Calculate DLL 4Byte Hash Checksum

[AgentSmithers]

Code:

// CalcDLLHash.cpp : Defines the entry point for the console application.
//

#include "stdafx.h"
#include <stdio.h>
#include <string.h>
#include <iostream.h>
#include <mbstring.h>
char * CalcHash(unsigned char * MyString)
{
	unsigned int h;
	unsigned char *c=MyString;
	while(*c) 
	{
		h=((h<<5)|(h>>27))+*c++;
	}
	printf("Done");
	return 0;
}

int main(int argc, char* argv[])
{
	//unsigned char* MyStr = new unsigned char [16];
	//*_mbscpy(MyStr, unsigned char *("LoadLibraryA")); 
	unsigned char* MyStr = (unsigned char *)"LoadLibraryA";
	//MyStr = MyStringA;
	CalcHash(MyStr);
	printf("Hello World!\n");
	return 0;
}

LoadLibraryA was supposed to come back
;LoadLibraryA
;db 0x8e
;db 0x4e
;db 0x0e
;db 0xec
but im getting h = 0xFFE7AAA8 =(

Anyone know why?

Edit: I also tryed writing this in MASM

Code:

include \masm32\include\masm32rt.inc
includelib \masm32\lib\masm32rt.lib

.486
.model flat, stdcall
option casemap :none
.const
LL db "LoadLibraryA", 0
.code
start:

xor edi, edi
xor eax, eax
cld ;Clear Direction Flags For LoadStringByte

mov esi, OFFSET LL

push esi

compute_hash_again:
lodsb
test al, al
jz compute_hash_finished
ror edi, 0dh
add edi, eax
jmp compute_hash_again
compute_hash_finished:

pop esi

print hex$([esi])

;ret

;DEFINE CONSTANTS
   
;locate_kernel32_hashes:
;    call locate_kernel32_hashes_return

    ;LoadLibraryA
    ;db 0x8e
    ;db 0x4e
    ;db 0x0e
    ;db 0xec

I created this code to see if I can calculate DLL hashes the same way PE headers do and My results came wrong, The "Correct" Results for LoadLibraryA were supposed be

;db 0x8e
;db 0x4e
;db 0x0e
;db 0xec

I get
0x64616F4C

No go =(

[streamer]

Here is the problem:

unsigned char* MyStr = (unsigned char *)"LoadLibraryA";

should be:

char * CalcHash(char * MyString)
{
unsigned int h;
unsigned char *c=(unsigned char*)MyString;
while(*c)
{
h=((h<<5)|(h>>27))+*c++;
}
printf("Done");
return 0;
}


char MyStr[] = "LoadLibraryA";

CalcHash(MyStr);

[AgentSmithers]

I got 0x331adddc

Code:

// CalcDLLHash.cpp : Defines the entry point for the console application.
//

#include "stdafx.h"
#include <stdio.h>
#include <string.h>
#include <iostream.h>
#include <mbstring.h>
char * CalcHash(char * MyString)
{
	unsigned int h = 0;
	unsigned char *c=(unsigned char*)MyString;
	while(*c) 
	{
		h=((h<<5)|(h>>27))+*c++;
	}
	printf("Done");
	return 0;
}

int main(int argc, char* argv[])
{
	//unsigned char* MyStr = new unsigned char [16];
	//*_mbscpy(MyStr, unsigned char *("LoadLibraryA")); 
	//unsigned char* MyStr = (unsigned char *)"LoadLibraryA\0";
	char MyStr[] = "LoadLibraryA";
	//MyStr = MyStringA;
	CalcHash(MyStr);
	printf("Hello World!\n");
	return 0;
}

[AgentSmithers]

Code:

// FunctionHashInShellcodes.cpp : Defines the entry point for the console application.
//

#include "stdafx.h"
#include <stdio.h>

unsigned long hash_by(void *key, unsigned long num)
{
    unsigned long hash = 0;
    char *c = (char *)key;
 
	while (*c != 0)
	{
		hash = hash << (32-num) | hash >> (num);
		hash += *c;
		c++;
	}
 
    return hash;
}

int main(int argc, char* argv[])
{
	printf(" %s 0x%08x\n","accept",hash_by("accept",0xd));
	printf(" %s 0x%08x\n","LoadLibraryA",hash_by("LoadLibraryA",0xd));
	printf(" %s 0x%08x\n","loadlibrarya",hash_by("loadlibrarya",0xd));
	//LoadLibraryA = 0xec0e4e8e
	return 0;
}

This works! I converted it from the Linux version src:http://nepenthes.carnivore.it/cnsi:function_hashes

It is cap sensitive LoadLibraryA will produce a different result then loadlibrarya, But why 0xD?