-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdecryption.py
175 lines (154 loc) · 5.32 KB
/
decryption.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
import os,sys
import string
import base64
import fileinput
FIRST_PHASE = "OQTJEqtsK0AUB9YXMwr8idozF7VWRPpnhNCHI6Dlkaubyxf5423jvcZ1LSGmge"
SECOND_PHASE = "PqOwI1eUrYtT2yR3p4E5o6WiQu7ASlDkFj8GhHaJ9sKdLfMgNzBx0ZcXvCmVnb"
global FULL_KEY
FULL_KEY= ""
def sub_1_for_hex(str_input):
str_output = ""
for letter in str_input:
try:
str_output += chr(ord(letter)-1)
except:
print "sub_1_for_hex func problem"
continue
return str_output
def sum_comp_name(comp_name):
sum = 0
for letter in comp_name:
sum+= ord(letter)
return sum
def init_key(comp):
comp_name_sum = sum_comp_name(comp)
carry = divmod(comp_name_sum, 62)
index = carry[1] -1
end_key = FIRST_PHASE[:index]
key = FIRST_PHASE[index:]
key = key + end_key
key = key + key
return key
def decrypt(num_list,offset):
global FULL_KEY
input = ""
for num_str in num_list:
try:
input += num_str.decode('hex')
except:
input += ')'
result = ""
for i, c in enumerate(input):
i = i % 62 +1
try:
index = FULL_KEY.index(c)-1
except ValueError:
result += c
continue
translated = SECOND_PHASE[(index - i +offset) % len(SECOND_PHASE)]
result += translated
return result
def found_infy_enc_data(line):
found_infy_str = "show=\"---------- Administration Reporting Service "
found_infy_index = line.find(found_infy_str)
if not found_infy_index==-1:
return True,found_infy_index
else:
return False,found_infy_index
def extract_comp_name(line):
comp = r"\xd\xa-----"
comp_index = line.find(comp)
comp_name = line[comp_index+len(comp):]
comp_name = comp_name[:comp_name.find("-----")]
print "(((=)))" + comp_name
return comp_name
def extract_enc_data(line):
header = r"\xd\xa_____"
start_index = line.find(header)+len(header)
line = line[start_index:]
endindex = line.index("_____\" value=")
line = line[:endindex]
return line
def write_enc_infy_data_to_file(dec_line,comp_name,filename):
file1 = open(filename + "\\" + comp_name + ".txt",'ab')
file1.writelines(dec_line)
file1.close()
def enc_wrapper(enc,comp_name):
global FULL_KEY
print FULL_KEY
FULL_KEY = init_key(comp_name)
enc_final = ""
for letter in enc:
if len(hex(ord(letter))[2:])==1:
enc_final += "0" + hex(ord(letter))[2:]
elif len(hex(ord(letter))[2:])==2:
enc_final += hex(ord(letter))[2:]
else:
print "not good hex length"
exit()
enc = enc_final.upper()
enc = enc.replace("2E","21")
enc = enc.replace("C5DC5A","")
enc = enc.replace("D03D00","")
enc = enc.replace("0B0E","2121")
enc = enc.replace("01","21")
enc_len = len(enc)
enc_rev = ""
num_list = []
enc_print =""
for i in range(0,enc_len/2):
enc_rev = enc[-2:]
if not enc_rev=="0B" and not enc_rev=="0E" and not enc_rev=="00" and not enc_rev=="D0":
enc_print +=enc_rev
num_list.append(enc_rev)
enc= enc[:-2]
#the first part is always ok
dec_str = decrypt(num_list,0)
final = sub_1_for_hex(dec_str)
index = final.find("OK: Sent")
if index==-1:
print comp_name + " - did not found OK: Sent !!!!\n\n\n\n"
#exit()
decrypt_data = comp_name + " ++==++ " + str(i) + ": " + final + "\n"
final_start = final[0:500]
if final_start in UNIQUE_DATA:
print comp_name + " already have this data"
return
UNIQUE_DATA.append(final_start)
index = final.find("Installed Date:")
if index==-1:
for i in range(1,61):
dec_str = decrypt3(num_list,i)
final = sub_1_for_hex(dec_str)
##print all 62 options
index2 = final.find("PROGRAM START:")
index3 = final.find("Installed Date:")
if not index2 ==-1 or not index3 ==-1:
decrypt_data += str(i) + ": " + final + "\n"
write_enc_infy_data_to_file(decrypt_data,comp_name,FILE_OUTPUT_NAME)
def read_enc_data_files():
for root,dir,files in os.walk(PDML_PATH):
for file in files:
filename = root+ "\\" + file
if os.path.isfile(filename):
print filename
for line in fileinput.input([filename]):
line = line.strip()
is_found,found_infy_index= found_infy_enc_data(line)
if not is_found:
continue
line = line[found_infy_index:]
#get computer name (for use in init_key() later)
comp_name = extract_comp_name(line)
UNIQUE_COMP.append(comp_name)
#get the infy encrypted data
line = extract_enc_data(line)
#base64 decode enc_data
dec_line = line.decode('base64')
#append enc_data to file
write_enc_infy_data_to_file(dec_line,comp_name,FILE_ENC_OUTPUT_NAME)
enc_wrapper(dec_line,comp_name)
try:
read_enc_data_files()
except:
print "exception!!!!"