It's plain xor on nullterm string. I cracked 10+ loaders that uses this lame method in the past 6 months (someone leaked a loader source or is it that those lamers just change keys using IDA and publishing it as their own?). Anyways, the trick is that, finding the XOR keys inside of the binary and then putting it through this method.
Code:
static string EncryptOrDecrypt(string text, int[] key)
{
var result = new StringBuilder();
for (int c = 0; c < text.Length; c++)
result.Append((char)((uint)text[c] ^ (uint)key[c % key.Length]));
return result.ToString();
}
Good thing about XOR is that, it works both ways, meaning: You can also put an encrypted text in and get decrypted text. I went through my "collection" of XOR keys commonly used in those **** loaders and actually hit a jackpot.
I could give you the keys here but then where's the fun in that? Good luck :P
CO2 PServer Guides & Releases -> CO2 Private Server
