Upload files to "/"
This commit is contained in:
commit
76d513935f
1 changed files with 30 additions and 0 deletions
30
decoder_jaska_go.py
Normal file
30
decoder_jaska_go.py
Normal file
|
@ -0,0 +1,30 @@
|
|||
#! /usr/bin/env python3
|
||||
|
||||
import sys
|
||||
import pefile
|
||||
import re
|
||||
|
||||
"""
|
||||
Usage: cat <file> | python3 decoder_jaska_go.py
|
||||
"""
|
||||
|
||||
binary_data = sys.stdin.buffer.read().decode("ISO-8859-1")
|
||||
|
||||
cert_regex = re.compile(r"\x2d\x2d\x42\x45\x47\x49\x4e\x20...\x00(?P<IP>([0-9]{1,3}\.){3}[0-9]{1,3})", re.DOTALL)
|
||||
|
||||
matches = cert_regex.search(binary_data)
|
||||
print("IP", matches.group("IP"))
|
||||
|
||||
port_regex = re.compile(r"\x26\x5e\x3d\x76\x61\x72(?P<PORT>([0-9]{1,5}))\x6f\x70\x65\x6e", re.DOTALL)
|
||||
matches = port_regex.search(binary_data)
|
||||
print("PORT", matches.group("PORT"))
|
||||
|
||||
id_regex = re.compile(r"\x00\x00\x00\x00(?P<ID>[a-zA-Z0-9]{25})\x00\x00", re.DOTALL)
|
||||
#matches = id_regex.search(binary_data)
|
||||
#if matches:
|
||||
# print(matches.group("ID"))
|
||||
|
||||
regkey_regex = re.compile(r"\x48\x4b\x4c\x4d(\\[A-Za-z0-9\-_\\]+)+", re.DOTALL)
|
||||
matches = regkey_regex.findall(binary_data)
|
||||
for match in matches:
|
||||
print("HLKM REGKEY", match)
|
Loading…
Reference in a new issue