Credits to Bibl. He's #1
Code:
import java.io.File;
import java.lang.reflect.Field;
import jrat.*; // loaded the jar file of the thing we want to crack
import org.objectweb.asm.tree.MethodNode;
import eu.bibl.banalysis.asm.ClassNode; //Bibl is #1 memmr
import eu.bibl.banalysis.asm.insn.InstructionPrinter;
import eu.bibl.bio.JarInfo;
import eu.bibl.bio.jfile.in.JarDownloader;
public class Start {
public static void main(String[] args) throws Exception{
Class<?> c = nw.class;
for(Field f : c.getDeclaredFields()){
if(f.getName().equals("z")){
f.setAccessible(true);
String[] s1 = (String[]) f.get(null);
for(int i=0; i < s1.length; i++){
System.out.println("z[" + i + "] = " + s1[i]);
}
}
}
JarDownloader dl = new JarDownloader(new JarInfo(new File("lib/Controller.jar")));
dl.parse();
for(ClassNode cn : dl.getContents().getNodes().values()){
if(cn.name.equals("a")){
for(MethodNode m : cn.methods()){
if(m.name.equals("main")){
InstructionPrinter.consolePrint(m);
}
}
}
}
}
}
Decrypts Strings :
Code:
z[0] =
Do you want to accept it?
(You can turn off this notification in settings)
z[1] = HTTP Request
z[2] = proxyhost
z[3] = proxyport
z[4] = jRAT tries to connect to:
z[5] = %host%
z[6] = proxy
z[7] = proxysocks
z[8] = askurl
z[9] = Requesting
z[10] = askurl
z[11] = proxysocks
z[12] =
Do you want to accept it?
(You can turn off this notification in settings)
z[13] = jRAT tries to connect to:
z[14] = proxy
z[15] = proxyport
z[16] = HTTP Request
z[17] = proxyhost