C
I am bringing the decisions previously discussed in the commentaries in the form of my reply.Below in the code, I've implemented two of the most basic techniques to get a computer name without use. https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-getcomputernamea functions.First option proposed @AlexeyVesker is use https://en.cppreference.com/w/cpp/utility/program/getenv for reading https://ru.wikipedia.org/wiki/%D0%9F%D0%B5%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%B0%D1%8F_%D1%81%D1%80%D0%B5%D0%B4%D1%8B by name "COMPUTERNAME"♪The second option is reading the registry key. "SYSTEM\\CurrentControlSet\\Control\\ComputerName\\ComputerName"using WinApi functions https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regopenkeyexa and https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regqueryvalueexa ♪If the name of the computer can contain Russian symbols (or other young people) it is necessary to use the options of the above-mentioned functions with the support of a young manicoda - https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/getenv-s-wgetenv-s?view=msvc-160 ♪ https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regopenkeyexw ♪ https://docs.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regqueryvalueexw ♪ https://rextester.com/FFQW83885 #define _CRT_SECURE_NO_WARNINGS 1
#include <string>
#include <iostream>
#include <stdexcept>
#include <type_traits>
#include <cstdlib>
#include <windows.h>
#define ASSERT(cond) { if (!(cond)) throw std::runtime_error("Failed at line " + std::to_string(LINE)); }
inline static std::string GetComputerNameVar1() {
auto r = std::getenv("COMPUTERNAME");
ASSERT(r);
return r;
}
inline static std::string GetComputerNameVar2() {
HKEY hKey = 0;
ASSERT(RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName", 0, KEY_READ, &hKey) == ERROR_SUCCESS);
CHAR computer_name[1024] = {};
DWORD buf_size = sizeof(computer_name);
ASSERT(RegQueryValueExA(hKey, "ComputerName", 0, NULL, (LPBYTE)computer_name, &buf_size) == ERROR_SUCCESS);
return computer_name;
}
int main() {
try {
SetConsoleOutputCP(65001);
std::cout << GetComputerNameVar1() << std::endl;
std::cout << GetComputerNameVar2() << std::endl;
return 0;
} catch (std::exception const & ex) {
std::cout << "Exception: " << ex.what() << std::endl;
return -1;
}
}
As it was said, apart from the cover of the GetComputerName call, there's still a need to hide the name of the string station. "COMPUTERNAME" as well as ways to register.Any type of encryption can be used to cover the lines, just to hide from the newcomers (to avoid being seen in the open line in the EXE file) it is sufficient to use the most simple. https://ru.wikipedia.org/wiki/%D0%9A%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F_%D1%81%D1%82%D0%BE%D0%B9%D0%BA%D0%BE%D1%81%D1%82%D1%8C cipher: https://ru.wikipedia.org/wiki/%D0%A8%D0%B8%D1%84%D1%80_%D0%A6%D0%B5%D0%B7%D0%B0%D1%80%D1%8F , we simply add to each symbol, for example, +3, the encrypted line is kept in the constant, and then we do a reverse operation in the code when using a string station (-3).Example of code for encryption https://tio.run/##RYyxCsIwFEX3fMWlgrSIk1uSFop0rIroB4TXWgJtUvqSSfz2WHToGc@5XJrnI43GDSntrKMxdj209RyW3kyV2NxqrBsqYV3AZKzLC7wFVjh0Uv4rGCWy87W9PR/N/VK3TaZ@m5dfkJsYPPYgCS5AOJQ4qe2BfAzQGqzEJ6Uv std::string s = "COMPUTERNAME"; for (auto & c: s) c += 3;
