Not so good Decryption Script

a guest Oct 3rd, 2018 43 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. def decrypt():
  3.     key_array = [0x0A, 0x19, 0x59, 0x2D, 0x6C, 0x59, 0x6F, 0xFA, 0x8B, 0x6F, 0x9B, 0xFF, 0x37, 0x9B, 0xBD, 0x7B, 0x59, 0x4B, 0x7B, 0xDD, 0x0F, 0x64, 0x91, 0xC7, 0xD6, 0x9C, 0x6F, 0x7B, 0x9C, 0x1, 0x9C, 0x91, 0x79, 0xC7, 0xC8, 0xC9, 0xDF, 0xE1, 0xFA, 0xFF, 0x4, 0x8, 0x59, 0xE6, 0x64, 0x6D, 0x37, 0x9B, 0x38, 0x81, 0x2D, 0x81, 0x65, 0x7D, 0x66, 0x9A, 0x6F, 0xBD, 0x65, 0x59, 0x4B, 0x2D, 0x1A, 0x63, 0x59, 0x7B, 0x65, 0x59, 0x59, 0x0B, 0x4E, 0x85, 0x8C, 0x91, 0x88, 0x59, 0x0C, 0x1, 0x4E, 0x3A, 0x0D, 0x58, 0x38, 0x16, 0x91, 0x57, 0x7E, 0x68, 0x6A, 0x55, 0x42, 0x55, 0x5D, 0xC5, 0x9E, 0x4E, 0x17, 0x3B, 0x0F, 0x42, 0x0, 0x0, 0x0, 0x0]
  6.     data_array = [0x41, 0x19, 0x0a, 0x2d, 0x20, 0x59, 0x5f, 0xfa, 0x81, 0x6f, 0xcf, 0xff, 0x61, 0x9b, 0xd8, 0x7b, 0x2b, 0x4b, 0x46, 0xdd, 0x3d, 0x64, 0xa0, 0xc7, 0xf8, 0x9c, 0x5f, 0x7b, 0x96, 0x01, 0xcf, 0x91, 0x0d, 0xc7, 0xa9, 0xc9, 0xad, 0xe1, 0x8e, 0xff, 0x0e, 0x08, 0x02, 0xe6, 0x11, 0x6d, 0x6a, 0x9b, 0x02, 0x81, 0x7f, 0x81, 0x00, 0x7d, 0x10, 0x9a, 0x0a, 0xbd, 0x17, 0x59, 0x38, 0x2d, 0x73, 0x63, 0x37, 0x7b, 0x02, 0x59, 0x05, 0x0b, 0x1c, 0x85, 0xc9, 0x91, 0x82, 0x59, 0x57, 0x01, 0x7e, 0x3a, 0x3a, 0x58, 0x16, 0x16, 0xa1, 0x57, 0x47, 0x68, 0x44, 0x55, 0x70, 0x55, 0x6d, 0xc5, 0xaf, 0x4e, 0x2f, 0x3b, 0x2f, 0x42, 0x30, 0x00, 0x34, 0x00, 0x30, 0x19, 0x6c, 0x2d, 0x5b, 0x59, 0x55, 0xfa, 0xb8, 0x6f, 0xa2, 0xff, 0x19, 0x9b, 0x8f, 0x7b, 0x61, 0x4b, 0x4e, 0xdd, 0x52, 0x64, 0x98, 0xc7, 0x8d, 0x9c, 0x07, 0x7b, 0xc1, 0x01, 0xa6, 0x91, 0x48, 0xc7, 0xfd, 0xc9, 0xe8, 0xe1, 0xc9, 0xff, 0x35, 0x08, 0x6e, 0xe6, 0x52, 0x6d, 0x3e, 0x9b, 0x63, 0x81, 0x5d, 0x81, 0x0c, 0x7d, 0x02, 0x9a, 0x32, 0xbd, 0x5f, 0x59, 0x78, 0x2d, 0x28, 0x63, 0x6e, 0x7b, 0x53, 0x59, 0x50, 0x0b, 0x15, 0x85, 0xfc, 0x91, 0xe6, 0x59, 0x51, 0x01, 0x74, 0x3a, 0x75, 0x58, 0x0e, 0x16, 0xa5, 0x57, 0x1a, 0x68, 0x08, 0x55, 0x25, 0x55, 0x73, 0xc5, 0xfb, 0x4e, 0x6f, 0x3b, 0x6a, 0x42, 0x09, 0x00, 0x5b, 0x00, 0x7e, 0x19, 0x04, 0x2d, 0x56, 0x59, 0x17, 0xfa, 0xbd, 0x6f, 0xaf, 0xff, 0x53, 0x9b, 0xdf, 0x7b, 0x3e, 0x4b, 0x5b, 0xdd, 0x22, 0x64, 0xb1, 0xc7, 0x90, 0x9c, 0x06, 0x7b, 0xf0, 0x01, 0xf9, 