gpt4 book ai didi

ssl - 协助解密使用 Base64 > SSL 混淆的 Lua 脚本

转载 作者:太空宇宙 更新时间:2023-11-03 14:53:50 25 4
gpt4 key购买 nike

这里的任何人都可以帮助我解密保护本主题末尾链接的 LUA 脚本的 SSL 加密吗?基本上它们是用 Base64 编码然后用 SSL 编码的,但我不知道如何做 SSL 部分。它们与一个名为 Bot of Legends 的程序一起使用,有人告诉我可以通过转储所述程序的解密功能并使用它来获取 SSL key 来破解加密,但我什至不知道从哪里开始那。基本上,这些脚本通过连接到编码到脚本中的身份验证服务器来工作,我通过从网络数据包中嗅探到他们的身份验证服务器的流量来获取他们的服务器链接并基本上创建了我自己的身份验证服务器,从而获得了一些自己的身份验证服务器Apache,然后将进入他们服务器的网络流量从脚本重定向到我自己的服务器,以获得脚本验证的响应。对于一些具有更强加密的脚本,这并不容易,我将不得不访问源代码以删除运行身份验证服务器检查的编码。直到几天前,我还不知道 lua 编码是如何工作的,甚至不知道如何计算由于 lua 混淆,auth 服务器检查甚至可能在一个简单的文本文件中进行编码。所以请耐心等待,我希望有人能插话并告诉我我能做什么。

问候,

克里斯

*** PasteBin 链接到原始格式的相关脚本:http://pastebin.com/raw.php?i=bG0VqQGW

首先是 Base64 部分,底部是 SSL 部分。

最佳答案

print("SSL Decoder version 2.0")
print("Copyright (C) 2015")
print("Decoding Started...")

local infilename = select(1,...)
local outfilename = select(2,...)

local infile = io.open(infilename, "r")

if not infile then
error("Failed to open input file.")
end

local intext = infile:read("*a")

infile:close()

local ssltabletext = intext:match("SSL%s*%(%s*%{([%s,0-9]*)%}%s*%)")

if not ssltabletext then
error("Could not find ssl table in source file.")
end

local ssltable = load("return {"..ssltabletext.."}")()

if #ssltable < 255 then
error("SSL table is too short -- can't find table encryption key.")
end

-- find decryption key for the ssl table
local decrypt = {}

decrypt[0] = 0
for i = 1,255 do
local dec = i
local enc = ssltable[i]
assert(decrypt[enc] == nil)
decrypt[enc] = dec
end

-- decrypt ssl table
for i = 256, #ssltable - 256 do -- not sure what last 256 bytes are
ssltable[i] = decrypt[ssltable[i] ]
end

-- If this does a stack overflow, easy to change to something dumb but more robust
local sslcode = string.char(table.unpack(ssltable, 256, #ssltable - 256))

-- This is interesting --
--print(sslcode)

local keyindex = sslcode:match("local Key%s*=%s*'()")
if not keyindex then
error("Could not find key in decoded ssl table.")
end

local key = sslcode:sub(keyindex)

local length = 0
while true do
local c = key:sub(length+1, length+1)
if c == "" then
error("Key string was not terminated.")
elseif c == "'" then
break
elseif c == "\\" then
local c2 = key:sub(length+2, length+2)
if c2:match("%d") then
local c3 = key:sub(length+3, length+3)
if c3:match("%d") then
local c4 = key:sub(length+4, length+4)
if c4:match("%d") then
length = length + 4
else
length = length + 3
end
else
length = length + 2
end
elseif c2 == "x" then
length = length + 4
else
length = length + 2
end
else
length = length + 1
end
end

key = key:sub(1, length)

if #key == 0 then
error("Key is empty")
end

print("Key Found! > " .. key)
print("Decoding finished, outfile is at > " .. outfilename)

-- find base64
local b64 = intext:match("_G.ScriptCode%s*=%s*Base64Decode%s*%(%s*\"([a-zA-Z0-9/+]*=*)\"%s*%)")
if not b64 then
error("Could not find Base-64 encrypted code in source file.")
end

-- base64 decode
local b64val = {}
for i = 0, 25 do
do
local letter = string.byte("A")
b64val[string.char(letter+i)] = i
end
do
local letter = string.byte("a")
b64val[string.char(letter+i)] = i + 26
end
end
for i = 0, 9 do
local numeral = string.byte("0")
b64val[string.char(numeral+i)] = i + 52
end
b64val["+"] = 62
b64val["/"] = 63
b64val["="] = 0

local encoded = b64:gsub("(.)(.)(.)(.)",function(a,b,c,d)
local n = b64val[a] * (64 * 64 * 64) + b64val[b] * (64 * 64) + b64val[c] * 64 + b64val[d]
local b1 = n % 256; n = (n - b1) / 256
local b2 = n % 256; n = (n - b2) / 256
local b3 = n
if d == "=" then
if c == "=" then
assert(b1 == 0 and b2 == 0)
return string.char(b3)
else
assert(b1 == 0)
return string.char(b3, b2)
end
else
return string.char(b3, b2, b1)
end
end)

-- decode
local decoded = encoded:gsub("()(.)", function(i, c)
local b = c:byte()
local ki = ((i - 1) % #key) + 1
local k = key:byte(ki,ki)
b = b - k
if b < 0 then b = b + 256 end
return string.char(b)
end)

-- verify
local result, err = load(decoded)
if not result then
error("Decoded file could not be loaded -- it may be corrupt... ("..tostring(err)..")")
end

-- output
local outfile = io.open(outfilename, "wb")

if not outfile then
error("Failed to open output file.")
end

outfile:write(decoded)

outfile:close()

此代码由 Extreme Coders ( https://reverseengineering.stackexchange.com/users/1413/extreme-coders) 编写

如何使用它,你需要得到lua52.exe将代码保存到文本文件中并将其命名为 ssl.lua(例如)现在运行 cmd 并输入 lua52 ssl yourscript.lua decryptedscript.lua它将运行并解密它。

关于ssl - 协助解密使用 Base64 > SSL 混淆的 Lua 脚本,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31779624/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com