Skip to content

Instantly share code, notes, and snippets.

@jackson5sec

jackson5sec/Aes

Forked from darkr4y/Aes
Created February 24, 2020 05:41
Show Gist options
  • Save jackson5sec/f020a60201e1544c4069eb3953f3d257 to your computer and use it in GitHub Desktop.
Save jackson5sec/f020a60201e1544c4069eb3953f3d257 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Aes
public class Main {
public static void main(String[] argv) throws Exception {
System.out.println("Keystore: " + argv[0]);
System.out.println("Keystore Password: " + argv[1]);
System.out.println("Key Password: " + argv[1]);
String alias = "Unknown";
if ( argv.length == 3) {
alias = argv[2];
} else {
/*
Enumeration enumeration = keystore.aliases();
while(enumeration.hasMoreElements()) {
alias = (String)enumeration.nextElement();
Display(argv[0],alias,argv[1],argv[1]);
}
*/
}
System.out.println("Alias(default is Unknown): " + alias);
Display(argv[0],alias,argv[1],argv[1]);
}
}
Raw
Beacon_Keys
package hacking;
import common.CommonUtils;
import common.MudgeSanity;
import dns.AsymmetricCrypto;
import dns.QuickSecurity;
import java.io.File;
import java.io.UnsupportedEncodingException;
import java.security.KeyPair;
import java.util.Base64;
public class CSRSAKey {
public static final String bString(byte[] data) {
try {
return new String(data, "ISO8859-1");
} catch (UnsupportedEncodingException var2) {
MudgeSanity.logException("bString", var2, false);
return "";
}
}
public static void main(String[] args) {
try {
File keys = new File(".cobaltstrike.beacon_keys");
if (!keys.exists()) {
CommonUtils.writeObject(keys, AsymmetricCrypto.generateKeys());
}
//async
KeyPair secret = (KeyPair)CommonUtils.readObject(keys, (Object)null);
AsymmetricCrypto asymmetricCrypto = new AsymmetricCrypto(secret);
byte[] publicKey = asymmetricCrypto.exportPublicKey();
String base64encdePublickey = Base64.getEncoder().encodeToString(publicKey);
System.out.println(base64encdePublickey);
String pemBase64 = Base64.getMimeEncoder().encodeToString(publicKey);
System.out.println("-----BEGIN PUBLIC KEY-----");
System.out.println(pemBase64);
System.out.println("-----END PUBLIC KEY-----");
byte[] privateKey = asymmetricCrypto.privatekey.getEncoded();
String pemPrivateBase64 = Base64.getMimeEncoder().encodeToString(privateKey);
System.out.println("-----BEGIN PRIVATE KEY-----");
System.out.println(pemPrivateBase64);
System.out.println("-----END PRIVATE KEY-----");
//String encryptedString = "bJ05deA6X2eea3xFWghY1NZYCoNZkAWzWadxOJuXfT5gPqCMDAh0ql+gYsixw5Ql/YJJXckBlosBTpBG5GVvSdCk4AlED3nhjtNtJY4fSGjHYVfsb3PFIAm54pr+5kkKN1JavqGD9agSR48m9Naf8aqbmbtlunm3QcoLnZMhAAM=";
String encryptedString = "e3tLcyMIYruGkoanGBemH+fmF5R1vZmvGyAgv6FsvMACivua63hHU4aEqjifsrEt8Ob4L2d4+X7q9H6s/jRlLq0v6gBkrIKBNXGh4FCEJv8XkzYYffXWpdWwo9cQC2JDy+hulsOVbmce73s4YyRR4CXJDEvGdXq9PpYdqijEWwA=";
byte[] decryptedBytes = asymmetricCrypto.decrypt(Base64.getDecoder().decode(encryptedString));
System.out.println(new String(decryptedBytes, "utf-8"));
String data = bString(decryptedBytes);
String key = data.substring(0,16);
String charset_ansi = data.substring(16, 18);
String charset_oem = data.substring(18, 20);
String onlineinfo = data.substring(20);
//System.out.println(onlineinfo);
//57236 17928 6.2 172.28.0.1 SKULLDEV DarkRay 1 0
//id pid osversion internalIP hostname username isOS64bit currentProcessBit(1=x64,0=x86)
//sync
//origin length 64 bytes and raw input is "shell whoami"
String encodedEncrypted = "CSiNFTW0ae2mwJSyzukEhNb7VNpXOSF0B11UPO0RqBvIec1mwWBsuCcy9icpMQ/r8qU8vdzYHEDiNRcOfs1smg==";
QuickSecurity quickSecurity = new QuickSecurity();
quickSecurity.registerKey("1",CommonUtils.toBytes(key));
byte[] syncDecryptedBytes = quickSecurity.decrypt("1",Base64.getDecoder().decode(encodedEncrypted));
System.out.println(new String(syncDecryptedBytes, "utf-8"));
} catch (Exception var3) {
MudgeSanity.logException("generate beacon asymmetric keys", var3, false);
}
}
}
Raw
CobaltStrike Keytool
/* convert java keystore to pem jdk8*/
import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.util.Base64;
import java.util.Enumeration;
public class Main {
public static void Display(String keystorefile,String alias,String keystorepass,String keypass) throws Exception {
FileInputStream is = new FileInputStream(keystorefile);
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(is, keystorepass.toCharArray());
Key key = keystore.getKey(alias, keypass.toCharArray());
if (key instanceof PrivateKey) {
// Get certificate of public key
Certificate cert = keystore.getCertificate(alias);
// Get public key
PublicKey publicKey = cert.getPublicKey();
// Return a key pair
new KeyPair(publicKey, (PrivateKey) key);
byte[] encodedPublicKey = publicKey.getEncoded();
String b64PublicKey = Base64.getMimeEncoder().encodeToString(encodedPublicKey);
String publicKeyString = "-----BEGIN CERTIFICATE-----\n"
+ b64PublicKey
+ "\n-----END CERTIFICATE-----";
System.out.println(publicKeyString);
}
}
public static void main(String[] argv) throws Exception {
System.out.println("Keystore: " + argv[0]);
System.out.println("Keystore Password: " + argv[1]);
System.out.println("Key Password: " + argv[1]);
String alias = "Unknown";
if ( argv.length == 3) {
alias = argv[2];
} else {
/*
Enumeration enumeration = keystore.aliases();
while(enumeration.hasMoreElements()) {
alias = (String)enumeration.nextElement();
Display(argv[0],alias,argv[1],argv[1]);
}
*/
}
System.out.println("Alias(default is Unknown): " + alias);
Display(argv[0],alias,argv[1],argv[1]);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment