Skip to content

Instantly share code, notes, and snippets.

@morimolymoly

morimolymoly/get_c2_from_xloader_2021-02-06.java

Last active February 6, 2021 11:04
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save morimolymoly/746ba3c7566793a95d592e254d301d9f to your computer and use it in GitHub Desktop.
Save morimolymoly/746ba3c7566793a95d592e254d301d9f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
get_c2_from_xloader_2021-02-06.java
import java.beans.beancontext.BeanContext;
import java.security.Key;
import java.security.SecureRandom;
import java.security.AlgorithmParameters;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.SecretKey;
import java.util.Arrays;
import java.util.Base64;
import java.util.Random;
public class getc3 {
public static void main(String[] args) {
try {
byte[] b64e = "woztxebZIaOjNbHBWXq877npuwlRaTZe".getBytes("UTF-8");
byte[] b = Base64.getDecoder().decode(b64e);
Cipher c = Cipher.getInstance("DES/CBC/PKCS5Padding");
byte[] kagi = "Ab5d1Q32".getBytes("UTF-8");
DESKeySpec dk = new DESKeySpec(kagi);
SecretKeyFactory kf = SecretKeyFactory.getInstance("DES");
SecretKey sk = kf.generateSecret(dk);
SecureRandom random = new SecureRandom();
IvParameterSpec ap = new IvParameterSpec(kagi);
c.init(Cipher.DECRYPT_MODE, sk, ap, random);
byte[] decoded = c.doFinal(b);
String result = new String(decoded, "UTF-8");
System.out.println(result);
} catch (Exception e) {
System.out.println(e);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment