Upload files to "/"
This commit is contained in:
commit
76d513935f
1 changed files with 30 additions and 0 deletions
30
decoder_jaska_go.py
Normal file
30
decoder_jaska_go.py
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
#! /usr/bin/env python3
|
||||||
|
|
||||||
|
import sys
|
||||||
|
import pefile
|
||||||
|
import re
|
||||||
|
|
||||||
|
"""
|
||||||
|
Usage: cat <file> | python3 decoder_jaska_go.py
|
||||||
|
"""
|
||||||
|
|
||||||
|
binary_data = sys.stdin.buffer.read().decode("ISO-8859-1")
|
||||||
|
|
||||||
|
cert_regex = re.compile(r"\x2d\x2d\x42\x45\x47\x49\x4e\x20...\x00(?P<IP>([0-9]{1,3}\.){3}[0-9]{1,3})", re.DOTALL)
|
||||||
|
|
||||||
|
matches = cert_regex.search(binary_data)
|
||||||
|
print("IP", matches.group("IP"))
|
||||||
|
|
||||||
|
port_regex = re.compile(r"\x26\x5e\x3d\x76\x61\x72(?P<PORT>([0-9]{1,5}))\x6f\x70\x65\x6e", re.DOTALL)
|
||||||
|
matches = port_regex.search(binary_data)
|
||||||
|
print("PORT", matches.group("PORT"))
|
||||||
|
|
||||||
|
id_regex = re.compile(r"\x00\x00\x00\x00(?P<ID>[a-zA-Z0-9]{25})\x00\x00", re.DOTALL)
|
||||||
|
#matches = id_regex.search(binary_data)
|
||||||
|
#if matches:
|
||||||
|
# print(matches.group("ID"))
|
||||||
|
|
||||||
|
regkey_regex = re.compile(r"\x48\x4b\x4c\x4d(\\[A-Za-z0-9\-_\\]+)+", re.DOTALL)
|
||||||
|
matches = regkey_regex.findall(binary_data)
|
||||||
|
for match in matches:
|
||||||
|
print("HLKM REGKEY", match)
|
Loading…
Reference in a new issue