美文网首页
finalshell导出密码解密解密

finalshell导出密码解密解密

作者: SailSea | 来源:发表于2021-12-31 16:54 被阅读0次

    connect_config.json中password为加密后的密码。


    image.png

    使用下面java程序可以解密
    TVE5YhZeGxyOCxxxxxxCUAnkVWgAeJ3L替换为自己服务器的密文

    https://c.runoob.com/compile/10/
    可以将下面代码贴到在线编辑器中运行,不用安装java程序

    import java.io.ByteArrayOutputStream;
    import java.io.DataOutputStream;
    import java.io.IOException;
    import java.math.BigInteger;
    import java.security.MessageDigest;
    import java.security.NoSuchAlgorithmException;
    import java.security.SecureRandom;
    import java.util.Base64;
    import java.util.Random;
    
    import javax.crypto.Cipher;
    import javax.crypto.SecretKey;
    import javax.crypto.SecretKeyFactory;
    import javax.crypto.spec.DESKeySpec;
    
    public class FinalShellDecodePass {
        public static void main(String[] args)throws Exception {
            System.out.println(decodePass("TVE5YhZeGxyOCxxxxxxCUAnkVWgAeJ3L"));
        }
        public static byte[] desDecode(byte[] data, byte[] head) throws Exception {
            SecureRandom sr = new SecureRandom();
            DESKeySpec dks = new DESKeySpec(head);
            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
            SecretKey securekey = keyFactory.generateSecret(dks);
            Cipher cipher = Cipher.getInstance("DES");
            cipher.init(2, securekey, sr);
            return cipher.doFinal(data);
        }
        public static String decodePass(String data) throws Exception {
            if (data == null) {
                return null;
            } else {
                String rs = "";
                byte[] buf = Base64.getDecoder().decode(data);
                byte[] head = new byte[8];
                System.arraycopy(buf, 0, head, 0, head.length);
                byte[] d = new byte[buf.length - head.length];
                System.arraycopy(buf, head.length, d, 0, d.length);
                byte[] bt = desDecode(d, ranDomKey(head));
                rs = new String(bt);
    
                return rs;
            }
        }
        static byte[] ranDomKey(byte[] head) {
            long ks = 3680984568597093857L / (long)(new Random((long)head[5])).nextInt(127);
            Random random = new Random(ks);
            int t = head[0];
    
            for(int i = 0; i < t; ++i) {
                random.nextLong();
            }
    
            long n = random.nextLong();
            Random r2 = new Random(n);
            long[] ld = new long[]{(long)head[4], r2.nextLong(), (long)head[7], (long)head[3], r2.nextLong(), (long)head[1], random.nextLong(), (long)head[2]};
            ByteArrayOutputStream bos = new ByteArrayOutputStream();
            DataOutputStream dos = new DataOutputStream(bos);
            long[] var15 = ld;
            int var14 = ld.length;
    
            for(int var13 = 0; var13 < var14; ++var13) {
                long l = var15[var13];
    
                try {
                    dos.writeLong(l);
                } catch (IOException var18) {
                    var18.printStackTrace();
                }
            }
    
            try {
                dos.close();
            } catch (IOException var17) {
                var17.printStackTrace();
            }
    
            byte[] keyData = bos.toByteArray();
            keyData = md5(keyData);
            return keyData;
        }
        public static byte[] md5(byte[] data) {
            String ret = null;
            byte[] res=null;
    
            try {
                MessageDigest m;
                m = MessageDigest.getInstance("MD5");
                m.update(data, 0, data.length);
                res=m.digest();
                ret = new BigInteger(1, res).toString(16);
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            }
            return res;
        }
    }
    

    相关文章

      网友评论

          本文标题:finalshell导出密码解密解密

          本文链接:https://www.haomeiwen.com/subject/iwzgqrtx.html