From f6b935781bcb43faea7aa894ce3a55873769efb3 Mon Sep 17 00:00:00 2001
From: whycxzp <perryhsu@163.com>
Date: 星期三, 22 十二月 2021 15:20:47 +0800
Subject: [PATCH] 1.内置密码解码,多重密码混淆 2.外部运行虚假密码(未生效密码混淆)

---
 beale-core/src/main/java/com/whyc/CoreAgent.java |   19 ++++++++++++++++---
 1 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/beale-core/src/main/java/com/whyc/CoreAgent.java b/beale-core/src/main/java/com/whyc/CoreAgent.java
index 0f9abe4..cb13900 100644
--- a/beale-core/src/main/java/com/whyc/CoreAgent.java
+++ b/beale-core/src/main/java/com/whyc/CoreAgent.java
@@ -6,6 +6,7 @@
 import java.io.Console;
 import java.io.File;
 import java.lang.instrument.Instrumentation;
+import java.nio.charset.Charset;
 
 
 /**
@@ -32,7 +33,8 @@
         char[] pwd;
 
         //璇诲彇jar闅愯棌鐨勫瘑鐮侊紝鏃犲瘑鐮佸惎鍔ㄦā寮�(jar)
-        pwd = JarDecryptor.readPassFromJar(new File(JarUtils.getRootPath(null)));
+        //pwd = JarDecryptor.readPassFromJar(new File(JarUtils.getRootPath(null)));
+        pwd = JarDecryptor.readPassFromJar2(new File(JarUtils.getRootPath(null)));
 
         if (args != null) {
             options.parse(args.split(" "));
@@ -94,15 +96,22 @@
         }
 
         //楠岃瘉瀵嗙爜,jar鍖呮槸鎵嶉獙璇�
-        byte[] passHash = JarDecryptor.readEncryptedFile(new File(JarUtils.getRootPath(null)), Const.CONFIG_PASSHASH);
+        /*System.out.println("楠岃瘉jar,瀵嗙爜璺緞"+JarUtils.getRootPath(null));
+        byte[] passHash = JarDecryptor.readEncryptedFile2(new File(JarUtils.getRootPath(null)),Const.FILE_NAME2);
         if (passHash != null) {
-            char[] p1 = StrUtils.toChars(passHash);
+            char[] p1 = StrUtils.merger(pwd, EncryptUtils.SALT);
             char[] p2 = EncryptUtils.md5(StrUtils.merger(pwd, EncryptUtils.SALT));
             p2 = EncryptUtils.md5(StrUtils.merger(EncryptUtils.SALT, p2));
             if (!StrUtils.equal(p1, p2)) {
                 Log.println("\nERROR: Startup failed, invalid password.\n");
                 System.exit(0);
             }
+        }*/
+        byte[] pwdHash = JarDecryptor.readEncryptedFile2(new File(JarUtils.getRootPath(null)),Const.FILE_NAME2);
+        if (pwdHash != null) {
+            String pwdTrue = EncryptUtils.deAES(new String(pwdHash, Charset.forName("utf-8")), Const.AES_KEY.toCharArray());
+            pwdTrue = pwdTrue.replace(" ","").replace(",","").replace("[","").replace("]","");
+            pwd = pwdTrue.toCharArray();
         }
 
         //GO
@@ -162,4 +171,8 @@
         }
         return pwd;
     }
+
+    public static void main(String[] args) {
+        char[] chars = JarDecryptor.readPassFromJar(new File(JarUtils.getRootPath(null)));
+    }
 }

--
Gitblit v1.9.1