0x91, 0x43, 0xc7, 0xe8, 0xc9, 0xa8, 0xe1, 0x93, 0xff, 0x6a, 0x08, 0x2a, 0xe6, 0x12, 0x6d, 0x54, 0x9b, 0x54, 0x81, 0x4a, 0x81, 0x4b, 0x7d, 0x04, 0x9a, 0x06, 0xbd, 0x0b, 0x59, 0x6b, 0x2d, 0x37, 0x63, 0x79, 0x7b, 0x35, 0x59, 0x10, 0x0b, 0x0a, 0x85, 0xb6, 0x91, 0xa8, 0x59, 0x4f, 0x01, 0x7c, 0x3a, 0x35, 0x58, 0x18, 0x16, 0xbc, 0x57, 0x5e, 0x68, 0x27, 0x55, 0x2d, 0x55, 0x39, 0xc5, 0xeb, 0x4e, 0x7b, 0x3b, 0x6a, 0x42, 0x3a, 0x00, 0x20, 0x00, 0x7d, 0x19, 0x30, 0x2d, 0x02, 0x59, 0x1c, 0xfa, 0xfd, 0x6f, 0xf8, 0xff, 0x5b, 0x9b, 0xda, 0x7b, 0x77, 0x4b, 0x19, 0xdd, 0x66, 0x64, 0xff, 0xc7, 0xf6, 0x9c, 0x42, 0x7b, 0xbc, 0x01, 0xc8, 0x91, 0x11, 0xc7, 0xba, 0xc9, 0xba, 0xe1, 0x9b, 0xff, 0x60, 0x08, 0x63, 0xe6, 0x44, 0x6d, 0x74, 0x9b, 0x7e, 0x81, 0x1d, 0x81, 0x6c, 0x7d, 0x6c, 0x9a, 0x34, 0xbd, 0x55, 0x59, 0x7c, 0x2d, 0x34, 0x63, 0x69, 0x7b, 0x5c, 0x59, 0x77, 0x0b, 0x7c, 0x85, 0xbc, 0x91, 0xb9, 0x59, 0x34, 0x01, 0x6e, 0x3a, 0x3d, 0x58, 0x0c, 0x16, 0xab, 0x57, 0x4b, 0x68, 0x5d, 0x55, 0x78, 0x55, 0x6e, 0xc5, 0xa7, 0x4e, 0x39, 0x3b, 0x3d, 0x42, 0x38, 0x00, 0x35, 0x00, 0x57, 0x19, 0x50, 0x2d, 0x37, 0x59, 0x07, 0xfa, 0xd6, 0x6f, 0xa1, 0xff, 0x06, 0x9b, 0x88, 0x7b, 0x6e, 0x4b, 0x48, 0xdd, 0x3e, 0x64, 0xa6, 0xc7, 0xe0, 0x9c, 0x66, 0x7b, 0xc7, 0x01, 0xec, 0x91, 0x10, 0xc7, 0xac, 0xc9, 0x82, 0xe1, 0xc0, 0xff, 0x37, 0x08, 0x6b, 0xe6, 0x53, 0x6d, 0x01, 0x9b, 0x31, 0x81, 0x76, 0x81, 0x15, 0x7d, 0x08, 0x9a, 0x32, 0xbd, 0x5f, 0x59, 0x33, 0x2d, 0x2c, 0x63, 0x6d, 0x7b, 0x01, 0x59, 0x3b, 0x0b, 0x29, 0x85, 0xa2, 0x91, 0xed, 0x59, 0x74, 0x01, 0x2b, 0x3a, 0x04, 0x58, 0x63, 0x16, 0xe5, 0x57, 0x23, 0x68, 0x50, 0x55, 0x3a, 0x55, 0x6b, 0xc5, 0xaa, 0x4e, 0x73, 0x3b, 0x6d, 0x42, 0x67, 0x00, 0x20, 0x00, 0x27, 0x19, 0x79, 0x2d, 0x2a, 0x59, 0x06, 0xfa, 0xe7, 0x6f, 0xfe, 0xff, 0x0d, 0x9b, 0x9d, 0x7b, 0x2e, 0x4b, 0x12, 0xdd, 0x61, 0x64, 0xe2, 0xc7, 0xa0, 0x9c, 0x0c, 0x7b, 0xf0, 0x01, 0xfb, 0x91, 0x57, 0xc7, 0xaa, 0xc9, 0xb6, 0xe1, 0x94, 0xff, 0x24, 0x08, 0x74, 0xe6, 0x44, 0x6d, 0x67, 0x9b, 0x71, 0x81, 0x69, 0x81, 0x5f, 0x7d, 0x46, 0x9a, 0x2c, 0xbd, 0x57, 0x59, 0x73, 0x2d, 0x3a, 0x63, 0x74, 0x7b, 0x45, 0x59, 0x14, 0x0b, 0x21, 0x85, 0xe8, 0x91, 0xfd, 0x59, 0x60, 0x01, 0x2b, 0x3a, 0x37, 0x58, 0x18, 0x16, 0xe6, 0x57, 0x17, 0x68, 0x04, 