diff options
| author | Edwin Groothuis <edwin@FreeBSD.org> | 2007-12-17 20:33:59 +0000 |
|---|---|---|
| committer | Edwin Groothuis <edwin@FreeBSD.org> | 2007-12-17 20:33:59 +0000 |
| commit | 4ed8e97ed0e48bb0e3c284b978aa662b93d5256d (patch) | |
| tree | 419e330871e966731ddd5363a8fb03eb09ee9d60 /security | |
| parent | 5c3719104a87c89af6e430424ac176db190bfe90 (diff) | |
| download | ports-4ed8e97ed0e48bb0e3c284b978aa662b93d5256d.tar.gz ports-4ed8e97ed0e48bb0e3c284b978aa662b93d5256d.zip | |
Notes
Diffstat (limited to 'security')
| -rw-r--r-- | security/Makefile | 1 | ||||
| -rw-r--r-- | security/xorsearch/Makefile | 28 | ||||
| -rw-r--r-- | security/xorsearch/distinfo | 3 | ||||
| -rw-r--r-- | security/xorsearch/files/patch-XORSearch.c | 10 | ||||
| -rw-r--r-- | security/xorsearch/pkg-descr | 19 |
5 files changed, 61 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile index 19ecfdc2db80..890e0bc92929 100644 --- a/security/Makefile +++ b/security/Makefile @@ -771,6 +771,7 @@ SUBDIR += xinetd SUBDIR += xmlsec SUBDIR += xmlsec1 + SUBDIR += xorsearch SUBDIR += xspy SUBDIR += xyssl SUBDIR += yafic diff --git a/security/xorsearch/Makefile b/security/xorsearch/Makefile new file mode 100644 index 000000000000..5dbf80241025 --- /dev/null +++ b/security/xorsearch/Makefile @@ -0,0 +1,28 @@ +# New ports collection makefile for: xorsearch +# Date created: 18 December 2007 +# Whom: Edwin Groothuis <edwin@mavetju.org> +# +# $FreeBSD$ +# + +PORTNAME= xorsearch +PORTVERSION= 1.2.0 +CATEGORIES= security textproc +MASTER_SITES= http://www.didierstevens.com/files/software/ +DISTNAME= XORSearch_V1_2_0 + +MAINTAINER= edwin@mavetju.org +COMMENT= Search for a given string in an XOR or ROL encoded binary file + +USE_ZIP= yes +WRKSRC= ${WRKDIR} + +PLIST_FILES= bin/xorsearch + +do-build: + ${CC} -o ${WRKDIR}/XORSearch ${WRKDIR}/XORSearch.c + +do-install: + ${INSTALL_PROGRAM} ${WRKDIR}/XORSearch ${PREFIX}/bin/xorsearch + +.include <bsd.port.mk> diff --git a/security/xorsearch/distinfo b/security/xorsearch/distinfo new file mode 100644 index 000000000000..3dd5db1f8268 --- /dev/null +++ b/security/xorsearch/distinfo @@ -0,0 +1,3 @@ +MD5 (XORSearch_V1_2_0.zip) = f4aecc366048aa429a1fe1e6ea220c8e +SHA256 (XORSearch_V1_2_0.zip) = 04aaceed17afa98283110bde49b6a72988bce0e2328575f37253db3958e03ad2 +SIZE (XORSearch_V1_2_0.zip) = 35772 diff --git a/security/xorsearch/files/patch-XORSearch.c b/security/xorsearch/files/patch-XORSearch.c new file mode 100644 index 000000000000..b42befea1a63 --- /dev/null +++ b/security/xorsearch/files/patch-XORSearch.c @@ -0,0 +1,10 @@ +--- XORSearch.c.orig Tue Dec 18 07:27:32 2007 ++++ XORSearch.c Tue Dec 18 07:27:38 2007 +@@ -20,7 +20,6 @@ + #include <stdio.h>
+ #include <stdlib.h>
+ #include <sys/stat.h>
+-#include <malloc.h>
+ #include <string.h>
+ #include <ctype.h>
+ #include <limits.h>
diff --git a/security/xorsearch/pkg-descr b/security/xorsearch/pkg-descr new file mode 100644 index 000000000000..7ae177a562c8 --- /dev/null +++ b/security/xorsearch/pkg-descr @@ -0,0 +1,19 @@ +XORSearch is a program to search for a given string in an XOR or +ROL encoded binary file. An XOR encoded binary file is a file where +some (or all) bytes have been XORed with a constant value (the key). +A ROL (or ROR) encoded file has it bytes rotated by a certain number +of bits (the key). XOR and ROL/ROR encoding is used by malware +programmers to obfuscate strings like URLs. + +XORSearch will try all XOR keys (0 to 255) and ROL keys (1 to 7) +when searching. I programmed XORSearch to include key 0, because +this allows to search in an unencoded binary file (X XOR 0 equals +X). + +If the search string is found, XORSearch will print it until the 0 +(byte zero) is encountered or until 50 characters have been printed, +which ever comes first. 50 is the default value, it can be changed +with option -l. Unprintable characters are replaced by a dot. + +WWW: http://blog.didierstevens.com/programs/xorsearch/ +Author: Didier Stevens |