美文网首页
从字符串中解析私钥并rsa解密

从字符串中解析私钥并rsa解密

作者: 烤土豆啦 | 来源:发表于2019-03-12 13:40 被阅读0次

    Parse RSA public and private key pair from string in Java

    逆向某APP,发现其大部分配置文件都是加密的 。所以逆向算法并解密

    image.png image.png image.png image.png image.png

    RSA和AES密钥 可以分析WTDefine发现,WTDefine是一个单例模式的加密。所以我们找到初始化的那个地方就行

    image.png image.png

    写个java

    import java.util.Base64;
    import java.util.Scanner;
    import javax.crypto.spec.IvParameterSpec;
    import javax.crypto.spec.SecretKeySpec;
    import java.security.InvalidKeyException;
    import java.security.KeyFactory;
    import java.security.NoSuchAlgorithmException;
    import javax.crypto.Cipher;
    import java.security.PrivateKey;
    import java.security.interfaces.RSAPublicKey;
    import java.security.spec.InvalidKeySpecException;
    import java.security.spec.PKCS8EncodedKeySpec;
    import java.security.spec.X509EncodedKeySpec;
    import javax.crypto.BadPaddingException;
    import javax.crypto.Cipher;
    import javax.crypto.IllegalBlockSizeException;
    import javax.crypto.NoSuchPaddingException;
    import java.security.InvalidAlgorithmParameterException;
    
    public class decodeRSA{
    
        public static void main(String[] args) throws InvalidKeySpecException, InvalidAlgorithmParameterException, BadPaddingException, NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, IllegalBlockSizeException {
            
            Scanner myObj = new Scanner(System.in);  
            System.out.println("Enter cipher text");
        
            String Data = myObj.nextLine();  
            SecretKeySpec localSecretKeySpec = new SecretKeySpec("WTSecret81234512".getBytes(), "AES");
            IvParameterSpec localIvParameterSpec = new IvParameterSpec("16-Bytes--String".getBytes());
            Cipher aes  = Cipher.getInstance("AES/CBC/PKCS5Padding");
            aes.init(2, localSecretKeySpec, localIvParameterSpec);
            byte[] encrypted = aes.doFinal(Base64.getDecoder().decode(Data));
    
            String PrivateKey = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOBsk4ECF5AEDYJiglWl1gYS0a3q8Fv6ayfqS5v/bUdL8KKk365FRmRNV17H9qYWZgtipBBMrcDOIFUGdazPTmOXKKbMqs29mmtWwXI06bpQsfXH+XNH/dOP/lRys3WBMTx441a1hD2euLLX71GsyR6bhqmzitY6G7LeZerw+l87AgMBAAECgYA4HY4IbQB9RzYliwIx7kSEwkHhreQp64TNtzzupcCqWieyU22GwtWmENyu22sl/mXHpQOG+9VaZ3AYMoRMEI31yvUEFgQhqKVmQiYzhLP0eZFPZIrVf5SPmPcbU3+vNCQTEB6eO1XvORLWUGoEgdtVPmBSTX6/KiHuKWGvCS4FmQJBAPzaYqGUfmWOmRgAfBE7w1qRIDyq2evlDLzdqguGTpo0NkR6nxEYihGNb5zYypd6JpERvtf+Qycb++ZygzAY2McCQQDjN50OysQvdX2shfo73u/0XcbYlhHYyrHGAnanLhwMMirl6awxJHCoRcBwNrXjne/v/+WghySwp/Hn8MY0/9ntAkEA89QsVKB7mrd+DlU5Tu0Qn19fdOFUsFP6io4/Ekn7tlwvEK4mgjflvLNlNB0ikBws4Kv6GxOH8kjcCwfWViU/tQJBAJyFgQHhmEgBLbOdD4YSy0WRHBuzNVQcPV5j8Ay2bMfR/08mK2Im8hxZAHnMlnvYHqM7qplsv0+aQcA/UqrL3PkCQFqjDjFS9v9EBEkrD3MZxhQABeF2bxChmdGVsxrfRMWzQuIIxv95F9GforezYJ0jC/8EJNicNl3xKmAJAkfCmDU=";
            KeyFactory kf = KeyFactory.getInstance("RSA");
            PKCS8EncodedKeySpec keySpecPKCS8 = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(PrivateKey));
            PrivateKey privKey = kf.generatePrivate(keySpecPKCS8);
            String tmpstr = new String(encrypted);
            tmpstr = tmpstr.replaceAll("\n", "").replaceAll("\r", "");
    
            String[] ciphertexts = tmpstr.split(",");
            for(String ciphertext : ciphertexts){
                byte[] decoded = Base64.getDecoder().decode(ciphertext);
                Cipher localCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                localCipher.init(2, privKey);
                byte[] dectyptedText = localCipher.doFinal(decoded);
    
                System.out.println(new String(dectyptedText));
            }
            
        }
    }
    

    相关文章

      网友评论

          本文标题:从字符串中解析私钥并rsa解密

          本文链接:https://www.haomeiwen.com/subject/lowgpqtx.html