破解CS4.0
- 将cobaltstrike.jar和CrackSleeve.java放一起
- 编译(
javac -encoding UTF-8 -classpath cobaltstrike.jar CrackSleeve.java
) - 解密文件(
java -classpath cobaltstrike.jar;./ CrackSleeve decode
) - 自定义16位字符串加密文件(
java -classpath cobaltstrike.jar;./ CrackSleeve encode CustomizeString
) - 将解密后的sleeve文件夹替换jar包中的文件夹
UseAge: CrackSleeve OPTION [key]
Options:
decode Decode sleeve files
encode Encode sleeve files
key Customize key string for encode sleeve files
有些字节是不可见的被当做key,为了方便传参,使用base64 或者 hex
public static byte[] hex2bytes(String var0) {
int var1 = var0.length();
byte[] var2 = new byte[var1 / 2];
for(int var3 = 0; var3 < var1; var3 += 2) {
var2[var3 / 2] = (byte)((Character.digit(var0.charAt(var3), 16) << 4) + Character.digit(var0.charAt(var3 + 1), 16));
}
return var2;
}
原
// CustomizeKey = CustomizeKeyStr.substring(0,16).getBytes();
修改后:
CustomizeKey = hex2bytes(CustomizeKeyStr.substring(0,32));
$ java -cp cobaltstrike.jar:. CrackSleeve encode
[-] Please enter key.
[-] Example:
[*] Random_Keys= [4, -7, -40, -75, 75, -18, 6, -82, 0, -68, -29, 36, 109, -37, -99, 36]
[*] Random_Keys Hash =>> 04f9d8b54bee06ae00bce3246ddb9d24
[*] $ java -cp cobaltstrike.jar:. CrackSleeve encode 04f9d8b54bee06ae00bce3246ddb9d24