-
-
Save hasherezade/e08e9eb1e40a5822bb1f6b0abd9c76e6 to your computer and use it in GitHub Desktop.
JRAT - layer 1 decryptor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.ByteArrayInputStream; | |
import java.io.ByteArrayOutputStream; | |
import java.io.IOException; | |
import java.io.InputStream; | |
import java.util.zip.GZIPInputStream; | |
public class b { | |
public static byte[] a(byte[] inp) throws IOException { | |
int n; | |
GZIPInputStream a2 = new GZIPInputStream(new ByteArrayInputStream((byte[])inp)); | |
byte[] arrby = new byte[1024]; | |
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); | |
byte[] arrby2 = arrby; | |
while ((n = a2.read(arrby2)) >= 0) { | |
byte[] arrby3 = arrby; | |
arrby2 = arrby3; | |
byteArrayOutputStream.write(arrby3, 0, n); | |
} | |
a2.close(); | |
ByteArrayOutputStream byteArrayOutputStream2 = byteArrayOutputStream; | |
byteArrayOutputStream2.close(); | |
return byteArrayOutputStream2.toByteArray(); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.security.Key; | |
import javax.crypto.Cipher; | |
import javax.crypto.spec.SecretKeySpec; | |
public final class c { | |
public static String a(String a2) { | |
int n; | |
int n2 = a2.length(); | |
int n3 = n = n2 - 1; | |
char[] arrc = new char[n2]; | |
while (n3 >= 0) { | |
int n4 = n--; | |
arrc[n4] = (char)(a2.charAt(n4) ^ 49); | |
if (n < 0) break; | |
int n5 = n--; | |
arrc[n5] = (char)(a2.charAt(n5) ^ 58); | |
n3 = n; | |
} | |
return new String(arrc); | |
} | |
public static byte[] a(byte[] a2, byte[] a3) { | |
try { | |
Key key = new SecretKeySpec((byte[])a3, "AES"); | |
Cipher cipher2 = Cipher.getInstance("AES/ECB/PKCS5Padding"); | |
cipher2.init(2, key); | |
a2 = cipher2.doFinal(a2); | |
return a2; | |
} | |
catch (Exception v1) { | |
return null; | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.ByteArrayOutputStream; | |
import java.io.FileInputStream; | |
import java.io.FileOutputStream; | |
import java.io.IOException; | |
import java.io.InputStream; | |
import java.security.GeneralSecurityException; | |
public class main { | |
public static byte[] readFromStream(InputStream param1) throws IOException { | |
int n; | |
ByteArrayOutputStream kyqa2 = new ByteArrayOutputStream(); | |
byte[] arrby = new byte[2048]; | |
InputStream inputStream = param1; | |
while ((n = inputStream.read(arrby)) > -1) { | |
inputStream = param1; | |
kyqa2.write(arrby, 0, n); | |
} | |
ByteArrayOutputStream kyqa3 = kyqa2; | |
kyqa3.close(); | |
return kyqa3.toByteArray(); | |
} | |
public static byte[] decrypt(String encData, String aesKey, String outFile) throws IOException, ClassNotFoundException, GeneralSecurityException | |
{ | |
byte[] inpData = readFromStream(new FileInputStream(encData)); | |
byte[] decrypted = b.a(c.a(inpData, aesKey.getBytes())); | |
FileOutputStream fos = new FileOutputStream(outFile); | |
fos.write(decrypted); | |
fos.close(); | |
return decrypted; | |
} | |
public static void main(String[] args) throws IOException, ClassNotFoundException, GeneralSecurityException | |
{ | |
if (args.length < 4) { | |
System.out.println("Args: <encData> <aesKey> <outFile>"); | |
return; | |
} | |
decrypt(args[0], args[1], args[2]); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment