Verified Commit efcc4f8b authored by Zander Work's avatar Zander Work
Browse files

updated malware scripts

parent eab9285e
#!/usr/bin/env python3
import binascii
import struct
import sys
def decrypt_packet(key, packet):
packet = binascii.unhexlify(packet)
length = struct.unpack("<H", packet[37:39])
if length == 0:
enc_bytes = packet[39:]
key = binascii.unhexlify(key)
out_pkt = b""
for i in range(len(enc_bytes)):
out_pkt += bytes([enc_bytes[i] ^ key[i % len(key)]])
return out_pkt
def main(argv):
if len(argv) != 3:
print("usage: ./ [key binascii] [pkt binascii]")
return 1
print(decrypt_packet(argv[1], argv[2]))
return 0
if __name__ == "__main__":
\ No newline at end of file
......@@ -63,4 +63,5 @@ strs = get_strs(elf, config["stiv"], config["stky"])
if len(sys.argv) > 1:
\ No newline at end of file
for i in range(len(strs)):
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment