废话不说上代码,有耐心有需求的自己看吧。
#include <windows.h>
#include <string>
#include "openssl/ssl.h"
#include "openssl/md5.h"
#include <openssl/crypto.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "zlib.h"
#include "zconf.h"
#pragma comment(lib,"zlib.lib")
using namespace std;
typedef void (WINAPI* PMD5Init)(MD5_CTX *);
typedef void (WINAPI* PMD5Update)(MD5_CTX *, UINT8 *, UINT32);
typedef void (WINAPI* PMD5Final)(MD5_CTX *);
PMD5Init MD5Init = NULL;
PMD5Update MD5Update = NULL;
PMD5Final MD5Final = NULL;
int get_index_in_base64(char c)
{
char* base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
for (int iChar = 0; iChar < 64; iChar++)
{
if (base64[iChar] == c)
{
return iChar;
}
}
return 0;
}
void decrypt_eor(unsigned char* src, int slen, unsigned char** dst, int* dlen)
{
unsigned char encrypt[] = "...webgiswebgiswebgiswebgiswebgiswebgis";
MD5_CTX md5;
MD5Init(&md5);
encrypt[0] = src[slen-3];
encrypt[1] = src[slen-2];
encrypt[2] = src[slen-1];
unsigned char decrypt[16];
MD5Update(&md5,encrypt,strlen((char *)encrypt));
//MD5Final(&md5,decrypt);
MD5Final(&md5);
char decstr[33] = {0};
for(int i=0;i<16;i++)
{
sprintf(decstr+i*2,"%02X",decrypt[i]);
}
for(int i = 0; i < 32; i++)
{
if((unsigned int)(decstr[i] - 65) <= 0x19)
{
decstr[i] += 32;
}
}
char* key = decstr;
*dst = (unsigned char*)malloc(slen);
*dlen = slen;
memcpy(*dst, src, slen);
int iChar = 0;
for ( iChar = 0; iChar < slen - 3; ++iChar )
{
(*dst)[iChar] ^= key[iChar & 0x1F] ^ iChar % 0x1E25 % 0xFF;
}
(*dst)[iChar-2] = 0;
}
void decrypt_base64(const char* src, int slen, char** dst, int* dlen)
{
char* ciphertextCopy = strdup(src);
char* deleted = ciphertextCopy;
*dlen = slen / 4 * 3;
*dst = (char*)malloc(*dlen);
memset(*dst, 0, *dlen);
char* plaintext = *dst;
for (int iLen = 0; iLen < slen; iLen += 4)
{
/*
从 ciphertextCopy[iLen] 到 ciphertextCopy[iLen+3]的4个字节中提取
明文的3个字节
*/
ciphertextCopy[0] = 63 - get_index_in_base64(ciphertextCopy[0]);
// 获取第一个明文字节的高6位
plaintext[0] = ciphertextCopy[0] << 2;
// 获取第一个明文字节低2位 和 第二个明文字节的高4位
ciphertextCopy[1] = 63 - get_index_in_base64(ciphertextCopy[1]);
plaintext[0] += ciphertextCopy[1] >> 4;
// 这种情况下不包含第二个明文字节,故退出
if (ciphertextCopy[2] == 46)
{
*dlen -= 2;
ciphertextCopy += 4;
plaintext += 3;
continue;
}
plaintext[1] = ciphertextCopy[1] << 4;
// 获取第二个明文字节低4位 和 第三个明文字节的高2位
ciphertextCopy[2] = 63 - get_index_in_base64(ciphertextCopy[2]);
plaintext[1] += ciphertextCopy[2] >> 2;
// 这种情况下不包含第三个明文字节,故退出
if (ciphertextCopy[3] == 46)
{
*dlen -= 1;
ciphertextCopy += 4;
plaintext += 3;
continue;
}
plaintext[2] = ciphertextCopy[2] << 6;
// 获取第三个明文字节的低6位
ciphertextCopy[3] = get_index_in_base64(ciphertextCopy[3]);
plaintext[2] += ~ciphertextCopy[3] & 0x3F;
ciphertextCopy += 4;
plaintext += 3;
}
free(deleted);
}
// string decrypt_baidumap(const string& sciphertext, const string &tp)
// {
// int len = 0;
//
// char* ciphertext = 0;
// decrypt_base64(sciphertext.c_str(), sciphertext.size(), &ciphertext, &len);
//
// char* plantext = 0;
// decrypt_eor((unsigned char*)ciphertext, len, (unsigned char**)&plantext, &len);
//
// string splaintext;
// if (tp == "4")
// {
// Decompress dc;
// splaintext = dc.De1f8b((unsigned char *)plantext, len);
// }
//
// if (tp == "3")
// {
// splaintext = plantext;
// }
//
//
// free(ciphertext);
// free(plantext);
//
// return splaintext;
// }
// string imsi15(const string &imsi14)
// {
// string imsi;
// if (imsi14.length() == 14)
// {
// int cnt;
// for (int i = 0; i < 14; i++)
// {
// char c = imsi14[i];
// if (i % 2 == 0)
// {
// int odd = atoi(&c);
// cnt += odd;
// }
// else
// {
// int even = atoi(&c);
// int even1 = even / 10;
// int even2 = even % 10;
// cnt += even1 + even2;
// }
// }
//
// int check_bit = 0;
// if (cnt % 10 == 0)
// {
// check_bit = 0;
// }
// else
// {
// check_bit = 10 - (cnt % 10);
// }
//
// stringstream ss;
// ss<<imsi14<<check_bit;
// imsi = ss.str();
// }
// return imsi;
// }
// string reverse_string(const string &src)
// {
// string retval;
// stringstream ss;
// for (string::const_reverse_iterator riter = src.rbegin(); riter != src.rend(); ++riter)
// {
// ss<<(*riter);
// }
// retval = ss.str();
// return retval;
// }
int httpgzdecompress(Byte *zdata, uLong nzdata,
Byte *data, uLong *ndata)
{
int err = 0;
z_stream d_stream = {0}; /* decompression stream */
static char dummy_head[2] =
{
0x8 + 0x7 * 0x10,
(((0x8 + 0x7 * 0x10) * 0x100 + 30) / 31 * 31) & 0xFF,
};
d_stream.zalloc = (alloc_func)0;
d_stream.zfree = (free_func)0;
d_stream.opaque = (voidpf)0;
d_stream.next_in = zdata;
d_stream.avail_in = 0;
d_stream.next_out = data;
if(inflateInit2(&d_stream, 47) != Z_OK) return -1;
while (d_stream.total_out < *ndata && d_stream.total_in < nzdata) {
d_stream.avail_in = d_stream.avail_out = 1; /* force small buffers */
if((err = inflate(&d_stream, Z_NO_FLUSH)) == Z_STREAM_END) break;
if(err != Z_OK )
{
if(err == Z_DATA_ERROR)
{
d_stream.next_in = (Bytef*) dummy_head;
d_stream.avail_in = sizeof(dummy_head);
if((err = inflate(&d_stream, Z_NO_FLUSH)) != Z_OK)
{
return -1;
}
}
else return -1;
}
}
if(inflateEnd(&d_stream) != Z_OK) return -1;
*ndata = d_stream.total_out;
return 0;
}
/* Uncompress gzip data */
int gzdecompress(Byte *zdata, uLong nzdata,
Byte *data, uLong *ndata)
{
int err = 0;
z_stream d_stream = {0}; /* decompression stream */
static char dummy_head[2] =
{
0x8 + 0x7 * 0x10,
(((0x8 + 0x7 * 0x10) * 0x100 + 30) / 31 * 31) & 0xFF,
};
d_stream.zalloc = (alloc_func)0;
d_stream.zfree = (free_func)0;
d_stream.opaque = (voidpf)0;
d_stream.next_in = zdata;
d_stream.avail_in = 0;
d_stream.next_out = data;
if(inflateInit2(&d_stream, -MAX_WBITS) != Z_OK) return -1;
//if(inflateInit2(&d_stream, 47) != Z_OK) return -1;
while (d_stream.total_out < *ndata && d_stream.total_in < nzdata) {
d_stream.avail_in = d_stream.avail_out = 1; /* force small buffers */
if((err = inflate(&d_stream, Z_NO_FLUSH)) == Z_STREAM_END) break;
if(err != Z_OK )
{
if(err == Z_DATA_ERROR)
{
d_stream.next_in = (Bytef*) dummy_head;
d_stream.avail_in = sizeof(dummy_head);
if((err = inflate(&d_stream, Z_NO_FLUSH)) != Z_OK)
{
return -1;
}
}
else return -1;
}
}
if(inflateEnd(&d_stream) != Z_OK) return -1;
*ndata = d_stream.total_out;
return 0;
}
string decrypt_baidumap(const string& sciphertext, const string &tp)
{
int len = 0;
char* ciphertext = 0;
decrypt_base64(sciphertext.c_str(), sciphertext.size(), &ciphertext, &len);
char* plantext = 0;
decrypt_eor((unsigned char*)ciphertext, len, (unsigned char**)&plantext, &len);
string splaintext;
unsigned long iLen = 0x10000;
if (tp == "4")
{
//Decompress dc;
//splaintext = dc.De1f8b((unsigned char *)plantext, len);
gzdecompress((Byte*)plantext,len,(Byte*)splaintext.c_str(),&iLen);
}
if (tp == "3")
{
splaintext = plantext;
}
free(ciphertext);
free(plantext);
return splaintext;
}
int __stdcall WinMain( __in HINSTANCE hInstance, __in_opt HINSTANCE hPrevInstance, __in LPSTR lpCmdLine, __in int nShowCmd )
{
HINSTANCE hDll = LoadLibraryA("advapi32.dll");
MD5Init = (PMD5Init)GetProcAddress(hDll,"MD5Init");
MD5Update = (PMD5Update)GetProcAddress(hDll,"MD5Update");
MD5Final = (PMD5Final)GetProcAddress(hDll,"MD5Final");
char * pData = "gRbEns3Jy8CWxsGUjf9O-Ncj9-czhQt7Oi-IvebO5thlk_cOhsm4llfTPW1Y_ZsSCl0nF8rxunDjVTAFCm1DOFRSdYC65IPtxYjFgrr816I1Oe6m_D61_gyDhgoG7ZK2dJZglXufCaMVB_kopIo45b8sXp_RxvOKlee26xbGXDAoIAH5CnAY2Q00ncJlCNaq0fdJerA-TQKwTBdUiY-OQ7U-3XG7zm2ENOWTF7SkGWEbf4kiVzbP6veO1Hd_j8L4ZoXowkk5qqfov57yD-DA1dsCfoi29SkBWCxeL2qKH9N2wOn2rCSSxPu1BvMB_GRJu9oZvzJuXGttZvLwtLpe14LFIuCEjqO0aLuv_t4ly6gETivaLHVArrCBvaKiLMTmkob1jLpGzKquP9jdfWwzgULRJCUuiDr_YnwQ3aveqfHqiHorFutfTKiZxF8wOOtIxVNaBsvxbquwrPptVToJ6PhW51Q7hhUDjzjaWDBs8FQNAWZ8JTTY8h791hs-PrBQnKj1ZpR3Jj_I8O0hiCoTdSD-aw6WUcEV1NWMbEjvLl7hAAfxMgIfhcQTj68WjPn4wfBH65JVGmL3ZSIO4AKMEYri6VSuUKTWHpUpzweG_WdcbWhggfxBvdKPHLPsrSL0vlmzNvH59liSelrSdahrj0z_5-k5MGmv3h-sdv..";
string strdata(pData);
string num("4");
decrypt_baidumap(strdata,num);
return 0;
}
1715
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
