.I am facing a VM. In VM opcode is implemented a SHA-1 hashing. I am targeting this code right now to decypher the VM opcode (the VM analyzer/interpreter is a beast).
Here below is the current challenge I am facing. If any of you have an idea what those opcode could be that might helps. I have spend so much time in this small section of code that I am going brain dead.
---8<-------8<------8<-------8<------8<-------8<------8<-------8<------8<-------8<---
hash_me+166 14 1E loadb B, 1Eh
hash_me+168
hash_me+168 rol30: ; CODE XREF: hash_me+172j
hash_me+168 48 one _48_ ; 48h and 08h are commonly found in return before test
hash_me+168 ; ---------------------------------------------------------------------------
hash_me+169 C8 db 0C8h ; + ; <-- x8h are usually 1byte opcode
hash_me+16A ; ---------------------------------------------------------------------------
hash_me+16A D2 4F 01 iif _4FD2_, unk_6807A
hash_me+16D 08 zero _08_
hash_me+16D ; ---------------------------------------------------------------------------
hash_me+16E C8 unk_6807A: db 0C8h ; + ; CODE XREF: hash_me+16Aj
hash_me+16E ; <-- x8h are usually 1byte opcode
hash_me+16F B2 db 0B2h ; �
hash_me+170 61 db 61h ; a
hash_me+171 ; ---------------------------------------------------------------------------
hash_me+171 73 dec B
hash_me+172 E0 F4 jr NOT ZERO, rol30
hash_me+174 6E 08 02 0E loadl dword_50E0208, A ; C = B <<< 30
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}