####################################################################### A simpl

1. ######################################################################
2. # A simple script written to find keywords and digits inside #
3. # blobs of hex data, used for some quick and dirty basic protocol #
4. # reverse-engineering. #
5. # #
6. # You can find a given string or digit inside a hex #
7. # in a blob of text. #
8. # Usage: ruby brute.rb <keys_to_find> <paste your hex> #
9. # #
10. # Multiple keys: #
11. # if you want to find multiple keys just use space seperated values #
12. # Usage: ruby brute.rb <key1> <key2> <keyn> <hex> #
13. # #
14. # Manual input: #
15. # If you want to type the keys but would like us to prompt you for #
16. # the hex data, simply write 'i' or 'input' as the last parameter. #
17. # Usage: ruby brute.rb <key1> <keyn> input #
18. # #
19. # #
20. # By: Andrés Colón (github.com/mindware) #
21. # Released under MIT License #
22. ######################################################################
23.  
24. require 'shellwords'
25. require 'colorize'
26.  
27. class String
28. def convert_base(from, to)
29. self.to_i(from).to_s(to)
30. end
31. end
32.  
33.  
34. if(ARGV.length < 2)
35. puts "Usage: ruby brute.rb <key1..keyn> < ('i'| 'input')> | \"<blob of text>\""
36. exit
37. end
38.  
39. text = ARGV.pop
40. keys = ARGV
41.  
42. # detect if user requested to input the data manually
43. if(text == "input" or text == "i")
44. text = ""
45. while(text.length == 0)
46. print "Enter your blob of text: "
47. text = STDIN.gets.chomp
48. end
49. end
50.  
51. index = {}
52. keys.each do |key|
53. index[key] = []
54. puts "Searching for #{key}"
55. (2..32).each do |i|
56. break if i > text.length
57. found = false
58. slice = text.chars.each_slice(i).map(&:join)
59. puts "Breaking by #{i} chars, result is #{slice.length} slices."
60. slice.each do |chunk|
61. # explicit check
62. word = chunk
63. if(word.include? key)
64. word = Shellwords.escape(word)
65. puts "--"
66. puts "Found (base): '#{key}'"
67. puts "'#{word}' in '#{chunk}'"
68. puts "Index starts at: #{text.index(chunk)}"
69. puts "--"
70. index[key] << [text.index(chunk), (text.index(chunk) + word.length - 1), word]
71. found = true
72. end
73. # convert chunk of hex to ascii
74. #word = chunk.gsub(/../) { |pair| pair.hex.chr }
75. word = chunk.convert_base(16, 10)
76. if(word.include? key)
77. word = Shellwords.escape(word)
78. puts "--"
79. puts "Found (base): '#{key}'"
80. puts "'#{word}' in '#{chunk}'"
81. puts "Index starts at: #{text.index(chunk)}"
82. puts "--"
83. index[key] << [text.index(chunk), (text.index(chunk) + word.length - 1), word]
84. found = true
85. end
86.  
87. # unpack hex
88. word = [chunk].pack("H*")
89. if(word.include? key)
90. word = Shellwords.escape(word)
91. puts "--"
92. puts "Found (unpack): '#{key}'"
93. puts "'#{word}' in '#{chunk}'"
94. puts "Index starts at: #{text.index(chunk)}"
95. puts "--"
96. index[key] << [text.index(chunk), (text.index(chunk) + word.length - 1), word]
97. found = true
98. break
99. end
100. end
101. break if found
102. end
103. end
104.  
105. if index.keys.length > 0
106. index.each do |key, values|
107. next if(index[key].length == 0)
108. puts "Result: "
109. puts "The string: #{key.red}"
110. values.each do |value|
111. puts "--".yellow
112. first = value[0]
113. last = value[1]
114. word = value[2]
115. puts "Converted: #{word.green}"
116. puts "Start: #{value[0]} End: #{value[1]}"
117. puts "#{text.gsub( text[(first)..(last)], text[(first)..(last)].red)}"
118. puts "--".yellow
119. end
120. end
121. end