这里的任何人都可以帮助我解密保护本主题末尾链接的LUA脚本的SSL加密吗?基本上,它们是用Base64和SSL编码的,但是我不知道如何处理SSL部分。它们与一个名为Bot of Legends的程序一起使用,有人告诉我可以通过转储该程序的解密功能并使用它来获取SSL密钥来破坏加密,但是我不知道从哪里开始。那。基本上,这些脚本通过连接到编码为脚本的身份验证服务器来工作,而我自己通过从网络数据包嗅探到其身份验证服务器的流量以获取其服务器链接,从而获得了自己的一些信息,并使用以下方法创建了自己的身份验证服务器:然后,Apache从脚本将进入其服务器的网络流量重定向到我自己的网络流量,以获取脚本验证的响应。对于某些具有更强加密功能的脚本,它并不是那么容易,我将不得不获取源代码以删除运行身份验证服务器检查的代码。直到几天前,我还不知道lua编码是如何工作的,甚至还不知道如何通过lua混淆对简单文本文件中的编码进行身份验证服务器检查。所以,请允许我,如果有人可以鸣叫,让我对我的工作有所了解,请允许我。
问候,
克里斯
*** PasteBin链接到原始格式的问题脚本:http://pastebin.com/raw.php?i=bG0VqQGW
首先是Base64部分,底部是SSL部分。
最佳答案
print("SSL Decoder version 2.0")
print("Copyright (C) 2015")
print("Decoding Started...")
local infilename = select(1,...)
local outfilename = select(2,...)
local infile = io.open(infilename, "r")
if not infile then
error("Failed to open input file.")
end
local intext = infile:read("*a")
infile:close()
local ssltabletext = intext:match("SSL%s*%(%s*%{([%s,0-9]*)%}%s*%)")
if not ssltabletext then
error("Could not find ssl table in source file.")
end
local ssltable = load("return {"..ssltabletext.."}")()
if #ssltable < 255 then
error("SSL table is too short -- can't find table encryption key.")
end
-- find decryption key for the ssl table
local decrypt = {}
decrypt[0] = 0
for i = 1,255 do
local dec = i
local enc = ssltable[i]
assert(decrypt[enc] == nil)
decrypt[enc] = dec
end
-- decrypt ssl table
for i = 256, #ssltable - 256 do -- not sure what last 256 bytes are
ssltable[i] = decrypt[ssltable[i] ]
end
-- If this does a stack overflow, easy to change to something dumb but more robust
local sslcode = string.char(table.unpack(ssltable, 256, #ssltable - 256))
-- This is interesting --
--print(sslcode)
local keyindex = sslcode:match("local Key%s*=%s*'()")
if not keyindex then
error("Could not find key in decoded ssl table.")
end
local key = sslcode:sub(keyindex)
local length = 0
while true do
local c = key:sub(length+1, length+1)
if c == "" then
error("Key string was not terminated.")
elseif c == "'" then
break
elseif c == "\\" then
local c2 = key:sub(length+2, length+2)
if c2:match("%d") then
local c3 = key:sub(length+3, length+3)
if c3:match("%d") then
local c4 = key:sub(length+4, length+4)
if c4:match("%d") then
length = length + 4
else
length = length + 3
end
else
length = length + 2
end
elseif c2 == "x" then
length = length + 4
else
length = length + 2
end
else
length = length + 1
end
end
key = key:sub(1, length)
if #key == 0 then
error("Key is empty")
end
print("Key Found! > " .. key)
print("Decoding finished, outfile is at > " .. outfilename)
-- find base64
local b64 = intext:match("_G.ScriptCode%s*=%s*Base64Decode%s*%(%s*\"([a-zA-Z0-9/+]*=*)\"%s*%)")
if not b64 then
error("Could not find Base-64 encrypted code in source file.")
end
-- base64 decode
local b64val = {}
for i = 0, 25 do
do
local letter = string.byte("A")
b64val[string.char(letter+i)] = i
end
do
local letter = string.byte("a")
b64val[string.char(letter+i)] = i + 26
end
end
for i = 0, 9 do
local numeral = string.byte("0")
b64val[string.char(numeral+i)] = i + 52
end
b64val["+"] = 62
b64val["/"] = 63
b64val["="] = 0
local encoded = b64:gsub("(.)(.)(.)(.)",function(a,b,c,d)
local n = b64val[a] * (64 * 64 * 64) + b64val[b] * (64 * 64) + b64val[c] * 64 + b64val[d]
local b1 = n % 256; n = (n - b1) / 256
local b2 = n % 256; n = (n - b2) / 256
local b3 = n
if d == "=" then
if c == "=" then
assert(b1 == 0 and b2 == 0)
return string.char(b3)
else
assert(b1 == 0)
return string.char(b3, b2)
end
else
return string.char(b3, b2, b1)
end
end)
-- decode
local decoded = encoded:gsub("()(.)", function(i, c)
local b = c:byte()
local ki = ((i - 1) % #key) + 1
local k = key:byte(ki,ki)
b = b - k
if b < 0 then b = b + 256 end
return string.char(b)
end)
-- verify
local result, err = load(decoded)
if not result then
error("Decoded file could not be loaded -- it may be corrupt... ("..tostring(err)..")")
end
-- output
local outfile = io.open(outfilename, "wb")
if not outfile then
error("Failed to open output file.")
end
outfile:write(decoded)
outfile:close()
此代码由极限编码器(https://reverseengineering.stackexchange.com/users/1413/extreme-coders)
如何使用它,你需要获取lua52.exe
将代码保存到文本文件中,并将其命名为ssl.lua(例如)
现在运行cmd并键入lua52 ssl yourscript.lua解密的script.lua
它会运行并解密。
关于ssl - 协助解密被Base64> SSL混淆的Lua脚本,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/31779624/