Created
January 10, 2024 22:15
-
-
Save HackingLZ/f416d4eca4fb044752fce6746b52f778 to your computer and use it in GitHub Desktop.
Parser for tweet https://twitter.com/banthisguy9349/status/1745039649750360459
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://twitter.com/banthisguy9349/status/1745039649750360459 | |
| import argparse | |
| import base64 | |
| import codecs | |
| from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes | |
| from cryptography.hazmat.backends import default_backend | |
| from os import urandom | |
| import urllib.request | |
| import hashlib | |
| import re | |
| encoding_rules = { | |
| 'a': '玛卡巴卡轰', | |
| 'b': '阿巴雅卡轰', | |
| 'c': '伊卡阿卡噢轰', | |
| 'd': '哈姆达姆阿卡嗙轰', | |
| 'e': '咿呀呦轰', | |
| 'f': '玛卡雅卡轰', | |
| 'g': '伊卡阿卡轰', | |
| 'h': '咿呀巴卡轰', | |
| 'i': '达姆阿卡嗙轰', | |
| 'j': '玛卡巴卡玛卡巴卡轰', | |
| 'k': '玛卡巴卡玛卡巴卡玛卡巴卡轰', | |
| 'l': '玛卡巴卡玛卡巴卡玛卡巴卡玛卡巴卡轰', | |
| 'm': '阿巴雅卡阿巴雅卡轰', | |
| 'n': '阿巴雅卡阿巴雅卡阿巴雅卡轰', | |
| 'o': '阿巴雅卡阿巴雅卡阿巴雅卡阿巴雅卡轰', | |
| 'p': '伊卡阿卡噢伊卡阿卡噢轰', | |
| 'q': '伊卡阿卡噢伊卡阿卡噢伊卡阿卡噢轰', | |
| 'r': '伊卡阿卡噢伊卡阿卡噢伊卡阿卡噢伊卡阿卡噢轰', | |
| 's': '哈姆达姆阿卡嗙哈姆达姆阿卡嗙轰', | |
| 't': '哈姆达姆阿卡嗙哈姆达姆阿卡嗙哈姆达姆阿卡嗙轰', | |
| 'u': '哈姆达姆阿卡嗙哈姆达姆阿卡嗙哈姆达姆阿卡嗙哈姆达姆阿卡嗙轰', | |
| 'v': '咿呀呦咿呀呦轰', | |
| 'w': '咿呀呦咿呀呦咿呀呦轰', | |
| 'x': '咿呀呦咿呀呦咿呀呦咿呀呦轰', | |
| 'y': '咿呀呦咿呀呦咿呀呦咿呀呦咿呀呦轰', | |
| 'z': '玛卡雅卡玛卡雅卡轰', | |
| 'A': '玛卡雅卡玛卡雅卡玛卡雅卡轰', | |
| 'B': '玛卡雅卡玛卡雅卡玛卡雅卡玛卡雅卡轰', | |
| 'C': '伊卡阿卡伊卡阿卡轰', | |
| 'D': '伊卡阿卡伊卡阿卡伊卡阿卡轰', | |
| 'E': '伊卡阿卡伊卡阿卡伊卡阿卡伊卡阿卡轰', | |
| 'F': '咿呀巴卡咿呀巴卡轰', | |
| 'G': '咿呀巴卡咿呀巴卡咿呀巴卡轰', | |
| 'H': '咿呀巴卡咿呀巴卡咿呀巴卡咿呀巴卡轰', | |
| 'I': '咿呀巴卡咿呀巴卡咿呀巴卡咿呀巴卡咿呀巴卡轰', | |
| 'J': '达姆阿卡嗙达姆阿卡嗙轰', | |
| 'K': '达姆阿卡嗙达姆阿卡嗙达姆阿卡嗙轰', | |
| 'L': '达姆阿卡嗙达姆阿卡嗙达姆阿卡嗙达姆阿卡嗙轰', | |
| 'M': '达姆阿卡嗙达姆阿卡嗙达姆阿卡嗙达姆阿卡嗙达姆阿卡嗙轰', | |
| 'N': '巴卡巴卡轰', | |
| 'O': '巴卡巴卡巴卡巴卡轰', | |
| 'P': '巴卡巴卡巴卡巴卡巴卡巴卡轰', | |
| 'Q': '巴卡巴卡巴卡巴卡巴卡巴卡巴卡巴卡轰', | |
| 'R': '巴卡巴卡巴卡巴卡巴卡巴卡巴卡巴卡巴卡巴卡轰', | |
| 'S': '呀呦轰', | |
| 'T': '呀呦呀呦轰', | |
| 'U': '呀呦呀呦呀呦轰', | |
| 'V': '呀呦呀呦呀呦呀呦轰', | |
| 'W': '呀呦呀呦呀呦呀呦呀呦轰', | |
| 'X': '达姆阿卡轰', | |
| 'Y': '达姆阿卡达姆阿卡轰', | |
| 'Z': '达姆阿卡达姆阿卡达姆阿卡轰', | |
| '0': '达姆阿卡达姆阿卡达姆阿卡达姆阿卡轰', | |
| '1': '达姆阿卡达姆阿卡达姆阿卡达姆阿卡达姆阿卡轰', | |
| '2': '玛巴轰', | |
| '3': '玛巴玛巴轰', | |
| '4': '玛巴玛巴玛巴轰', | |
| '5': '玛巴玛巴玛巴玛巴轰', | |
| '6': '巴卡玛巴轰', | |
| '7': '巴卡玛巴巴卡玛巴轰', | |
| '8': '巴卡玛巴巴卡玛巴巴卡玛巴轰', | |
| '9': '巴卡玛巴巴卡玛巴巴卡玛巴巴卡玛巴轰', | |
| '=': '妈个巴子轰', | |
| '/': '妈个巴卡轰', | |
| '+': '妈个巴达轰', | |
| } | |
| def decodemaba(miwen): | |
| mingwen='' | |
| # print(f'密文{miwen}') | |
| result = re.split(r'(?<=轰)', miwen) | |
| # print(result) | |
| for it in result: | |
| for key,val in encoding_rules.items(): | |
| if it==val: | |
| # print("找到明文密码") | |
| # print(key) | |
| mingwen = str(mingwen)+str(key) | |
| return mingwen | |
| def decrypt(encrypted_text, key): | |
| key = hashlib.sha256(key.encode('utf-8')).digest()[:16] | |
| encrypted_data = base64.b64decode(encrypted_text.encode('utf-8')) | |
| iv = encrypted_data[:16] | |
| cipher = Cipher(algorithms.AES(key), modes.CFB(iv), backend=default_backend()) | |
| decryptor = cipher.decryptor() | |
| decrypted_text = decryptor.update(encrypted_data[16:]) + decryptor.finalize() | |
| decrypted_text = decrypted_text.rstrip(b"\0") | |
| return decrypted_text.decode('utf-8') | |
| def process_shellcode(shellcode, key="admin", output_file_path="shellcode.bin"): | |
| shellcode = shellcode.strip() | |
| shellcode = shellcode.decode("gbk") | |
| shellcode = decodemaba(shellcode) | |
| for _ in range(5): | |
| shellcode = decrypt(encrypted_text=shellcode, key=key) | |
| shellcode = shellcode.replace("dashabi", '') | |
| shellcode = base64.b64decode(shellcode) | |
| shellcode = codecs.escape_decode(shellcode)[0] | |
| write_to_file(shellcode, output_file_path) | |
| def fetch_shellcode_from_url(url): | |
| response = urllib.request.urlopen(url) | |
| return response.read() | |
| def read_shellcode_from_file(file_path): | |
| with open(file_path, 'rb') as file: | |
| return file.read() | |
| def write_to_file(data, file_path): | |
| with open(file_path, "wb") as file: | |
| file.write(data) | |
| def main(): | |
| parser = argparse.ArgumentParser(description="Process shellcode from a URL or file") | |
| parser.add_argument('-u', '--url', type=str, help="URL to fetch shellcode from") | |
| parser.add_argument('-i', '--input', type=str, help="File path to read shellcode from") | |
| parser.add_argument('-o', '--output', type=str, default="shellcode.bin", help="Output file path (default: shellcode.bin)") | |
| args = parser.parse_args() | |
| shellcode = "" | |
| if args.url: | |
| shellcode = fetch_shellcode_from_url(args.url) | |
| elif args.input: | |
| shellcode = read_shellcode_from_file(args.input) | |
| else: | |
| print("Please provide a URL or an input file path.") | |
| return | |
| process_shellcode(shellcode, output_file_path=args.output) | |
| if __name__ == "__main__": | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment