[Tutor] Pack as HEX question

Dave Angel davea at ieee.org
Sun Oct 25 01:40:01 CEST 2009 

Tom Green wrote:
> Thanks for your reply Dave.  I am capturing the data off the network
> (wireshark) and saving it in WinHex for testing.  I am actually building a
> socket to decrypt the data, so prior to implementing my logic in the socket,
> I figured I would write the algorithm in a quick script.  Here is what I
> have so far and it works.
>
> import struct,binascii
> decrypt=[]
> data_count=0
> key_pos=0
> #packed data consists of HEX values
> packed_data = binascii.unhexlify('313B372C2E2C63362E2128')
> #XorKey data consists of HEX values
> packed_XorKey=binascii.unhexlify('41424344')
> while data_count < len(packed_data):
>     if key_pos >len(packed_XorKey)-1:
>         key_pos=0
>
> decrypt.append(chr(ord(packed_data[data_count])^ord(packed_XorKey[key_pos])))
>     key_pos+=1
>     data_count+=1
> print "".join(decrypt)
>
> This decrypts to Python rock
>
> This logic seems to work, but I am certain there is a better way.
>
> Mike
>
>
> On Sat, Oct 24, 2009 at 4:43 PM, Dave Angel <davea at ieee.org> wrote:
>
>   
>> Tom Green wrote:
>>
>>     
>>> Alan,
>>>
>>> Thanks for your response and hopefully I can clear things up.  I apologize
>>> for not being more clear.
>>>
>>> I obtain the HEX encoded data from Winhex i.e. copy Hex values.  The HEX
>>> encode data is very large and I simply paste it into my Python script
>>> along
>>> with the XOR key.  The data is a string of bytes represented in HEX, as I
>>> showed.
>>>
>>> Here is the problem I ran into.
>>>
>>> Take the 4 byte XOR key.  If I convert them to int with Base 16 it takes
>>> the
>>> 4 and converts it to 0x34 when I in turn I actually need 0x41.
>>>
>>> Thanks for your feedback.
>>>
>>> Mike
>>>
>>> On Sat, Oct 24, 2009 at 10:24 AM, Alan Gauld <alan.gauld at btinternet.com
>>>       
>>>> wrote:
>>>>         
>>> <snip>
>>>
>>>       
>>>>  Encrypted string in hex
>>>>
>>>>
>>>>         
>>>>> "313B372C2E2C63362E2128"
>>>>>
>>>>> Four byte key
>>>>> XOR key "41424344"
>>>>>
>>>>>
>>>>>
>>>>>           
>>>> <snip>
>>>>
>>>>         
>>> If by Winhex, you mean the hex editor, then you're undoubtedly going about
>>>       
>> it the long way.  There's no need to convert the file to printable hex, you
>> should be able to work on it directly.  Just open the file, read it into a
>> string (in python2.x), then loop through it, one byte at a time.  Store your
>> key in a binary string as well.  Now just loop through the two in pairs (use
>> zip, and cycle) doing a chr of xor of ords.
>>
>>
>> And when you respond, give us your python version, and show us the code
>> you've got (almost) working.
>>
>> DaveA
>>
>>     
>
>   
(You top-posted, so your message is out of order)

Replace your while -- loop with the following simpler version.


for byte0, byte1 in itertools.izip(packed_data, 
itertools.cycle(packed_XorKey)):
    decrypt.append(chr(ord(byte0) ^ ord(byte1)))

(You'll need an import itertools, at beginning, of course.)

itertools.cycle() repeats the pattern of the keys.  itertools.izip() 
combines two iterables into one.  Then you just loop through that one in 
the usual way, where byte0 comes from the packed_data, and byte1 comes 
from the XorKey.

DaveA

More information about the Tutor mailing list