loreloc
diff --git a/‎Makefile
+13-20 b/‎Makefile
+13-20
diff --git a/‎example.asm
+2-1 b/‎example.asm
+2-1
diff --git a/‎example.crypt
16.5 KB b/‎example.crypt
16.5 KB
diff --git a/‎makepoly.c
-115 b/‎makepoly.c
-115
diff --git a/‎mkpoly
17.9 KB b/‎mkpoly
17.9 KB
diff --git a/‎mkpoly.c
+88 b/‎mkpoly.c
+88
diff --git a/‎mkpoly.h
+24 b/‎mkpoly.h
+24
diff --git a/‎makepoly.inc ‎mkpoly.inc
+34-3 b/‎makepoly.inc ‎mkpoly.inc
+34-3
@@ -1,41 +1,34 @@
 
+# C compiler
+CC = gcc
+
 # assembler
 ASM = nasm
 
-# c compiler
-CC = gcc
+# compiler flags
+CFLAGS = -Wall -Wextra -std=c11
 
 # assembler flags
-AFLAGS = -felf64
-
-# compiler flags
-CFLAGS = -c -Wall -O2
+AFLAGS = -f elf64
 
 # linker flags
 LFLAGS = -no-pie
 
 .PHONY: clean install
 
-all: makepoly example
-
-makepoly: makepoly.o polyengine.o
+mkpoly: mkpoly.o polyeng.o
 	$(CC) $(LFLAGS) $^ -o $@
 
-example: example.o
-	$(CC) $(LFLAGS) $< -o $@
-
-makepoly.o: makepoly.c
-	$(CC) $(CFLAGS) $< -o $@
+mkpoly.o: mkpoly.c
+	$(CC) $(CFLAGS) -c $< -o $@
 
-polyengine.o: polyengine.asm makepoly.inc
-	$(ASM) $(AFLAGS) $< -o $@
-
-example.o: example.asm makepoly.inc
+polyeng.o: polyeng.asm
 	$(ASM) $(AFLAGS) $< -o $@
 
 clean:
-	rm -f *.o makepoly example example.poly
+	rm -f *.o mkpoly
 
 install:
-	install makepoly /usr/local/bin/
+	install mkpoly /usr/local/bin/
+
 
@@ -1,7 +1,7 @@
 
 cpu x86-64
 
-%include "makepoly.inc"
+%include "mkpoly.inc"
 
 extern puts
 
@@ -15,6 +15,7 @@ section .text
 main:
 	call    decrypt
 	call    hello
+	xor     rax, rax
 	ret
 
 decrypt:
 
