Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Logic of '12 days of christmas'

Tags:

c

obfuscation

Here is the well known example of obfuscated code in C generating lyrics of '12 days of christmas'. I tried to figure out the logic of the code that explains how actually the text is printed. But I am not able to understand the same.

#include <stdio.h>
main(t,_,a)
char *a;
{
return!0<t?t<3?main(-79,-13,a+main(-87,1-_,main(-86,0,a+1)+a)):
1,t<_?main(t+1,_,a):3,main(-94,-27+t,a)&&t==2?_<13?
main(2,_+1,"%s %d %d\n"):9:16:t<0?t<-72?main(_,t,
"@n'+,#'/*{}w+/w#cdnr/+,{}r/*de}+,/*{*+,/w{%+,/w#q#n+,/#{l+,/n{n+,/+#n+,/#\
;#q#n+,/+k#;*+,/'r :'d*'3,}{w+K w'K:'+}e#';dq#'l \
q#'+d'K#!/+k#;q#'r}eKK#}w'r}eKK{nl]'/#;#q#n'){)#}w'){){nl]'/+#n';d}rw' i;# \
){nl]!/n{n#'; r{#w'r nc{nl]'/#{l,+'K {rw' iK{;[{nl]'/w#q#n'wk nw' \
iwk{KK{nl]!/w{%'l##w#' i; :{nl]'/*{q#'ld;r'}{nlwb!/*de}'c \
;;{nl'-{}rw]'/+,}##'*}#nc,',#nw]'/+kd'+e}+;#'rdq#w! nr'/ ') }+}{rl#'{n' ')#\
}'+}##(!!/")
  :t<-50?_==*a?putchar(31[a]):main(-65,_,a+1):main((*a=='/')+t,_,a+1)
    :0<t?main(2,2,"%s"):*a=='/'||main(0,main(-61,*a,
"!ek;dc i@bK'(q)-[w]*%n+r3#l,{}:\nuwloca-O;m .vpbks,fxntdCeghiry"),a+1);
}

Can anyone guide me where can I find the explanation of this code snippet?

like image 714
Jay Avatar asked Nov 08 '12 09:11

Jay


1 Answers

To answer your follow-up question to RedX, following the information on the link above, (refer to the complete reverse-engineered code here: http://research.microsoft.com/en-us/um/people/tball/papers/xmasgift/final.html), it performs the following to decode the string:

  1. There are 2 large strings in the code:

    "@n'+,#'/*{}w+/w#cdnr/+,{}r/*de}+,/*{*+,/w{%+,/w#q#n+,/#{l+,/n{n+,/+#n+,/#\
    ;#q#n+,/+k#;*+,/'r :'d*'3,}{w+K w'K:'+}e#';dq#'l \
    q#'+d'K#!/+k#;q#'r}eKK#}w'r}eKK{nl]'/#;#q#n'){)#}w'){){nl]'/+#n';d}rw' i;# \
    ){nl]!/n{n#'; r{#w'r nc{nl]'/#{l,+'K {rw' iK{;[{nl]'/w#q#n'wk nw' \
    iwk{KK{nl]!/w{%'l##w#' i; :{nl]'/*{q#'ld;r'}{nlwb!/*de}'c \
    ;;{nl'-{}rw]'/+,}##'*}#nc,',#nw]'/+kd'+e}+;#'rdq#w! nr'/ ') }+}{rl#'{n' ')# \
    }'+}##(!!/";
    

    and

    "!ek;dc i@bK'(q)-[w]*%n+r3#l,{}:\nuwloca-O;m .vpbks,fxntdCeghiry";
    
  2. It uses the second string to lookup the correct character to display (the following is the second string formatted into 2 rows)

    !ek;dc i@bK'(q)-[w]*%n+r3#l,{}:
    nuwloca-O;m .vpbks,fxntdCeghiry
    

    Example: The first character on string 1 is @. Looking it up on the second string, '@' on the first row lines up with 'O'. Continuing the same logic, you'll get @n'+,# = On the. In short, it offsets the current position by 31 (printf("%c"), s[index]+31)

  3. The main code passes characters from string 1, and then it is translated to english-readable string using the algorithm above. If you followed the reverse engineering link, there are some strings that are constant in all verses, ex: "On the " ... " of Christmas my true love sent to me". In the encoded string above, these strings are delimited by the '/' character.

like image 56
Ronaldo Nazarea Avatar answered Oct 14 '22 10:10

Ronaldo Nazarea