0

I'm actualy trying to convert pascal code into c# code (we are re-writing old application).

Pascal code:

    function DecryptStr(Source: PChar): string;
var
  st: string;
  i, k, mask: byte;
begin
  Result := '';
  try
    SetString(st, Source, 32);
    if st[1] <> #0 then
    begin
      mask := ord(st[1]);
      k := ord(st[2]) xor mask;
      SetLength(Result, k);
      for i := 1 to k do
      begin
        inc(mask);
        k := ord(st[i + 2]) xor mask;
        Result[i] := chr(k);
//        Result := Result + chr(k);
      end;
    end;
  except
  end;
end;

And my C# code:

public static string decrypt(string hash)
        {   string buffer;
            byte i, k, mask;
            string result = "";
            buffer = hash.Substring(0, 32);
            mask = (byte)(buffer[0]);
            k = (byte)((byte)(buffer[1])^mask);
            for (i = 0; i<k-1; i++)
            {
                mask += 1;
                k = (byte)((byte)(buffer[i+2])^mask);
                result+=(char)(k);
            }
           // string decoded = System.
            return (result);

        }

Please, tell me, is it similar or pascal got some hidden stuff?

Example: input in c#:

акРЖђЏГ€€њљђНѓGН q6™&і—'n1•\›ЛH[

output in c#:

\u0011$\f\v&\t\b

But it doesnt look like the real password. Please, advice me what is going wrong.

AlexGear
  • 21
  • 2
  • What is the real password / what is the output of the Pascal code? – Thomas Weller Feb 04 '21 at 13:55
  • The term `hash` is not correct. You cannot decrypt a hash. – Thomas Weller Feb 04 '21 at 13:56
  • What version of delphi was the old code written in? That may be important to know whether string would be ANSI or UTF-8... – ub_coding Feb 04 '21 at 14:07
  • Which version of Pascal? It seems that the original string is Unicode. In that case, you cannot simply cast it to `(byte)`. You might have a look into [Encoding.GetBytes()](https://learn.microsoft.com/de-de/dotnet/api/system.text.encoding.getbytes?view=net-5.0) – Thomas Weller Feb 04 '21 at 14:07
  • Thanks, I'm trying it! – AlexGear Feb 04 '21 at 14:54
  • The Pascal code is probably actually working with a byte array. Lots of really bad Delphi code exists written by people treating byte arrays and text as being the same thing. So C# string as the function arg is a problem off the bat. Not sure what you think `(byte)(byte)` does. It's also a challenge for us if you don't know whether this is Delphi or FPC. – David Heffernan Feb 04 '21 at 15:21
  • @ThomasWeller Nah, this is old school Delphi where `string` is `AnsiString` an array of 8 bit `AnsiChar`s – David Heffernan Feb 04 '21 at 15:22
  • hmh... Makes mew wonder how you would express the given input by means of an ANSI string... BTW: Assuming the original code is for UTF-8 strings, the result would be "$a;&b`h" which seems to not make sense. – ub_coding Feb 04 '21 at 16:31

1 Answers1

1

The problem was in two things:

  1. PChar format of input string - means it stores "0" at the end.
  2. Idiotic mechanism of encryption - actualy, the guy who wrote down the code represented in question just chosed byte mask as a rand(200) + 32 was storing it in first byte of encrypted pass and then in cycle he was incrementing mask by one every step for all of pass length. So the logic of decrypting is following:
  3. Grab the mask - buffer[0] in this case
  4. Do XOR for every other character with this mask, increasing it by one on every step. 3.???
  5. Profit! Thanks for everyone who participated in this theme!
AlexGear
  • 21
  • 2