Hi all,
Well i write a c++ code right now and encounter the need of ASM to find out a specific hashing function. I don't know ASM really good, started learning it just for this case but can't find a good tutorial that explain pointers in ASM since if I found the correct hashing function in the program it passes i pointer to the function and i can't reverse this function back to c++ the way i want it. So here is the function disassembled in IDA
.text:00402560 sub_402560 proc near ; CODE XREF: sub_40106C+30p
.text:00402560 ; sub_40106C+3Bp
.text:00402560
.text:00402560 arg_0 = dword ptr 8
.text:00402560
.text:00402560 push ebp
.text:00402561 mov ebp, esp
.text:00402563 mov edx, [eax+8]
.text:00402566 mov ecx, [eax+4]
.text:00402569 cmp edx, ecx
.text:0040256B push esi
.text:0040256C ja short loc_402577
.text:0040256E mov esi, ecx
.text:00402570 sub esi, edx
.text:00402572 cmp esi, 10h
.text:00402575 jnb short loc_402582
.text:00402577
.text:00402577 loc_402577: ; CODE XREF: sub_402560+Cj
.text:00402577 add ecx, 1
.text:0040257A mov [eax+8], ecx
.text:0040257D pop esi
.text:0040257E pop ebp
.text:0040257F retn 4
.text:00402582 ; ---------------------------------------------------------------------------
.text:00402582
.text:00402582 loc_402582: ; CODE XREF: sub_402560+15j
.text:00402582 mov ecx, [ebp+arg_0]
.text:00402585 push ebx
.text:00402586 mov edx, 4
.text:0040258B push edi
.text:0040258C add ecx, 1
.text:0040258F lea edi, [edx-3]
.text:00402592
.text:00402592 loc_402592: ; CODE XREF: sub_402560+72j
.text:00402592 mov ebx, [eax+8]
.text:00402595 mov esi, [eax]
.text:00402597 movzx ebx, byte ptr [esi+ebx]
.text:0040259B mov [ecx-1], bl
.text:0040259E add [eax+8], edi
.text:004025A1 mov esi, [eax+8]
.text:004025A4 mov ebx, [eax]
.text:004025A6 movzx ebx, byte ptr [esi+ebx]
.text:004025AA mov [ecx], bl
.text:004025AC add [eax+8], edi
.text:004025AF mov esi, [eax+8]
.text:004025B2 mov ebx, [eax]
.text:004025B4 movzx ebx, byte ptr [esi+ebx]
.text:004025B8 mov [ecx+1], bl
.text:004025BB add [eax+8], edi
.text:004025BE mov esi, [eax+8]
.text:004025C1 mov ebx, [eax]
.text:004025C3 movzx ebx, byte ptr [esi+ebx]
.text:004025C7 mov [ecx+2], bl
.text:004025CA add [eax+8], edi
.text:004025CD add ecx, 4
.text:004025D0 sub edx, edi
.text:004025D2 jnz short loc_402592
.text:004025D4 pop edi
.text:004025D5 pop ebx
.text:004025D6 pop esi
.text:004025D7 pop ebp
.text:004025D8 retn 4
.text:004025D8 sub_402560 endp
.text:004025D8
.text:004025DBThis function i found in the program and I'm pretty sure thats the hashing function from the little thing i learned about ASM. I actually wanna start learning ASM better so if any of you got a good tutorial pls link :D . And can someone reverse just this function for me so i can continue my c++ project right now, and after that i hopefully will start learning better ASM, but right now I hate to stop what I'm doing and start learning ASM. The function in c++ (if thats the correct one i found) should take one parameter of type unsigned char * or unsigned char[16] and i think it should be a void.
Thanks.