从字符串中解析私钥并rsa解密

Parse RSA public and private key pair from string in Java

逆向某APP,发现其大部分配置文件都是加密的 。所以逆向算法并解密

image.png
image.png
image.png
image.png
image.png

RSA和AES密钥 可以分析WTDefine发现,WTDefine是一个单例模式的加密。所以我们找到初始化的那个地方就行

image.png
image.png

写个java

import java.util.Base64;
import java.util.Scanner;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import java.security.PrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.security.InvalidAlgorithmParameterException;

public class decodeRSA{

    public static void main(String[] args) throws InvalidKeySpecException, InvalidAlgorithmParameterException, BadPaddingException, NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, IllegalBlockSizeException {
        
        Scanner myObj = new Scanner(System.in);  
        System.out.println("Enter cipher text");
    
        String Data = myObj.nextLine();  
        SecretKeySpec localSecretKeySpec = new SecretKeySpec("WTSecret81234512".getBytes(), "AES");
        IvParameterSpec localIvParameterSpec = new IvParameterSpec("16-Bytes--String".getBytes());
        Cipher aes  = Cipher.getInstance("AES/CBC/PKCS5Padding");
        aes.init(2, localSecretKeySpec, localIvParameterSpec);
        byte[] encrypted = aes.doFinal(Base64.getDecoder().decode(Data));

        String PrivateKey = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOBsk4ECF5AEDYJiglWl1gYS0a3q8Fv6ayfqS5v/bUdL8KKk365FRmRNV17H9qYWZgtipBBMrcDOIFUGdazPTmOXKKbMqs29mmtWwXI06bpQsfXH+XNH/dOP/lRys3WBMTx441a1hD2euLLX71GsyR6bhqmzitY6G7LeZerw+l87AgMBAAECgYA4HY4IbQB9RzYliwIx7kSEwkHhreQp64TNtzzupcCqWieyU22GwtWmENyu22sl/mXHpQOG+9VaZ3AYMoRMEI31yvUEFgQhqKVmQiYzhLP0eZFPZIrVf5SPmPcbU3+vNCQTEB6eO1XvORLWUGoEgdtVPmBSTX6/KiHuKWGvCS4FmQJBAPzaYqGUfmWOmRgAfBE7w1qRIDyq2evlDLzdqguGTpo0NkR6nxEYihGNb5zYypd6JpERvtf+Qycb++ZygzAY2McCQQDjN50OysQvdX2shfo73u/0XcbYlhHYyrHGAnanLhwMMirl6awxJHCoRcBwNrXjne/v/+WghySwp/Hn8MY0/9ntAkEA89QsVKB7mrd+DlU5Tu0Qn19fdOFUsFP6io4/Ekn7tlwvEK4mgjflvLNlNB0ikBws4Kv6GxOH8kjcCwfWViU/tQJBAJyFgQHhmEgBLbOdD4YSy0WRHBuzNVQcPV5j8Ay2bMfR/08mK2Im8hxZAHnMlnvYHqM7qplsv0+aQcA/UqrL3PkCQFqjDjFS9v9EBEkrD3MZxhQABeF2bxChmdGVsxrfRMWzQuIIxv95F9GforezYJ0jC/8EJNicNl3xKmAJAkfCmDU=";
        KeyFactory kf = KeyFactory.getInstance("RSA");
        PKCS8EncodedKeySpec keySpecPKCS8 = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(PrivateKey));
        PrivateKey privKey = kf.generatePrivate(keySpecPKCS8);
        String tmpstr = new String(encrypted);
        tmpstr = tmpstr.replaceAll("\n", "").replaceAll("\r", "");

        String[] ciphertexts = tmpstr.split(",");
        for(String ciphertext : ciphertexts){
            byte[] decoded = Base64.getDecoder().decode(ciphertext);
            Cipher localCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            localCipher.init(2, privKey);
            byte[] dectyptedText = localCipher.doFinal(decoded);

            System.out.println(new String(dectyptedText));
        }
        
    }
}

推荐阅读更多精彩内容