################################################################
The All-Seeing Eye Server Browser Encryption/Decryption Algorithms
November 10, 2003

Reversed by xoclipse@cox.net
http://xoclipse.fraghosts.net


The following are the two algorithms used for decryption/encryption of the UDP packet

	
#################################################################
Encryption and Decryption Hashes

In my code, hash refers to the decryption hash, and hash1 is for 
encryption.
#################################################################

#define hash "\x74\x71\xF9\x0F\x68\xD4\x9B\x1F\x69\x99\x84\x37\x73\xAE\x89\x4E\x20\xF4\x2B\x61\x63\x9C\xD7\x67\x6F\x65\x77\x6D\x64\xDB\x5A\x74\x65\x33\xEA\x7B\x20\xE6\x4C\x83\x69\x50\x79\x89\x73\xBF\x45\x8F\x20\x72\xA8\x96\x73\x2F\xC2\x9E\x74\xAB\x3F\xA6\x6F\x4D\x51\xAC\x6C\x65\x67\xB2\x65\x39\x41\xB8\x6E\x6C\xE2\xBF\x20\xB6\x97\xC7\x66\x22\x6A\xCC\x72\xFB\x2F\xCF\x6F\x4C\xFA\xD1\x6D\x43\xEB\xD5\x20\xA0\xE9\xD9\x54\xCA\x48\xDC\x68\xB4\xB1\xDC\x65\xB1\x11\xDD\x20\xD6\x7C\xDD\x41\x6F\x4C\xDE\x6C\x9A\xD4\xDE\x6C\x56\x15\xDF\x2D\x89\x5A\xDF\x53\x37\xC1\xDF\x65\x46\x18\xE0\x65\x50\x52\xE0\x69\xB9\x7C\xE0\x6E\x35\x9E\xE0\x67\xC8\xD3\xE0\x20\xBF\x16\xE1\x45\x29\x41\xE1\x79\x69\x60\xE1\x65\x33\x7B\xE1\x20\x9C\xA5\xE1\x28\xF4\xD8\xE1\x63\x4B\x0C\xE2\x29\xB4\x36\xE2\x20\xB9\x53\xE2\x55\x83\x6E\xE2\x44\xC8\xAA\xE2\x50\xCD\xC7\xE2\x20\xAD\xF6\xE2\x53\x77\x11\xE3\x6F\x7C\x2E\xE3\x66\x33\x52\xE3\x74\x9C\x7C\xE3\x20\x18\x9E\xE3\x4C\xE6\xD5\xE3\x54\x62\xF7\xE3\x44\x67\x14\xE4\x2E\xF5\x2C\xE4\x20\x71\x4E\xE4\x68\xB1\x6D\xE4\x74\x56\x9A\xE4\x74\x84\xC2\xE4\x70\x89\xDF\xE4\x3A\x05\x01\xE5\x2F\x93\x19\xE5\x2F\x5C\x34\xE5\x77\x3C\x63\xE5\x77\x94\x96\xE5\x77\x5D\xB1\xE5\x2E\x9E\xD0\xE5\x75\x67\xEB\xE5\x64\x30\x06\xE6\x70\xAC\x27\xE6\x73\x9F\x4D\xE6\x6F\x1B\x6F\xE6\x66\x6D\x85\xE6\x74\xFB\x9D\xE6\x2E\xC4\xB8\xE6\x63\xC9\xD5\xE6\x6F\x1C\xEC\xE6\x6D\xE5\x06\xE7\x31\x38\x1D\xE7\x80\x78\x3C\xE7\x5B\x7D\x59\xE7\xDD\xCF\x6F\xE7\xDF\x74\x9C\xE7\xD4\x02\xB5\xE7\x23\x43\xD4\xE7\xA4\x95\xEA\xE7\x66\x11\x0C\xE8\x5B\x9F\x24\xE8\x36\xA4\x41\xE8\x52\xD2\x69\xE8\xD4\x24\x80\xE8\xC8\xB2\x98\xE8\xBD\x40\xB1\xE8\x4C\xAA\xDB\xE8\x41\x38\xF4\xE8\xC2\x8A\x0A\xE9\x44\xDD\x20\xE9\x79\x94\x44\xE9\xFA\xE6\x5A\xE9\xD6\xEB\x77\xE9\x24\x2C\x97\xE9\xA6\x7E\xAD\xE9\x0E\x48\xC8\xE9\xE9\x4C\xE5\xE9\x6A\x9F\xFB\xE9\x5F\x2D\x14\xEA\x54\xBB\x2C\xEA\xBC\x84\x47\xEA\x3D\xD7\x5D\xEA\xBE\x29\x74\xEA\x0D\x6A\x93\xEA\x8F\xBC\xA9\xEA\x83\x4A\xC2\xEA\x05\x9D\xD8\xEA\x86\xEF\xEE\xEA\x07\x42\x05\xEB\x89\x94\x1B\xEB\x0A\xE7\x31\xEB\x3F\x9E\x55\xEB\xC1\xF0\x6B\xEB\x42\x43\x82\xEB\xC3\x95\x98\xEB\x9F\x9A\xB5\xEB\x20\xED\xCB\xEB\xA1\x3F\xE2\xEB\xD7\xF6\x05\xEC\xCB\x84\x1E\xEC\x4D\xD7\x34\xEC\xCE\x29\x4B\xEC\xC3\xB7\x63\xEC\x44\x0A\x7A\xEC\xC5\x5C\x90\xEC\x47\xAF\xA6\xEC\xC8\x01\xBD\xEC\x4A\x54\xD3\xEC\xCB\xA6\xE9\xEC\x4C\xF9\xFF\xEC\xCE\x4B\x16\xED\xA9\x50\x33\xED\x2A\xA3\x49\xED\x1F\x31\x62\xED\xA0\x83\x78\xED\x22\xD6\x8E\xED\xA3\x28\xA5\xED\x24\x7B\xBB\xED\xA6\xCD\xD1\xED\x27\x20\xE8\xED\xA8\x72\xFE\xED\x2A\xC5\x14\xEE\xAB\x17\x2B\xEE\x2C\x6A\x41\xEE\xAE\xBC\x57\xEE\x2F\x0F\x6E\xEE\xB0\x61\x84\xEE\x32\xB4\x9A\xEE\xB3\x06\xB1\xEE\x34\x59\xC7\xEE\xB6\xAB\xDD\xEE\x37\xFE\xF3\xEE\xB9\x50\x0A\xEF\x3A\xA3\x20\xEF\xBB\xF5\x36\xEF\x3D\x48\x4D\xEF\xBE\x9A\x63\xEF\x3F\xED\x79\xEF\xC1\x3F\x90\xEF\x42\x92\xA6\xEF\xC3\xE4\xBC\xEF\x45\x37\xD3\xEF\xC6\x89\xE9\xEF\x47\xDC\xFF\xEF\xC9\x2E\x16\xF0\x4A\x81\x2C\xF0\xCB\xD3\x42\xF0\x4D\x26\x59\xF0\xCE\x78\x6F\xF0\xC3\x06\x88\xF0\x44\x59\x9E\xF0\xC5\xAB\xB4\xF0\x47\xFE\xCA\xF0\xC8\x50\xE1\xF0\x4A\xA3\xF7\xF0\xCB\xF5\x0D\xF1\x4C\x48\x24\xF1\xCE\x9A\x3A\xF1\x4F\xED\x50\xF1\xD0\x3F\x67\xF1\x52\x92\x7D\xF1\xBA\x5B\x98\xF1\x3B\xAE\xAE\xF1\xBC\x00\xC5\xF1\x3E\x53\xDB\xF1\xBF\xA5\xF1\xF1\x40\xF8\x07\xF2\xC2\x4A\x1E\xF2\x43\x9D\x34\xF2\xC4\xEF\x4A\xF2\x46\x42\x61\xF2\xC7\x94\x77\xF2\x48\xE7\x8D\xF2\xCA\x39\xA4\xF2\x4B\x8C\xBA\xF2\xCC\xDE\xD0\xF2\x4E\x31\xE7\xF2\xCF\x83\xFD\xF2\x50\xD6\x13\xF3\xD2\x28\x2A\xF3\x53\x7B\x40\xF3\x48\x09\x59\xF3\x3D\x97\x71\xF3\xBE\xE9\x87\xF3\x3F\x3C\x9E\xF3\xC1\x8E\xB4\xF3\xB5\x1C\xCD\xF3\x37\x6F\xE3\xF3\xB8\xC1\xF9\xF3\x39\x14\x10\xF4\xBB\x66\x26\xF4\x3C\xB9\x3C\xF4\xBD\x0B\x53\xF4\x3F\x5E\x69\xF4\xC0\xB0\x7F\xF4\x41\x03\x96\xF4\xC3\x55\xAC\xF4\x44\xA8\xC2\xF4\xC5\xFA\xD8\xF4\x47\x4D\xEF\xF4\xC8\x9F\x05\xF5\x49\xF2\x1B\xF5\xCB\x44\x32\xF5\x4C\x97\x48\xF5\xCE\xE9\x5E\xF5\x4F\x3C\x75\xF5\xD0\x8E\x8B\xF5\x52\xE1\xA1\xF5\xD3\x33\xB8\xF5\x54\x86\xCE\xF5\xD6\xD8\xE4\xF5\x57\x2B\xFB\xF5\xD8\x7D\x11\xF6\x5A\xD0\x27\xF6\xDB\x22\x3E\xF6\x5C\x75\x54\xF6\xDE\xC7\x6A\xF6\x5F\x1A\x81\xF6\xE0\x6C\x97\xF6\x62\xBF\xAD\xF6\xE3\x11\xC4\xF6\x64\x64\xDA\xF6\xFF\xFF\xFF\xFF"

#define hash1 "\x00\x00\x00\x00\x96\x30\x07\x77\x2C\x61\x0E\xEE\xBA\x51\x09\x99\x19\xC4\x6D\x07\x8F\xF4\x6A\x70\x35\xA5\x63\xE9\xA3\x95\x64\x9E\x32\x88\xDB\x0E\xA4\xB8\xDC\x79\x1E\xE9\xD5\xE0\x88\xD9\xD2\x97\x2B\x4C\xB6\x09\xBD\x7C\xB1\x7E\x07\x2D\xB8\xE7\x91\x1D\xBF\x90\x64\x10\xB7\x1D\xF2\x20\xB0\x6A\x48\x71\xB9\xF3\xDE\x41\xBE\x84\x7D\xD4\xDA\x1A\xEB\xE4\xDD\x6D\x51\xB5\xD4\xF4\xC7\x85\xD3\x83\x56\x98\x6C\x13\xC0\xA8\x6B\x64\x7A\xF9\x62\xFD\xEC\xC9\x65\x8A\x4F\x5C\x01\x14\xD9\x6C\x06\x63\x63\x3D\x0F\xFA\xF5\x0D\x08\x8D\xC8\x20\x6E\x3B\x5E\x10\x69\x4C\xE4\x41\x60\xD5\x72\x71\x67\xA2\xD1\xE4\x03\x3C\x47\xD4\x04\x4B\xFD\x85\x0D\xD2\x6B\xB5\x0A\xA5\xFA\xA8\xB5\x35\x6C\x98\xB2\x42\xD6\xC9\xBB\xDB\x40\xF9\xBC\xAC\xE3\x6C\xD8\x32\x75\x5C\xDF\x45\xCF\x0D\xD6\xDC\x59\x3D\xD1\xAB\xAC\x30\xD9\x26\x3A\x00\xDE\x51\x80\x51\xD7\xC8\x16\x61\xD0\xBF\xB5\xF4\xB4\x21\x23\xC4\xB3\x56\x99\x95\xBA\xCF\x0F\xA5\xBD\xB8\x9E\xB8\x02\x28\x08\x88\x05\x5F\xB2\xD9\x0C\xC6\x24\xE9\x0B\xB1\x87\x7C\x6F\x2F\x11\x4C\x68\x58\xAB\x1D\x61\xC1\x3D\x2D\x66\xB6\x90\x41\xDC\x76\x06\x71\xDB\x01\xBC\x20\xD2\x98\x2A\x10\xD5\xEF\x89\x85\xB1\x71\x1F\xB5\xB6\x06\xA5\xE4\xBF\x9F\x33\xD4\xB8\xE8\xA2\xC9\x07\x78\x34\xF9\x00\x0F\x8E\xA8\x09\x96\x18\x98\x0E\xE1\xBB\x0D\x6A\x7F\x2D\x3D\x6D\x08\x97\x6C\x64\x91\x01\x5C\x63\xE6\xF4\x51\x6B\x6B\x62\x61\x6C\x1C\xD8\x30\x65\x85\x4E\x00\x62\xF2\xED\x95\x06\x6C\x7B\xA5\x01\x1B\xC1\xF4\x08\x82\x57\xC4\x0F\xF5\xC6\xD9\xB0\x65\x50\xE9\xB7\x12\xEA\xB8\xBE\x8B\x7C\x88\xB9\xFC\xDF\x1D\xDD\x62\x49\x2D\xDA\x15\xF3\x7C\xD3\x8C\x65\x4C\xD4\xFB\x58\x61\xB2\x4D\xCE\x51\xB5\x3A\x74\x00\xBC\xA3\xE2\x30\xBB\xD4\x41\xA5\xDF\x4A\xD7\x95\xD8\x3D\x6D\xC4\xD1\xA4\xFB\xF4\xD6\xD3\x6A\xE9\x69\x43\xFC\xD9\x6E\x34\x46\x88\x67\xAD\xD0\xB8\x60\xDA\x73\x2D\x04\x44\xE5\x1D\x03\x33\x5F\x4C\x0A\xAA\xC9\x7C\x0D\xDD\x3C\x71\x05\x50\xAA\x41\x02\x27\x10\x10\x0B\xBE\x86\x20\x0C\xC9\x25\xB5\x68\x57\xB3\x85\x6F\x20\x09\xD4\x66\xB9\x9F\xE4\x61\xCE\x0E\xF9\xDE\x5E\x98\xC9\xD9\x29\x22\x98\xD0\xB0\xB4\xA8\xD7\xC7\x17\x3D\xB3\x59\x81\x0D\xB4\x2E\x3B\x5C\xBD\xB7\xAD\x6C\xBA\xC0\x20\x83\xB8\xED\xB6\xB3\xBF\x9A\x0C\xE2\xB6\x03\x9A\xD2\xB1\x74\x39\x47\xD5\xEA\xAF\x77\xD2\x9D\x15\x26\xDB\x04\x83\x16\xDC\x73\x12\x0B\x63\xE3\x84\x3B\x64\x94\x3E\x6A\x6D\x0D\xA8\x5A\x6A\x7A\x0B\xCF\x0E\xE4\x9D\xFF\x09\x93\x27\xAE\x00\x0A\xB1\x9E\x07\x7D\x44\x93\x0F\xF0\xD2\xA3\x08\x87\x68\xF2\x01\x1E\xFE\xC2\x06\x69\x5D\x57\x62\xF7\xCB\x67\x65\x80\x71\x36\x6C\x19\xE7\x06\x6B\x6E\x76\x1B\xD4\xFE\xE0\x2B\xD3\x89\x5A\x7A\xDA\x10\xCC\x4A\xDD\x67\x6F\xDF\xB9\xF9\xF9\xEF\xBE\x8E\x43\xBE\xB7\x17\xD5\x8E\xB0\x60\xE8\xA3\xD6\xD6\x7E\x93\xD1\xA1\xC4\xC2\xD8\x38\x52\xF2\xDF\x4F\xF1\x67\xBB\xD1\x67\x57\xBC\xA6\xDD\x06\xB5\x3F\x4B\x36\xB2\x48\xDA\x2B\x0D\xD8\x4C\x1B\x0A\xAF\xF6\x4A\x03\x36\x60\x7A\x04\x41\xC3\xEF\x60\xDF\x55\xDF\x67\xA8\xEF\x8E\x6E\x31\x79\xBE\x69\x46\x8C\xB3\x61\xCB\x1A\x83\x66\xBC\xA0\xD2\x6F\x25\x36\xE2\x68\x52\x95\x77\x0C\xCC\x03\x47\x0B\xBB\xB9\x16\x02\x22\x2F\x26\x05\x55\xBE\x3B\xBA\xC5\x28\x0B\xBD\xB2\x92\x5A\xB4\x2B\x04\x6A\xB3\x5C\xA7\xFF\xD7\xC2\x31\xCF\xD0\xB5\x8B\x9E\xD9\x2C\x1D\xAE\xDE\x5B\xB0\xC2\x64\x9B\x26\xF2\x63\xEC\x9C\xA3\x6A\x75\x0A\x93\x6D\x02\xA9\x06\x09\x9C\x3F\x36\x0E\xEB\x85\x67\x07\x72\x13\x57\x00\x05\x82\x4A\xBF\x95\x14\x7A\xB8\xE2\xAE\x2B\xB1\x7B\x38\x1B\xB6\x0C\x9B\x8E\xD2\x92\x0D\xBE\xD5\xE5\xB7\xEF\xDC\x7C\x21\xDF\xDB\x0B\xD4\xD2\xD3\x86\x42\xE2\xD4\xF1\xF8\xB3\xDD\x68\x6E\x83\xDA\x1F\xCD\x16\xBE\x81\x5B\x26\xB9\xF6\xE1\x77\xB0\x6F\x77\x47\xB7\x18\xE6\x5A\x08\x88\x70\x6A\x0F\xFF\xCA\x3B\x06\x66\x5C\x0B\x01\x11\xFF\x9E\x65\x8F\x69\xAE\x62\xF8\xD3\xFF\x6B\x61\x45\xCF\x6C\x16\x78\xE2\x0A\xA0\xEE\xD2\x0D\xD7\x54\x83\x04\x4E\xC2\xB3\x03\x39\x61\x26\x67\xA7\xF7\x16\x60\xD0\x4D\x47\x69\x49\xDB\x77\x6E\x3E\x4A\x6A\xD1\xAE\xDC\x5A\xD6\xD9\x66\x0B\xDF\x40\xF0\x3B\xD8\x37\x53\xAE\xBC\xA9\xC5\x9E\xBB\xDE\x7F\xCF\xB2\x47\xE9\xFF\xB5\x30\x1C\xF2\xBD\xBD\x8A\xC2\xBA\xCA\x30\x93\xB3\x53\xA6\xA3\xB4\x24\x05\x36\xD0\xBA\x93\x06\xD7\xCD\x29\x57\xDE\x54\xBF\x67\xD9\x23\x2E\x7A\x66\xB3\xB8\x4A\x61\xC4\x02\x1B\x68\x5D\x94\x2B\x6F\x2A\x37\xBE\x0B\xB4\xA1\x8E\x0C\xC3\x1B\xDF\x05\x5A\x8D\xEF\x02\x2D\xFF\xFF\xFF\xFF"


#################################################################
Decryption Routine
#################################################################


	char *bytes = new char[length];
	memcpy(bytes, pack, length);
	unsigned int esi, ecx, eax, edi, edx,temp,temp1, len, pos;

	/* Calculate esi */

	edi = length;
	ecx = (bytes[7]&0xFF) << 24 | (bytes[6]&0xFF) << 16 | (bytes[5]&0xFF) << 8 | (bytes[4] & 0xFF);
	esi = edi;
	edx = ecx;
	edx >>= 0x1C;
	edx++;
	esi >>= 2;
	edi = esi;
	ecx = (bytes[7]&0xFF) << 24 | (bytes[6]&0xFF) << 16 | (bytes[5]&0xFF) << 8 | (bytes[4] & 0xFF);
	temp = ecx; //temp is ebp-28
	temp1 = esi; //temp1 is ebp-8

	pos = 0;
	len = esi;
	char *stuff = new char[len*4];

	/* Hash Stuff */

	for(int x = 0; x < len; x++)
	{
		edi = temp;
		esi = ecx;
		esi &= 0x0FF;
		esi = (hash[(esi*4)+3] << 24 | (hash[(esi*4)+2]&0xFF) << 16 | (hash[(esi*4)+1]&0xFF) << 8 | (hash[esi*4]&0xFF) & 0xFF);
		esi += edi;
		edi = (bytes[3]&0xFF) << 24 | (bytes[2]&0xFF) << 16 | (bytes[1]&0xFF) << 8 | (bytes[0] & 0xFF);
		edi -= esi;
		esi = temp1;
		
		stuff[pos+0] = edi;
		stuff[pos+1] = edi >> 8;
		stuff[pos+2] = edi >> 16;
		stuff[pos+3] = edi >> 24;
		pos += 4;
		ecx += edx;
		bytes += 4;
		esi--;
		temp1 = esi;
	}

#############################################################
Encryption Routine
#############################################################

	unsigned int ebx, ebp, esi, eax, edi, ecx, temp;
	int pos;
	unsigned char *bytes = new unsigned char[length];
	memcpy(bytes, pack, length);
	

	ecx = 0;
	
	/* CALCULATE ECX */
	for(int x = 0; x < length; x++)
	{
		ebx = 0;
		ebx = bytes[x];
		ebp = ecx;
		ebp &= 0x0FF;

		ecx >>= 8;	
		ebp ^= ebx;
		ebx = (hash1[(ebp*4)+3] << 24 | (hash1[(ebp*4)+2]&0xFF) << 16 | (hash1[(ebp*4)+1]&0xFF) << 8 | (hash1[ebp*4]&0xFF) & 0xFF);
		

		ecx ^= ebx;
	}
	/* Mid Calculations */

	eax = length;
	edi = ecx;
	edi >>= 0x1C;
    ebp = eax;
	ebp >>= 2;
	edi++;
	ebx = ebp;
	ebp--;
	esi = ecx;
	ebp++;

	/* Hash Stuff */
	pos = 0;
	char *stuff = new char[ebp*4];

	for(int y = 0; y < ebp; y++)
	{
		temp = (bytes[3]&0xFF) << 24 | (bytes[2]&0xFF) << 16 | (bytes[1]&0xFF) << 8 | (bytes[0] & 0xFF); //the part of our buf edx is pointing to
		ebx = esi;
		ebx &= 0x0FF;
		ebx = (hash[(ebx*4)+3] << 24 | (hash[(ebx*4)+2]&0xFF) << 16 | (hash[(ebx*4)+1]&0xFF) << 8 | (hash[ebx*4]&0xFF) & 0xFF);	
		ebx += ecx;
		temp += ebx;
		bytes += 4;
		esi += edi;
	
		stuff[pos+0] = temp;
		stuff[pos+1] = temp >> 8;
		stuff[pos+2] = temp >> 16;
		stuff[pos+3] = temp >> 24;
		pos += 4;
	}