Recover RSA Private Key from N E D

N: Public Modulus
E: Public Exponent
D: Private Exponent

Recover RSA Private Key from N E D by @sskaje:

Incoming search terms:


这里只说 AssetBundle,只有思路。

1 废话般前提:逻辑上 AssetBundle 文件加密后肯定是需要解密了,再进行加载。

2 Unity 加载AssetBundle文件可以使用 AssetBundle.LoadFromFile,加载内存流可以用AssetBundle.LoadFromMemory 和 AssetBundle.LoadFromStream。

3 打断点,看backtrace。

4 慢慢调试。

在我这个场景里,il2cpp dump是没有需求的。



Unity3d资源文件解密 by @sskaje:

Incoming search terms:

Collection of free/opensource .NET tools

Free .NET decompiler provided by JetBrains.

Open source .net decompiler.

The .NET Assembly Editor, provides plugin for ILSpy and Reflector.

Simple Assembly Explorer
If you want to edit IL, this one is easier to use than ILSpy + Reflexil.

.NET deobfuscator and unpacker.

Collection of free/opensource .NET tools by @sskaje:

Incoming search terms:

ARM __moddi3

When I was debugging an app on iPhone 4 (armv7), I found a function call:

Since ARM does not have Division/Modulo operators, compilers use other ways making your code work on devices like iPhone.

I followed the __moddi3 on iPhone 4, the moddi3() is provided by llvm’s compiler-rt (lib/builtins/moddi3.c).

Parameters a and b are 64-bit long and returned value is also 64-bit.

But in ARMv7, registers are 32-bit long. I’m trying to find out which registers are used.

I wrote a simple C file and compile to armv7 and x86_64

Compile to x86_64

Disassembe x86_64

x86_64 uses idivq, in this program:

Compile to armv7

Disassemble armv7

In armv7:

If both dividend and divisor are less than 0x100000000.

$r2 may be negative, like 0xfffffff3. ($r3 == 0).

means $r0 – $r2 == divisor

If signed integer $r2 is smaller than 0x80000000,
((long long) $r1 << 32 | $r0) - ((long long ) $r3 << 32 | $r2) == divisor.

ARM __moddi3 by @sskaje:

Incoming search terms: