-
-
Save hasherezade/fef5bd9b2b12d6bc384d40fc60213d05 to your computer and use it in GitHub Desktop.
JRAT - layer 2 decryptor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package w; | |
import java.security.GeneralSecurityException; | |
import java.security.Key; | |
import java.security.interfaces.RSAPrivateKey; | |
import javax.crypto.Cipher; | |
import javax.crypto.spec.SecretKeySpec; | |
public class kyl { | |
private byte[] encryptedAesKey; | |
private byte[] encryptedBuffer; | |
private static int mode = javax.crypto.Cipher.DECRYPT_MODE; | |
public kyl() { | |
} | |
public void setEncryptedBuffer(byte[] value) { | |
this.encryptedBuffer = value; | |
} | |
public void setEncryptedAesKey(byte[] value) { | |
this.encryptedAesKey = value; | |
} | |
public byte[] decryptContent(Object object2) throws GeneralSecurityException { | |
Cipher object = Cipher.getInstance("RSA"); | |
object.init(2, (RSAPrivateKey)object2); | |
Cipher cipher2 = Cipher.getInstance("AES"); | |
byte []aesDecrypted = object.doFinal(this.encryptedAesKey); | |
SecretKeySpec sKey = new SecretKeySpec(aesDecrypted, "AES"); | |
Cipher arrby = cipher2; | |
arrby.init(mode, (Key)sKey); | |
return arrby.doFinal(this.encryptedBuffer); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.ByteArrayOutputStream; | |
import java.io.FileInputStream; | |
import java.io.FileOutputStream; | |
import java.io.IOException; | |
import java.io.InputStream; | |
import java.io.ObjectInputStream; | |
import java.security.GeneralSecurityException; | |
import java.security.interfaces.RSAPrivateKey; | |
import w.kyl; | |
public class main { | |
public static byte[] readFromStream(InputStream param1) throws IOException { | |
int n; | |
ByteArrayOutputStream kyqa2 = new ByteArrayOutputStream(); | |
byte[] arrby = new byte[2048]; | |
InputStream inputStream = param1; | |
while ((n = inputStream.read(arrby)) > -1) { | |
inputStream = param1; | |
kyqa2.write(arrby, 0, n); | |
} | |
ByteArrayOutputStream kyqa3 = kyqa2; | |
kyqa3.close(); | |
return kyqa3.toByteArray(); | |
} | |
public static byte [] decrypt(String encData, String aesKey, String rsaKey, String outFile) throws IOException, ClassNotFoundException, GeneralSecurityException | |
{ | |
byte []dataPath = readFromStream(new FileInputStream(encData)); | |
byte []pPassCrypted = readFromStream(new FileInputStream(aesKey)); | |
ObjectInputStream objPrivatePass = new ObjectInputStream(new FileInputStream(rsaKey)); | |
RSAPrivateKey rKey = (RSAPrivateKey) objPrivatePass.readObject(); | |
kyl kyl2 = new kyl(); | |
kyl2.setEncryptedAesKey((byte[])pPassCrypted); | |
kyl2.setEncryptedBuffer((byte[])dataPath); | |
byte []decrypted = kyl2.decryptContent(rKey); | |
FileOutputStream fos = new FileOutputStream(outFile); | |
fos.write(decrypted); | |
fos.close(); | |
return decrypted; | |
} | |
public static void main(String []args) throws IOException, ClassNotFoundException, GeneralSecurityException | |
{ | |
if (args.length < 4){ | |
System.out.println("Args: <encData> <aesKey> <rsaKey> <outFile>"); | |
return; | |
} | |
decrypt(args[0], args[1], args[2], args[3]); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment