Jump to content

Need assistance converting C++ to AutoIt

Factfinder

By Factfinder,
in AutoIt General Help and Support

 Share

Recommended Posts

Factfinder Adventurer

Factfinder

Posted
Posted

Hello,

I have been trying to convert this script: https://www.ntkernel.com/microsoft-edge-protectedhomepages/

The function will decrypt/unobfuscate value data set as the home page in MS Edge.

I'm not good at reading/understanding advanced C++ script.  So I can't read these two lines of script and couldn't find a C++ reference explaining similar value setting:
 

Quote

 

rand_seed = *(int*)input_buffer_ptr    

 moving_input_ptr = (BYTE*)((int*)input_buffer_ptr + 1)

 

I appreciate if anyone can assist in converting or pointing me to a reference explaining similar value settings. This is the part of script I'm working on: 

Func _UnobfuscateData($input_buffer_ptr, $input_buffer_size, $output_buffer_ptr = "", $output_buffer_size_ptr = "")
    ;SIZE_T output_buffer_size;
    ;BYTE* decrypted_buffer;
    ;int rand_seed;
    ;BYTE* moving_input_ptr;
    ;BYTE* moving_output_ptr;
    ;size_t i;
    ;char v14;
    ;char v15;
    ;unsigned int v16;
    ;unsigned int v17;
    ;char v19;
    ;bool result;
    ;int v21;
    Local $decrypted_buffer, $rand_seed, $moving_input_ptr, $moving_output_ptr, $i, $v15, $v16, $v17, $v19, $v21, $result
    ;output_buffer_size = input_buffer_size - 4
    $output_buffer_size = $input_buffer_size - 4
    ;*output_buffer_size_ptr = output_buffer_size
    $soutput_buffer_size = DllStructCreate('uint')
    DllStructSetData($soutput_buffer_size, 1, $output_buffer_size)
    $output_buffer_size_ptr = DllStructGetPtr($soutput_buffer_size)
    ;if (input_buffer_size == 4)
        ;{
            ;*output_buffer_ptr = nullptr;
            ;result = true;
        ;}
    ;Else
    If $input_buffer_size == 4 Then
        $output_buffer_size_ptr = 0
        $result = True
    Else
        ;decrypted_buffer = (BYTE*)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, output_buffer_size)
        $GetProcessHeap = DllCall("Kernel32.dll", "hwnd", "GetProcessHeap")
        If @error Or Not $GetProcessHeap[0] Then Return
        $HeapAlloc = DllCall("Kernel32.dll", "ptr", "HeapAlloc", "hwnd", $GetProcessHeap[0], "dword", 0x00000008, "long", $output_buffer_size)
        If @error Or Not $HeapAlloc[0] Then Return False
        $decrypted_buffer = $HeapAlloc[0]
        ;*output_buffer_ptr = decrypted_buffer
        $soutput_buffer_ptr = DllStructCreate('ptr')
        DllStructSetData($soutput_buffer_ptr, 1, $decrypted_buffer)
        $output_buffer_ptr = DllStructGetPtr($soutput_buffer_ptr)
        ;memset(decrypted_buffer, 0, *output_buffer_size_ptr);
        DllCall("msvcrt.dll", "ptr:cdecl", "memset", "ptr", $decrypted_buffer, "int", 0, "int", $output_buffer_size)
        
        ;rand_seed = *(int*)input_buffer_ptr    

        ;moving_input_ptr = (BYTE*)((int*)input_buffer_ptr + 1)
EndFunc

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...