XOR encryption...

[napjunk]

Hey, how would one go about making a app in VB that does xor encryption? Reason i ask is because the app i am writing creates registry entries that alow you to change your napster USERNAME and PASSWORD. A friend of mine determined that Napster uses XOR for it's encryption when it enters the pw to the registry,Here is the thing he wrote (several months ago) about it:

http://forums.napigator.com/viewtopic.php?TopicID=537

it's a rather long tech. anylisis about how the encryption patterns work ect...

I'm still fairly new to programing, and was wondering if anyone knows of a scheme that will work for what i need to do?

 

[napjunk]

ok..well he just e-mailed me the source code he used in C to make his decryption program...maybe someone knows what to do with it..

// ----------------------------------------------------------------------------------------------------
// given the open Napster key and the known current user's name, return the clear text password
// szClearTextPswd should point to sufficient allocated space (no error check is performed)
// Note: this function could be used to encrypt a key also Only the reads & writes would need to change.
void CCrypsterDlg:ecryptKey(HKEY hNapsterKey, char *szUserName, char* szClearTxtPswd)
{
// the magic keys. Each byte is XOR'd with a new value from here. Repeats if pswd > 10 characters
static BYTE chKeys[10] = {0x35, 0x0d, 0x54, 0x21, 0x5a, 0x20, 0x53, 0x08, 0x03, 0x04};

unsigned char szHashedPswd[256];
DWORD dwSizeofHashedPswd = sizeof(szHashedPswd);
HKEY hUserNameKey;

strcpy(szClearTxtPswd, "Not Found" // default to failure

// Open the key with the user's name - this key is right below the Napster key
if (RegOpenKeyEx(hNapsterKey, szUserName, 0, KEY_READ, &hUserNameKey) == ERROR_SUCCESS)
{
// Query the "checksum" (encrypted password) value under the user's name
if (RegQueryValueEx(hUserNameKey, "Checksum", 0, NULL, szHashedPswd, &dwSizeofHashedPswd) == ERROR_SUCCESS)
{
DWORD dwIdx; // loop index
BYTE uchXorVal; // holds current hashed byte from registry (after conversion to binary)

// loop for #of chars in password. Registry string is double that, plus one, because
// it is an ascii representation of the binary, and is null terminated. Note: Calculation
// is the even if we don't subtract one, and that prevents crash if paswword is zero len
for (dwIdx=0; dwIdx < (dwSizeofHashedPswd/*-1*/) / 2; dwIdx++)
{
uchXorVal = AsciiToBin(&(szHashedPswd[dwIdx *2])); // ascii to binary
szClearTxtPswd[dwIdx] = uchXorVal ^ chKeys[(dwIdx) % (sizeof(chKeys))]; // decrypt the byte!
}
szClearTxtPswd[dwIdx] = '\0'; // terminate the resulting cleartext
}
RegCloseKey(hUserNameKey); // clean up
}
}

// -----------------------------------------------------------------------------
// Convert a pair of ascii chars representing a hex value to an unsigned byte.
// chars do not have to be terminated. Works on lower case hex representation only
BYTE CCrypsterDlg::AsciiToBin(unsigned char *szHex)
{
BYTE uchResult;
BYTE bval;

bval = (szHex[0] <= '9') ? (szHex[0] - '0') : (szHex[0] - 'a' + 10);
uchResult = bval << 4;
bval = (szHex[1] <= '9') ? (szHex[1] - '0') : (szHex[1] - 'a' + 10);
uchResult |= bval;

return (uchResult);
}