[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: if this is RC4

To: [email protected]
Subject: Re: if this is RC4
From: [email protected] (Arsen Ray Arachelian)
Date: Sat, 17 Sep 1994 09:12:23 -0400 (EDT)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Perry E. Metzger" at Sep 16, 94 09:18:15 am
Sender: [email protected]

> One possibility is that the author may have simply decompiled the
> original code...

This might explain the char % 255's in the code.  Normally such a 
construct is dangerous if the machine/compiler you use uses 2 byte
"chars" and there's the slightest posibility of having your "char"
hold more than 255.  I would normally use char & 255, however it
may surprise some of us that some machines can do a MOD faster than
an AND and the compiler used might have exploited that feature.

However, reconstructing C code out of binaries is a pain and I
doubt that you'd see a header file as well as a main .c file...
Anyone have experience with decompilers?

Follow-Ups:
- Re: if this is RC4
  - From: Jim Gillogly <[email protected]>

References:
- Re: if this is RC4
  - From: "Perry E. Metzger" <[email protected]>

Prev by Date: Re: FREE patent searches
Next by Date: RC4 - A response from RSA Data Security, Inc.
Prev by thread: Re: if this is RC4
Next by thread: Re: if this is RC4
Index(es):
- Date
- Thread