0 ^= r3
  9. [ds:r2] = r0
  10. r2++
  11. r3++
  12. ?if r2=80
  13. r0 = 20
  14. jmpe next
  15. jmp loop
  16.  
  17. next
  18. jmp 16:0
  19.  
  20.  
  21. Second decrypter - at 0x100
  22. ----------------------------
  23. - on entry r=(0,4,80,240,cs=16,ds=16)
  24. r2 = 0
  25. r5 += 12
  26. r1 = 8
  27. r3 = 50
  28.  
  29. now r=(0,8,0,50,16,28) (ds=start of GET string)
  30. loop1:
  31. r0 = [ds:r2]
  32. r0 ^= r3
  33. [ds:r2] = r0
  34. r2++
  35. r3 += 3
  36. if r2=0?
  37.   jmp r3
  38. if r0 = 0
  39.   jmp end
  40. jmp loop1
  41.  
  42. end:
  43. hlt
  44.  
  45. plain text is at 0x1C0 to 0x1F1
  46.  
  47.  
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top