def client_init_parse(keypub,data):
bits = keypub.size()+1
encBlock = data[-(bits/8):]
decBlock = keypub.encrypt(encBlock,0)[0]
#Code converted from Gozi source
decBlock = decBlock[2:]
for i in range(len(decBlock)):
if decBlock[i] != '\xff':
decBlock = decBlock[i:]
break
#\x00 is separator
if decBlock[0] == '\x00':
decBlock=decBlock[1:]
#New code stores a serp key 16 bytes in
#checkval = ord(decBlock[0]) - 1
data_length = len(data[:-(bits/8)]) & 0xfffffff0
serpKey = decBlock[16:32]
data = serpent2.serpent_cbc_decrypt(serpKey,data[:-128])
print("INI PARAMS:")
count = struct.unpack_from('<I', data)[0]
params = IniParams(count,[])
data = data[8:]
for i in range(count):
(hash,flag,offset,) = struct.unpack_from('<III', data)
params.put_param(IniParam(hash,offset,data))
data = data[0x18:]
print(params)
return(params.get_jsonify())
def gozi_decode_sect(keypub, data):
bits = keypub.size() + 1
encBlock = data[-(bits / 8):]
decBlock = keypub.encrypt(encBlock, 0)[0]
#Code converted from Gozi source
decBlock = decBlock[2:]
for i in range(len(decBlock)):
if decBlock[i] != '\xff':
decBlock = decBlock[i:]
break
#\x00 is separator
if decBlock[0] == '\x00':
decBlock = decBlock[1:]
#New code stores a serp key 16 bytes in
#checkval = ord(decBlock[0]) - 1
data_length = len(data[:-(bits / 8)]) & 0xfffffff0
serpKey = decBlock[16:32]
data = serpent2.serpent_cbc_decrypt(serpKey, data[:-128])
return (data)