0x55, 0x31, 0x55, 0x2b, 0xc5, 0xfd, 0x4e, 0x7b, 0x3b, 0x68, 0x42, 0x2e, 0x00, 0x62, 0x00, 0x63, 0x19, 0x37, 0x2d, 0x4c, 0x59, 0x42, 0xfa, 0xab, 0x6f, 0xcf, 0xff, 0x5f, 0x9b, 0xcf, 0x7b, 0x3c, 0x4b, 0x1a, 0xdd, 0x6b, 0x64, 0xab, 0xc7, 0xf6, 0x9c, 0x2c, 0x7b, 0xda, 0x01, 0xac, 0x91, 0x70, 0xc7, 0xf4, 0xc9, 0x99, 0xe1, 0xc3, 0xff, 0x3a, 0x08]
  10.     loop = len(data_array)
  11.     location = 0                   
  12.     i = 0
  13.     xor_array = []
  15.     print "XORing Data...\n"
  16.                             # Get value from div % 100
  17.     for item in data_array:
  18.         if location == len(key_array):
  19.             location = 0
  20.         if i == loop:
  21.             break
  22.         data = item ^ key_array[location] # Get XOR key using value from div / 10  
  23.         xor_array.append(chr(data))                
  24.         i = i + 1;         
  25.         location = location + 1
  27.     xor_array = ' '.join(xor_array).replace('\x00','')
  28.     xor_array = xor_array.replace(' ','')
  29.     xor_array = xor_array.replace(' ',' ')
  30.     print xor_array
  31.     print "\n"
  32.     print "Finished Decrypting Data!\n"
  34. def main():
  36.     print "A few assumptions are made here:\n"
  37.     print " - The input data is from the start of the file (AKA XOR'ed with 0x0A)"
  38.     print " - The key never changes"
  39.     print " - The correct hex data is taken from the file\n"
  40.     print "Simply copy the hex data of the key and array and put them into their respective arrays"
  41.     print "And yes, it is a very hacky method;"
  42.     print "I planned to have it so the data was read from a file, directly into an array, however it wasn't recognizing the data as hex"
  43.     print "There are definitely better ways to do this\nIncluding reading the keys directly from the EXE, assuming it doesn't move\n"
  44.     print "---------------------\nTVer = Version\nStart = Execution Begins\n[u] = Username\n[h] = Handle?\n[pid] = Process ID\n[pn] = Process Name\n[t] = Thread?\n---------------------\n"
  46.     decrypt()
  48. if __name__ == "__main__":
  49.     main()
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand