ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ ûirogen's Super-Duper Encryption Cracker ³ [û] FDA Approved ³ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ³ [û] FCC Class B Appliance ³ version 2.0; (c)1995 ûirogen [NuKE] ³ [û] Love Me, Fuck Me, Kill Me ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ Hello boys and girls of America and beyond, and welcome to my latest endeavor into the performing art of coding. This software simply cracks encryption using any of the following techniques: 8-bit ADD and SUB 16-bit ADD 8-bit XOR 16-bit XOR 8-bit ROR and ROL 16-bit ROR and ROL 8-bit NOT 16-bit NOT Which means you can now easily decrypt the majority of computer viruses out there and see what text is inside without having to ever touch a disassemble. Not to mention the fact that there are LOTS of software which uses these encryption algorithms for its internal or external encryption purposes. How to Use: ************************************************************ The command line syntax is: VIROCRK [filename] [text] [filename] is the file you're wishing to crack. It should not exceed 62k [text] is a few bytes which you think will be contained in a decrypted copy of the file. This parameter is case sensitive. The more plaintext you can come up with, the fewer false positives will arise. Examples: VIROCRK HELLO.COM COM VIROCRK ALPHA.TXT THE VIROCRK IVB.NTZ COM VIROCRK HELPME.EXE LA LA PA LOO ZA While VIROCRK is running, hit a key to abort. The exit may not be immediate. Output From VIROCRK ************************************************************ When a successful decryption occurs, VIROCRK writes the decrypted file to a DEC-XXXX.??? filename. The last 4 bytes of this filename, and the extension indicate key and decryption technique used. DEC-XXXX.??? : XXXX- Key between 0 and FFFF. This is, ofcourse, hexadecimal. ???- 8XR = 8-bit XOR 8SB = 8-bit SUB 8RT = 8-bit ROR 16X = 16-bit XOR 16S = 16-bit SUB 16R = 16-bit ROR History ************************************************************ v1.0 - Initial Release v1.1 - I changed something v2.0 - þ Improved speed significantly by now attempting to encrypt the plaintext with each possible key rather than decrypt the ciphertext with key. Note that since I switched to this faster method, the plaintext sequence should be greater than three bytes or you'll have many false positives after adjusting the 16-bit addressing. þ No longer attempts address-adjusted 16-bit XOR; no point in this. The byte-reversed key should have been successful in the non-adjusted 16-bit XOR. later.. ûirogen/NuKE