public void Run(MemoryReader reader, IpcChannel channel)
{
var o = reader.FindOffset(_pattern).Cast <int?>().FirstOrDefault();
if (o == null)
{
channel.LogError("Could not find data center decryption function");
return;
}
var off = (int)o + _pattern.Length;
using var disasm = new Disassembler(reader.ToAbsolute(off), reader.Length - off,
ArchitectureMode.x86_32, (ulong)reader.Address, true);
var key = ReadKey(disasm);
if (key != null)
{
channel.LogBasic("Found data center key: {0}", StringizeKey(key));
channel.WriteDataCenterKey(key);
}
else
{
channel.LogError("Could not find data center key");
}
var iv = ReadKey(disasm);
if (iv != null)
{
channel.LogBasic("Found data center IV: {0}", StringizeKey(iv));
channel.WriteDataCenterIV(iv);
}
else
{
channel.LogError("Could not find data center IV");
}
}
