def decrypt(bytes, From="Client"):
cleartext = b""
if is_fast_path(bytes):
is_encrypted = (bytes[0] >> 7 == 1)
has_opt_length = (bytes[1] >= 0x80)
offset = 2
if has_opt_length:
offset += 1
if is_encrypted:
offset += 8
cleartext = rc4_decrypt(bytes[offset:], From=From)
else: # slow path
offset = 13
if len(bytes) <= 15: return bytes
if bytes[offset] >= 0x80: offset += 1
offset += 1
security_flags = struct.unpack('<H', bytes[offset:offset+2])[0]
is_encrypted = (security_flags & 0x0008)
if is_encrypted:
offset += 12
cleartext = rc4_decrypt(bytes[offset:], From=From)
if not cleartext == b"":
if args.debug:
print("Cleartext: ")
hexdump(cleartext)
return bytes[:offset] + cleartext
else:
return bytes
def decrypt(bytes, From="Client"):
cleartext = b""
if is_fast_path(bytes):
is_encrypted = (bytes[0] >> 7 == 1)
has_opt_length = (bytes[1] >= 0x80)
offset = 2
if has_opt_length:
offset += 1
if is_encrypted:
offset += 8
cleartext = rc4_decrypt(bytes[offset:], From=From)
else: # slow path
offset = 13
if len(bytes) <= 15: return bytes
if bytes[offset] >= 0x80: offset += 1
offset += 1
security_flags = struct.unpack('<H', bytes[offset:offset + 2])[0]
is_encrypted = (security_flags & 0x0008)
if is_encrypted:
offset += 12
cleartext = rc4_decrypt(bytes[offset:], From=From)
if not cleartext == b"":
if args.debug:
print("Cleartext: ")
hexdump(cleartext)
return bytes[:offset] + cleartext
else:
return bytes
def dump_data(data, From=None, Modified=False):
if args.debug:
modified = ""
if Modified:
modified = " (modified)"
if From == "Server":
print("From server:" + modified)
elif From == "Client":
print("From client:" + modified)
hexdump(data)
def dump_data(data, From=None, Modified=False):
if args.debug:
modified = ""
if Modified:
modified = " (modified)"
if From == "Server":
print("From server:"+modified)
elif From == "Client":
print("From client:"+modified)
hexdump(data)