std::cout << s;
We get a line out. "FRPSXWHUQDPH"And then in his code, we do a reverse operation. https://tio.run/##RYyxCoMwFEX3fMXFQtHBqVsSnYo42pbSruFp5YEmYpKp9NtTaQfPeM7l0rKUNBk7pnRgS1PsB2h2PqyDmWuxu82wHWvBNmA2bPMCb4ENH3op/xUeFbLm2t2ej/Z@OXdtpn6bl1uRmxgcjiAJX4BQVjip/YFcDNAaXolPSl8 std::string s = "FRPSXWHUQDPH"; for (auto & c: s) c -= 3;
std::cout << s;
received on outlet "COMPUTERNAME"♪A similar encryption is the way in the registry from the first programme. And any lines used in the programme and necessary for concealment.PSIt's just for interest that I decided to use a relatively stable encryption to encrypt the lines. He's using a 64-bit key, 32-bit synchronic, 16-bit simulator. https://ru.wikipedia.org/wiki/Adler-32 ) and is a code https://ru.wikipedia.org/wiki/%D0%93%D0%B0%D0%BC%D0%BC%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5 using a generated random sequence with a pseudo-laden sensor https://ru.wikipedia.org/wiki/%D0%92%D0%B8%D1%85%D1%80%D1%8C_%D0%9C%D0%B5%D1%80%D1%81%D0%B5%D0%BD%D0%BD%D0%B0 ♪If the 64-bit key is well hidden in the program, for example, to make a few mathematical changes so that the EXE dam does not find it in its original form, except for the EXE dysssemble or the 2 ^64 full of the keys, it is likely that the encryption is no longer compromised.The code below may be used not only to encrypt the lines, but also any (including binary) data, but it is only necessary to take into account that the code is not too strong, that is, only the 64-bit key, and the synchronization of only 32 bats (which means that more than 2^16-2^20 different lines cannot be encrypted on one key). But in order to hide from the other eye, the encryption is fine, and it doesn't take many lines of the code (and can be just coded).Also, the encryption of almost no change, I can improve to 128-bit (or as many) keys, it's not hard if it's such an interest.The code below should be used: (1) first, in the first launch, the 64-bit key is what is in the first line of the sun, Random Encryption Key: .....♪ (2) The generated key is inserted into the code for example auto key = 0x71A1B4D23BC793E1ULL; (3) On the second launch, we encrypt all the lines we need, just for example. Decrypt(key, Encrypt(key, "COMPUTERNAME")) (This Decrypt is not obligated, just to control the encrypted line is successfully decoded) (4) the encryption function will be encrypted into the console of encrypted sequence 5) this sequence is encrypted into the row code, such as auto s_COMPUTERNAME = Decrypt(key, {0x78, 0xBF, 0xA3, 0x83, 0xE7, 0x10, 0x9C, 0xAE, 0x85, 0xF7, 0x07, 0x0D, 0x22, 0x20, 0xB7, 0x9F, 0xFA, 0x7E, });♪ (6) All, s_COMPUTERNAME is a std line:string with the reference COMPUTERNAME line.If there's any suggestion that it's not in this encryption, report it. https://godbolt.org/z/KEn1qh #include <random>
#include <iostream>
#include <cstdint>
#include <vector>
#include <iomanip>
#include <stdexcept>
#include <cstring>
inline uint64_t GenRandomU64() {
std::random_device rd;
std::mt19937_64 rg((uint64_t(rd()) << 32) + uint64_t(rd()));
rg.discard(1000);
return rg();
}
template <typename T>
inline T UnalignedRead(void const * ptr) {
T v = T();
memcpy(&v, ptr, sizeof(T));
return v;
}
template <typename T>
inline void UnalignedWrite(void * ptr, T const & v) {
memcpy(ptr, &v, sizeof(T));
}
inline void CheckSystemRequirements() {
static_assert(std::numeric_limits<unsigned char>::digits == 8, "Only 8-bit byte is supported!");
static_assert(
std::numeric_limits<uint8_t>::digits == 8 &&
std::numeric_limits<uint16_t>::digits == 16 &&
std::numeric_limits<uint32_t>::digits == 32 &&
std::numeric_limits<uint64_t>::digits == 64, "Uints of unsupported bit sizes!");
uint64_t x = 0x0123456789ABCDEFULL;
if (UnalignedRead<uint8_t>(&x) != 0xEF)
throw std::runtime_error("Only little endian systems are supported!");
}
inline std::vector<uint8_t> Encrypt(uint64_t key, std::string const & s) {
CheckSystemRequirements();
uint32_t iv = uint32_t(GenRandomU64());
std::vector<uint8_t> r((uint8_t*)&iv, ((uint8_t*)&iv) + sizeof(iv));
std::mt19937_64 rng(key + iv);
rng.discard(1000);
for (size_t i = 0; i < (s.size() + 2 + 7) / 8; ++i) {
auto w = rng();
r.insert(r.end(), (uint8_t*)&w, ((uint8_t*)&w) + sizeof(w));
}
r.resize(sizeof(iv) + s.size() + 2);
uint32_t mac0 = 1, mac = 0;
for (size_t i = 0; i < s.size(); ++i) {
mac0 = (mac0 + uint8_t(s[i])) % 65521; mac = (mac + mac0) % 65521;
r[sizeof(iv) + i] ^= uint8_t(s[i]);
}
UnalignedWrite<uint16_t>(r.data() + r.size() - 2, UnalignedRead<uint16_t>(r.data() + r.size() - 2) ^ uint16_t(mac));
std::cout << "Encrypted "" << s << "": {";
for (size_t i = 0; i < r.size(); ++i)
std::cout << "0x" << std::hex << std::uppercase << std::setfill('0') << std::setw(2) << size_t(r[i]) << ", ";
std::cout << "}" << std::endl;
return r;
}
inline std::string Decrypt(uint64_t key, std::vector<uint8_t> const & v) {
CheckSystemRequirements();
uint32_t iv = 0;
if (v.size() < sizeof(iv) + 2)
throw std::runtime_error("Decryption failed, data size less than IV + MAC size!");
iv = UnalignedRead<uint32_t>(v.data());
auto s_size = v.size() - sizeof(iv) - 2;
// Almost same as in Encrypt
std::vector<uint8_t> r((uint8_t*)&iv, ((uint8_t*)&iv) + sizeof(iv));
std::mt19937_64 rng(key + iv);
rng.discard(1000);
for (size_t i = 0; i < (s_size + 2 + 7) / 8; ++i) {
auto w = rng();
r.insert(r.end(), (uint8_t*)&w, ((uint8_t*)&w) + sizeof(w));
}
r.resize(sizeof(iv) + s_size + 2);
uint32_t mac0 = 1, mac = 0;
for (size_t i = 0; i < s_size; ++i) {
r[sizeof(iv) + i] ^= v[sizeof(iv) + i];
mac0 = (mac0 + r[sizeof(iv) + i]) % 65521; mac = (mac + mac0) % 65521;
}
if ((uint16_t(mac) ^ UnalignedRead<uint16_t>(r.data() + r.size() - 2)) != UnalignedRead<uint16_t>(v.data() + v.size() - 2))
throw std::runtime_error("Decryption failed, wrong MAC!");
return std::string((char*)(r.data() + sizeof(iv)), s_size);
}
int main() {
try {
std::cout << "Random Encryption Key: 0x" << std::hex << std::uppercase << GenRandomU64() << "ULL" << std::endl;
// Example of random encryption key generated by line of code above.
auto key = 0x71A1B4D23BC793E1ULL;
Decrypt(key, Encrypt(key, "COMPUTERNAME"));
// Example of encrypted string generated by line of code above.
auto s_COMPUTERNAME = Decrypt(key, {0xE5, 0x19, 0xF4, 0x41, 0x54, 0xBC, 0xBB, 0x45, 0x31, 0x13, 0xD4, 0x6B, 0x64, 0x3C, 0xFF, 0xBC, 0xA6, 0x3E, });
std::cout << "Decrypted: "" << s_COMPUTERNAME << """ << std::endl;
return 0;
} catch (std::exception const & ex) {
std::cout << "Exception: " << ex.what() << std::endl;
return -1;
}
}
One example of the conclusion:Random Encryption Key: 0x7B0BD8ACD1E306D7ULL
Encrypted "COMPUTERNAME": {0x82, 0xB7, 0xFE, 0xF2, 0x09, 0xB0, 0x49, 0x79, 0x8E, 0x2C, 0x56, 0x24, 0x53, 0x0D, 0x3B, 0x27, 0xC1, 0x10, }
Decrypted: "COMPUTERNAME"