@@ -0,0 +1,88 @@
+
+#include "mkpoly.h"
+
+int main(int argc, char* argv[])
+{
+	if (argc < 5)
+	{
+		help();
+		return 1;
+	}
+
+	FILE* source = fopen(argv[1], "rb");
+
+	if (!source)
+	{
+		fprintf(stderr, "failed to open %s\n", argv[1]);
+		return 2;
+	}
+
+	size_t size;
+	fseek(source, 0, SEEK_END);
+	size = ftell(source);
+	fseek(source, 0, SEEK_SET);
+
+	uint8_t *bin = malloc(size);
+
+	if (!bin)
+	{
+		fprintf(stderr, "failed to allocate binary data");
+		fclose(source);
+		return 3;
+	}
+
+	if (!fread(bin, size, 1, source))
+	{
+		fprintf(stderr, "binary file reading failed\n");
+		fclose(source);
+		free(bin);
+		return 4;
+	}
+
+	fclose(source);
+
+	size_t coff  = strtol(argv[2], NULL, 16);
+	size_t csize = strtol(argv[3], NULL, 16);
+	size_t eoff  = strtol(argv[4], NULL, 16);
+
+	if (polyeng(bin, coff, csize, eoff))
+	{
+		fprintf(stderr, "polymorphic engine error\n");
+		free(bin);
+		return 5;
+	}
+
+	char filename[FILENAME_MAX];
+	snprintf(filename, FILENAME_MAX, "%s.crypt", argv[1]);
+
+	FILE *dest = fopen(filename, "wb");
+
+	if (!dest)
+	{
+		fprintf(stderr, "failed to open %s\n", filename);
+		free(bin);
+		return 6;
+	}
+
+	if (!fwrite(bin, size, 1, dest))
+	{
+		fprintf(stderr, "failed to write polymorphic code into %s\n", filename);
+		free(bin);
+		return 7;
+	}
+
+	free(bin);
+
+	return 0;
+}
+
+void help()
+{
+	printf("usage: mkpoly ");
+	printf("<source> <crypt-off> <crypt-size> <engine-off>\n");
+	printf("<source>     the filename of the binary file\n");
+	printf("<crypt-off>  the offset of the section to crypt\n");
+	printf("<crypt-size> the size of the section to crypt\n");
+	printf("<engine-off> the offset where to place the decryptor\n");
+}
+
@@ -0,0 +1,24 @@
+
+#ifndef __MKPOLY_H__
+#define __MKPOLY_H__
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+
+/**
+ * Print an helpful message.
+ */
+void help();
+
+/**
+ * Execute the polymorphic engine.
+ * @param coff The offset of the section to crypt.
+ * @param csize The size of the section to crypt.
+ * @param eoff The offset where to place the decryptor.
+ * @return non-zero if an error occurred.
+ */
+extern int polyeng(uint8_t *bin, size_t coff, size_t csize, size_t eoff);
+
+#endif // __MKPOLY_H__
+
@@ -8,6 +8,37 @@ extern mprotect
 %define PROT_WRITE 0x2
 %define PROT_EXEC  0x4
 
+; prefixes and opcodes of 8 invertible instructions:
+;   instructions |   inverted instructions
+; - add reg, reg | - sub reg, reg
+; - sub reg, reg | - add reg, reg
+; - xor reg, reg | - xor reg, reg
+; - add reg, i32 | - sub reg, i32
+; - sub reg, i32 | - add reg, i32
+; - xor reg, i32 | - xor reg, i32
+; - rol reg, i8  | - ror reg, i8
+; - ror reg, i8  | - rol reg, i8
+; - inc reg
+; - dec reg
+; - not reg
+; - neg reg
+%define OPCODE_ADD_RM  0x01
+%define OPCODE_SUB_RM  0x29
+%define OPCODE_XOR_RM  0x31
+%define PREFIX_ASX_IMM 0x81
+%define OPCODE_ADD_RI  0xC0
+%define OPCODE_SUB_RI  0xE8
+%define OPCODE_XOR_RI  0xF0
+%define PREFIX_ROT_IMM 0xC1
+%define OPCODE_ROL_RI  0xC0
+%define OPCODE_ROR_RI  0xC8
+%define PREFIX_INC_DEC 0xFF
+%define OPCODE_INC_R   0xC0
+%define OPCODE_DEC_R   0xC8
+%define PREFIX_NOT_NEG 0xF7
+%define OPCODE_NOT_R   0xD0
+%define OPCODE_NEG_R   0xD8
+
 ; no operation x86 opcode
 %define OPCODE_NOP 0x90
 
@@ -37,20 +68,20 @@ extern mprotect
 	call    mprotect
 	mov     rdi, %1
 	lea     rsi, [rdi+%2]
-.makepoly_loop:
+.mkpoly_loop:
 	mov     eax, [rdi    ]
 	mov     ecx, [rdi+0x4]
 	mov     edx, [rdi+0x8]
 	mov     ebx, [rdi+0xC]
-.makepoly_func:
+.mkpoly_func:
 	times POLY_FUNC_SIZE db OPCODE_NOP
 	mov     [rdi    ], eax
 	mov     [rdi+0x4], ecx
 	mov     [rdi+0x8], edx
 	mov     [rdi+0xC], ebx
 	add     rdi, 0x10
 	cmp     rdi, rsi
-	jne     .makepoly_loop
+	jne     .mkpoly_loop
 	mov     rdi, r12
 	mov     rsi, r13
 	mov     edx, (PROT_READ | PROT_EXEC)