Skip to content

Commit 5d4ac9a

Browse files
For-ACGNFor-ACGN
committed
main.go: replace the hash tool to the latest version.
1 parent af09b45 commit 5d4ac9a

File tree

1 file changed

+31
-25
lines changed

1 file changed

+31
-25
lines changed

hashapi/main.go

Lines changed: 31 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ import (
1414
var (
1515
format string
1616
modName string
17-
funcName string
17+
procName string
1818
hexKey string
1919
concise bool
2020
)
@@ -29,60 +29,66 @@ func init() {
2929
}
3030
flag.StringVar(&format, "fmt", defaultFormat, "binary format: 32 or 64")
3131
flag.StringVar(&modName, "mod", "kernel32.dll", "module name")
32-
flag.StringVar(&funcName, "func", "WinExec", "function name")
32+
flag.StringVar(&procName, "proc", "WinExec", "procedure name")
3333
flag.StringVar(&hexKey, "key", "", "specific key, it must be hex format")
3434
flag.BoolVar(&concise, "conc", false, "print concise result for development")
3535
flag.Parse()
3636
}
3737

3838
func main() {
3939
var (
40-
numZero string
41-
apiHash []byte
42-
hashKey []byte
43-
err error
40+
nZero string
41+
mHash []byte
42+
pHash []byte
43+
hKey []byte
44+
err error
4445
)
4546
if hexKey != "" {
46-
hashKey, err = hex.DecodeString(hexKey)
47+
hKey, err = hex.DecodeString(hexKey)
4748
if err != nil {
4849
log.Fatalln("invalid hash key:", err)
4950
}
5051
}
5152
switch format {
5253
case "64":
53-
if hashKey != nil {
54-
apiHash, err = rorwk.HashAPI64WithKey(modName, funcName, hashKey)
54+
if hKey == nil {
55+
mHash, pHash, hKey, err = rorwk.HashAPI64(modName, procName)
5556
} else {
56-
apiHash, hashKey, err = rorwk.HashAPI64(modName, funcName)
57+
mHash, pHash, err = rorwk.HashAPI64WithKey(modName, procName, hKey)
5758
}
58-
numZero = "16"
59+
nZero = "16"
5960
case "32":
60-
if hashKey != nil {
61-
apiHash, err = rorwk.HashAPI32WithKey(modName, funcName, hashKey)
61+
if hKey == nil {
62+
mHash, pHash, hKey, err = rorwk.HashAPI32(modName, procName)
6263
} else {
63-
apiHash, hashKey, err = rorwk.HashAPI32(modName, funcName)
64+
mHash, pHash, err = rorwk.HashAPI32WithKey(modName, procName, hKey)
6465
}
65-
numZero = "8"
66+
nZero = "8"
6667
default:
6768
log.Fatalln("invalid format:", format)
6869
}
6970
if err != nil {
7071
log.Fatalln("failed to calculate hash:", err)
7172
}
7273
if concise {
73-
h := rorwk.BytesToUint64(apiHash)
74-
k := rorwk.BytesToUint64(hashKey)
75-
fmt.Printf("0x%0"+numZero+"X, "+"0x%0"+numZero+"X // %s\n", h, k, funcName)
74+
f := "0x%0" + nZero + "X"
75+
m := rorwk.BytesToUint64(mHash)
76+
p := rorwk.BytesToUint64(pHash)
77+
k := rorwk.BytesToUint64(hKey)
78+
fmt.Printf("{ "+f+", "+f+", "+f+" } // %s\n", m, p, k, procName)
7679
return
7780
}
78-
fmt.Println("module: ", modName)
79-
fmt.Println("function:", funcName)
80-
fmt.Printf("format: %s bit\n", format)
81+
fmt.Println("module: ", modName)
82+
fmt.Println("procedure:", procName)
83+
fmt.Printf("format: %s bit\n", format)
8184
fmt.Println()
82-
fmt.Printf("Hash: 0x%0"+numZero+"X\n", rorwk.BytesToUint64(apiHash))
83-
fmt.Printf("Key: 0x%0"+numZero+"X\n", rorwk.BytesToUint64(hashKey))
84-
fmt.Printf("Hash: %s\n", dumpBytesHex(apiHash))
85-
fmt.Printf("Key: %s\n", dumpBytesHex(hashKey))
85+
fmt.Printf("Module Hash: 0x%0"+nZero+"X\n", rorwk.BytesToUint64(mHash))
86+
fmt.Printf("Procedure Hash: 0x%0"+nZero+"X\n", rorwk.BytesToUint64(pHash))
87+
fmt.Printf("Hash Key: 0x%0"+nZero+"X\n", rorwk.BytesToUint64(hKey))
88+
fmt.Println()
89+
fmt.Printf("Module Hash: %s\n", dumpBytesHex(mHash))
90+
fmt.Printf("Procedure Hash: %s\n", dumpBytesHex(pHash))
91+
fmt.Printf("Hash Key: %s\n", dumpBytesHex(hKey))
8692
}
8793

8894
func dumpBytesHex(b []byte) string {

0 commit comments

Comments
 (0)