形如下列形式的加密模式可初步判断为RC4加密

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Function Initialize(strPwd)
    Dim box(256)
    Dim tempSwap
    Dim a
    Dim b

    For i = 0 To 255
        box(i) = i
    Next

    a = 0
    b = 0

    For i = 0 To 255
        a = (a + box(i) + Asc(Mid(strPwd, (i Mod Len(strPwd)) + 1, 1))) Mod 256
        tempSwap = box(i)
        box(i) = box(a)
        box(a) = tempSwap
    Next

当我们确定了密文和密钥后可以实用脚本来解密

脚本大概分两类,如下:

密钥 (key) 是一个字符串,例如 "H&NKEY"

密文(ciphertext)为一个十六进制字符串,例如 “59fc6b263c3d0fcbc331ade699e62d3473bbf85522d588e3423e6c751ca091528a3c0186e460483917192c14”

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
def KSA(key):
    """Key Scheduling Algorithm (KSA)"""
    key_length = len(key)
    S = list(range(256))
    j = 0
    for i in range(256):
        j = (j + S[i] + key[i % key_length]) % 256
        S[i], S[j] = S[j], S[i]  # swap
    return S

def PRGA(S):
    """Pseudo-Random Generation Algorithm (PRGA)"""
    i = 0
    j = 0
    while True:
        i = (i + 1) % 256
        j = (j + S[i]) % 256
        S[i], S[j] = S[j], S[i]  # swap
        K = S[(S[i] + S[j]) % 256]
        yield K

def RC4(key, data):
    S = KSA(key)
    keystream = PRGA(S)
    return bytearray([c ^ next(keystream) for c in data])

# 解密函数
def rc4_decrypt(key, ciphertext):
    key = [ord(c) for c in key]  # Convert key to list of integers
    ciphertext = bytearray.fromhex(ciphertext)  # Convert ciphertext from hex to bytearray
    decrypted = RC4(key, ciphertext)
    return decrypted.decode('utf-8')

# 示例用法
key = "#你的字符串密钥"
ciphertext = "#你的十六进制字符串密文"

decrypted_message = rc4_decrypt(key, ciphertext)
print(f"Decrypted message: {decrypted_message}")

密钥 (key) 是一个字节串(如 b"gamelab@")。

密文 (ciphertext) 是一个十六进制字节数组(如 [0xB6, 0x42, ...]

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#RC4加密
def rc4(key, ciphertext):
    # 初始化S盒
    sbox = list(range(256))
    j = 0
    for i in range(256):
        j = (j + sbox[i] + key[i % len(key)]) % 256
        sbox[i], sbox[j] = sbox[j], sbox[i]
 
    # 生成密钥流
    i = 0
    j = 0
    keystream = []
    for _ in range(len(ciphertext)):
        i = (i + 1) % 256
        j = (j + sbox[i]) % 256
        sbox[i], sbox[j] = sbox[j], sbox[i]
        k = sbox[(sbox[i] + sbox[j]) % 256]
        keystream.append(k)
    # print(keystream)
 
    # 解密密文
    plaintext = []
    for i in range(len(ciphertext)):
        m = ciphertext[i] ^ keystream[i]
        plaintext.append(m)
    print(plaintext)
 
    # 将明文转换为字符串
    return ''.join([chr(p) for p in plaintext])

# 测试
key = b"#你的密钥"
ciphertext =[#你的字节数组密文]
# for i in ciphertext:
#     print(chr(i),end="")
plaintext = rc4(key, ciphertext)
print(plaintext)

其实这两个脚本只需要将密文的形式进的简单的转化即可,结果相同

1.将字节数组转化为字符串

1
2
3
4
5
6
7
8
# 原始字节数组
byte_array = [#你的字节数组]

# 将字节数组转换为十六进制字符串
hex_string = ''.join(f'{byte:02x}' for byte in byte_array)

print(hex_string)

2.将字符串转化为字节数组

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# 十六进制字符串
hex_string = "#你的字符串"

# 将十六进制字符串转换为字节数组
byte_array = bytes.fromhex(hex_string)

# 将字节数组转换为 [0xB6, 0x42, 0xB7, ...] 格式
formatted_list = ', '.join(f'0x{byte:02X}' for byte in byte_array)
formatted_output = f'[{formatted_list}]'

# 输出所有三种形式
print(f"十六进制字符串: {hex_string}")
print(f"字节数组: {byte_array}")
print(f"格式化的字节数组: {formatted_output}")