Board logo

标题: [文本处理] 求助这种bat批处理两次加密是如何实现的,怎么解密 [打印本页]

作者: eflys666    时间: 2023-8-25 10:43     标题: 求助这种bat批处理两次加密是如何实现的,怎么解密

求助这种bat批处理两次加密是如何实现的,怎么解密。下载链接:https://www.123pan.com/s/5tO9-k3fmh.html提取码:TYUL
作者: eflys666    时间: 2023-8-25 10:54

本帖最后由 eflys666 于 2023-8-25 10:55 编辑


作者: 77七    时间: 2023-8-25 11:34

本帖最后由 77七 于 2023-8-25 11:38 编辑
最简单的破解方法是先用RAR压缩,再用RAR查看,加密一目了然,所以奉劝各位,别再在BAT加密上浪费时间和精力了。

http://www.cn-dos.net/forum/viewthread.php?tid=44843

通过rar查看,发现代码第二行
::BatchEncryption Build 201610 By gwsbhqt@163.com

应该是用了这个工具加密的
BatchEncryption - 批处理加密程序
2楼应该是解密,我这里解密还没出结果,需要一点时间。
4楼解密比较快。
作者: eflys666    时间: 2023-8-25 14:28

回复 3# 77七
感谢老大如此详细的解答,我试一下
作者: yakeyun    时间: 2023-8-25 16:58

源码第一部分:
  1. @echo off
  2. setlocal enabledelayedexpansion
  3. color 1f
  4. mode con: cols=55 lines=38
  5. title 一键制作卡刷/线刷包,反馈QQ群:878756654
  6. %~d0
  7. cd "%~p0"
  8. set bin=.\android_win_tools
  9. for %%a in ("%bin%\cecho.exe" "%bin%\adb.exe" "%bin%\AdbWinApi.dll" "%bin%\7za.exe" "%bin%\AdbWinUsbApi.dll") do (if not exist %%a goto erro1)
  10. tasklist|findstr /ib "360rp.exe 360sd.exe"&&goto erro1
  11. tasklist|findstr /ib "adb.exe" >nul&&taskkill /f /im adb.exe >nul
  12. if exist .\update rd /S /Q .\update >nul
  13. del /f /q .\*update.zip >nul 2>&1
  14. del /f /q .\recover*img >nul 2>&1
  15. where java|find /i "java.exe" >nul||goto java
  16. if "%java_home%" == "" goto java
  17. certutil -hashfile %bin%\7za.exe|find /i "cee178da1fb05f99af7a3547093122893bd1eb46" >nul 2>&1||goto erro1
  18. certutil -hashfile %bin%\busybox|find /i "dc10e2f2fc965e62f740c04cdda815815d98660a" >nul 2>&1||goto erro1
  19. certutil -hashfile %bin%\signapk.jar|find /i "0a6dc7f65c52537d8f552c608c586d650d829cfb" >nul 2>&1||goto erro1
  20. certutil -hashfile %bin%\testkey.pk8|find /i "92de052cb804dea75f9815a66d7d3f6f911cdb63" >nul 2>&1||goto erro1
  21. certutil -hashfile %bin%\testkey.x509.pem|find /i "ef543a467d830d9975ccf0d569a7841c8b5df988" >nul 2>&1||goto erro1
  22. certutil -hashfile %bin%\script|find /i "1fa914cc45908d9e0808160300ef3f2e8a82c33f" >nul 2>&1||goto erro1
  23. certutil -hashfile %bin%\wget.exe|find /i "a5a1d20bb1456bcbefc689f16f38b0710259b414" >nul 2>&1||goto erro1
  24. cls
  25. echo.
  26. %bin%\cecho {1F}一键制作卡刷固件/线刷包工具{1E}^<体验版^>{#}
  27. echo.
  28. %bin%\cecho {1F}-------------------------------------------------------{#}
  29. echo.
  30. %bin%\cecho {1C}目标机器必须支持adb_root权限,电脑配置JAVA环境{#}
  31. echo.
  32. echo.
  33. %bin%\cecho {1C}仅适用于EMMC版,晶晨/海思CPU,非高安版机器{#}
  34. echo.
  35. echo.
  36. echo.
  37. %bin%\cecho {1F}仅需输入IP或简单拖放文件,目前已实现功能:{#}
  38. echo.
  39. echo.
  40. %bin%\cecho {1F}^>ADB连上机器将使用版打包成U盘卡刷固件或线刷救砖包{#}
  41. echo.
  42. %bin%\cecho {1F}^>海思机器自动处理生成烧写分区表及文件,可烧写救砖{#}
  43. echo.
  44. %bin%\cecho {1F}^>晶晨机器自动生成U盘卡刷包,以及线刷救砖包(测试){#}
  45. echo.
  46. %bin%\cecho {1F}^>晶晨线刷包,拖到此界面,可自动转为U盘卡刷固件{#}
  47. echo.
  48. %bin%\cecho {1F}^>自动签名固件使用testkey公签签名(可自行更换私签){#}
  49. echo.
  50. %bin%\cecho {1F}^>可选修改recovery为对应签名(此部份代码3K友情支持){#}
  51. echo.
  52. echo.
  53. echo.
  54. echo.
  55. %bin%\cecho {0F} 此版工具公开提供,收RMB售卖此工具的都是骗子! {#}
  56. echo.
  57. %bin%\cecho {FC} 此版工具公开提供,收RMB售卖此工具的都是骗子! {#}
  58. echo.
  59. echo.
  60. echo.
  61. echo.
  62. echo.
  63. %bin%\cecho {1F}暴风骤雨 QQ:334238313{#}
  64. echo.
  65. %bin%\cecho {1F}测试系统:Windows10_X64_Pro{#}
  66. echo.
  67. %bin%\cecho {1F}于2021-6-15开始持续制作/修改/测试{#}
  68. echo.
  69. %bin%\cecho {1F}-------------------------------------------------------{#}
  70. %bin%\cecho {1F}晶晨IMG线刷包拖到此自动转卡刷固件{#}
  71. echo.
  72. %bin%\cecho {1F}或输入盒子IP,按回车1:1备份机器制作:{#}
  73. set /p ip=
  74. ver|find "10.0." >nul||%bin%\cecho {1F}工具仅在windows10测试通过,确认是否要继续。。{#}&&echo.&&pause
  75. if "%ip%" == "" (goto erro2)
  76. for /f %%i in ("%ip%") do set input=%%~xi
  77. if "%input%" == ".img" (goto recovery)
  78. echo %ip%|findstr "^[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\:[0-9]*$" >nul||echo %ip%|findstr "^[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*$" >nul||(goto erro2)
  79. for %%a in (%ip:.= %) do (echo;%%a|findstr "^[0-9]$ ^[1-9][0-9]$ ^1[0-9][0-9]$ ^2[0-4][0-9]$ ^25[0-5]$" >nul && (set /a n+=1))
  80. if "%n%" geq "3" (if "%n%" leq "4" (echo.&echo.正在努力尝试连接盒子 。。。)) else goto erro2
  81. %bin%\adb connect %ip% >nul 2>&1
  82. %bin%\adb devices|find /i "%ip%" >nul||(goto erro)
  83. %bin%\adb remount|find /i "succeeded" >nul||(goto erro)
  84. %bin%\adb shell ls /system/bin|find /i "make_ext4fs" >nul||goto erro1
  85. set busybox=/cache/busybox
  86. %bin%\adb shell rm -rf %busybox% >nul
  87. %bin%\adb push %bin%\busybox %busybox% >nul
  88. %bin%\adb shell ls /cache|find /i "busybox" >nul||goto erro1
  89. %bin%\adb shell chmod 0755 %busybox%
  90. %bin%\adb shell "%busybox% pkill -9 busybox" >nul 2>&1
  91. for /f %%i in ('%bin%\adb shell getprop ro.product.model') do set model=%%i
  92. for /f %%i in ('%bin%\adb shell getprop ro.build.version.incremental') do set ver=%%i
  93. for /f %%i in ('%bin%\adb shell getprop ro.product.device') do set cpu=%%i
  94. %bin%\adb shell ls /dev/block|find /i "mmcblk0" >nul||goto recovery
  95. %bin%\adb shell cat /system/build.prop|find /i "hi3798">nul||goto recovery
  96. for /f %%a in ('%bin%\adb shell "mount|grep 'cache'|%busybox% awk '{print $1}'|%busybox% sed 's/......$//g'"') do set dev=%%a
  97. %bin%\adb shell ls %dev%|find /i "misc" >nul||goto recovery
  98. %bin%\adb shell ls %dev%|find /i "kernel" >nul&& set boot=kernel||set boot=boot
  99. %bin%\adb shell ls %dev%|find /i "userdata" >nul&& set data=userdata||set data=data
  100. for /f %%i in ('%bin%\adb shell "cat /proc/cmdline|%busybox% awk -F':' '{print $NF}'|%busybox% awk '{print $1}'"') do set partinfo=%%i
  101. for /f %%i in ('%bin%\adb shell getprop ro.build.fingerprint') do set fingerprint=%%i
  102. for /f %%i in ('%bin%\adb shell "%busybox% df -m /system|%busybox% awk '{print $1}'|%busybox% awk 'END {print}'|%busybox% awk -F. '{print $NF}'"') do set system=%%i
  103. echo.%system%|findstr /i /v "^[0-9]*$" >nul&&goto erro1
复制代码

作者: yakeyun    时间: 2023-8-25 16:59

回复 5# yakeyun


源码第二部分:
  1. cls
  2. color 1f
  3. echo.
  4. echo.已连上机器;正在处理。。。
  5. echo.
  6. echo.盒子型号:%model%
  7. echo.CPU 型号:%cpu%
  8. echo.软件版本:%ver%
  9. echo.
  10. echo.-------------------------------------------------------
  11. echo.
  12. echo.前期处理过程漫长且无聊,等着吧 。。。
  13. set tt=/data/local/update
  14. set t1=.\update\META-INF\com\google\android
  15. set t2=.\update\META-INF\com\android
  16. %bin%\adb shell rm -rf %tt% >nul 2>&1
  17. %bin%\adb shell "mkdir -p %tt%" >nul 2>&1
  18. %bin%\adb shell "make_ext4fs -l %system%M -s %tt%/system.img /system" >nul 2>&1
  19. %bin%\adb shell "%busybox% cat %dev%/%boot% >%tt%/boot.img" >nul 2>&1
  20. %bin%\adb shell "%busybox% cat %dev%/logo >%tt%/logo.img" >nul 2>&1
  21. %bin%\adb shell "%busybox% cat %dev%/recovery >%tt%/recovery.img" >nul 2>&1
  22. %bin%\adb shell "%busybox% cat %dev%/baseparam >%tt%/baseparam.img" >nul 2>&1
  23. %bin%\adb shell "%busybox% cat %dev%/fastboot >%tt%/fastboot.img" >nul 2>&1
  24. %bin%\adb shell "echo 'ui_print(\"start...\");'>%tt%/updater-script" >nul 2>&1
  25. %bin%\adb shell "echo 'ui_print(\"Made By QQ:334238313\");'>%tt%/updater-script" >nul 2>&1
  26. %bin%\adb shell "echo 'set_progress(\"1\");'>>%tt%/updater-script" >nul 2>&1
  27. %bin%\adb shell "echo 'show_progress(\"1\",\"50\");'>>%tt%/updater-script" >nul 2>&1
  28. %bin%\adb shell "echo 'ui_print(\"check_rw......\");'>>%tt%/updater-script" >nul 2>&1
  29. %bin%\adb shell "echo 'ifelse(is_mounted(\"/data\"),(ui_print(\"data_rw......\");),ui_print(\"settings_rw......\");mount(\"ext4\", \"EMMC\", \"%dev%/%data%\", \"/data\"));'>>%tt%/updater-script" >nul 2>&1
  30. %bin%\adb shell "echo 'ui_print(\"update fastboot......\");'>>%tt%/updater-script" >nul 2>&1
  31. %bin%\adb shell "echo '#package_extract_file(\"fastboot.img\", \"%dev%/fastboot\");'>>%tt%/updater-script" >nul 2>&1
  32. %bin%\adb shell "echo 'ui_print(\"update recovery......\");'>>%tt%/updater-script" >nul 2>&1
  33. %bin%\adb shell "echo 'package_extract_file(\"recovery.img\", \"%dev%/recovery\");'>>%tt%/updater-script" >nul 2>&1
  34. %bin%\adb shell "echo 'ui_print(\"update baseparam......\");'>>%tt%/updater-script" >nul 2>&1
  35. %bin%\adb shell "echo 'package_extract_file(\"baseparam.img\", \"%dev%/baseparam\");'>>%tt%/updater-script" >nul 2>&1
  36. %bin%\adb shell "echo 'ui_print(\"update logo......\");'>>%tt%/updater-script" >nul 2>&1
  37. %bin%\adb shell "echo 'package_extract_file(\"logo.img\", \"%dev%/logo\");'>>%tt%/updater-script" >nul 2>&1
  38. %bin%\adb shell "echo 'ui_print(\"update boot.....\");'>>%tt%/updater-script" >nul 2>&1
  39. %bin%\adb shell "echo 'package_extract_file(\"boot.img\", \"%dev%/%boot%\");'>>%tt%/updater-script" >nul 2>&1
  40. %bin%\adb shell "echo 'ui_print(\"update system......\");'>>%tt%/updater-script" >nul 2>&1
  41. %bin%\adb shell "echo 'format(\"ext4\", \"EMMC\", \"%dev%/system\", \"0\", \"/system\");'>>%tt%/updater-script" >nul 2>&1
  42. %bin%\adb shell "echo 'package_extract_file(\"system.img\", \"/data/system.img\");'>>%tt%/updater-script" >nul 2>&1
  43. %bin%\adb shell "echo 'write_ext4sp_img(\"/data/system.img\", \"%dev%/system\");'>>%tt%/updater-script" >nul 2>&1
  44. %bin%\adb shell "echo 'delete(\"/data/system.img\");'>>%tt%/updater-script" >nul 2>&1
  45. %bin%\adb shell "echo 'ui_print(\"clear cache......\");'>>%tt%/updater-script" >nul 2>&1
  46. %bin%\adb shell "echo 'wipe_cache();'>>%tt%/updater-script" >nul 2>&1
  47. %bin%\adb shell "echo 'ui_print(\"clear data......\");'>>%tt%/updater-script" >nul 2>&1
  48. %bin%\adb shell "echo 'unmount(\"/data\");'>>%tt%/updater-script" >nul 2>&1
  49. %bin%\adb shell "echo 'format(\"ext4\", \"EMMC\", \"%dev%/%data%\", \"0\", \"/data\");'>>%tt%/updater-script" >nul 2>&1
  50. %bin%\adb shell "echo 'set_progress(\"1\");'>>%tt%/updater-script" >nul 2>&1
  51. %bin%\adb shell "echo 'ui_print(\"QQ GROUP:878756654\");'>>%tt%/updater-script" >nul 2>&1
  52. %bin%\adb shell "echo 'post-build=%fingerprint%'>%tt%/metadata" >nul 2>&1
  53. %bin%\adb shell "%busybox% httpd -p 8686 -h %tt%"
  54. %bin%\adb shell sync
  55. rd /s /q .\update >nul 2>&1
  56. md .\update
  57. %bin%\adb shell "ls %tt% >/cache/tmp.txt"
  58. %bin%\adb pull /cache/tmp.txt .\update\tmp.txt >nul 2>&1
  59. for /f "delims=:" %%a in ('echo %ip%') do (set ip1=%%a)
  60. set "aa=%%a"
  61. certutil -hashfile %bin%\wget.exe|find /i "a5a1d20bb1456bcbefc689f16f38b0710259b414" >nul 2>&1||goto erro1
  62. for /f "delims=" %%a in (.\update\tmp.txt) do (%bin%\wget -q -c -O .\update\%aa% http://%ip1%:8686/%aa%)
  63. %bin%\adb shell rm -f /cache/tmp.txt >nul
  64. del /f /q .\update\tmp.txt >nul
  65. for %%a in (".\update\system.img") do (if %%~za equ 0 set filenul=1)
  66. if not exist .\update\updater-script (set filenul=1)
  67. if "%filenul%" == "1" (
  68. rd /s /q .\update > nul 2>&1
  69. echo.回传文件失败,使用备用方法处理。。
  70. %bin%\adb pull %tt% .\update >nul 2>&1)
  71. %bin%\adb shell rm -rf %tt% >nul 2>&1
  72. %bin%\adb shell "%busybox% pkill -9 busybox" >nul 2>&1
  73. %bin%\adb shell rm -rf %busybox% >nul 2>&1
  74. if not exist .\update\updater-script goto erro1
  75. certutil -hashfile %bin%\script|find /i "1fa914cc45908d9e0808160300ef3f2e8a82c33f" >nul 2>&1||goto erro1
  76. md %t1%
  77. md %t2%
  78. copy %bin%\script %t1%\update-binary /y >nul 2>&1
  79. move .\update\updater-script %t1%\updater-script >nul 2>&1
  80. move .\update\metadata %t2%\metadata >nul 2>&1
  81. if not exist .\update\system.img goto erro1
  82. for %%a in (".\update\system.img") do (if %%~za equ 0 goto erro1)
  83. echo.
  84. echo.正在整理文件以及打包、签名中。。。
  85. (echo 机器信息:
  86. echo CPU:%cpu%
  87. echo 机器型号:%model%
  88. echo 软件版本:%ver%)>.\update\info.txt
  89. echo 分区信息:%partinfo% >>.\update\info.txt
  90. (echo.
  91. echo.
  92. echo 此固件由"一键制作卡刷固件/线刷包"工具自动生成
  93. echo 工具制作:暴风骤雨  QQ:334238313
  94. echo 反馈请加QQ群:878756654
  95. echo 更多可浏览:http://www.kaixindianshi.com)>>.\update\info.txt
  96. cd .\update
  97. .%bin%\7za a -tzip ..\update.zip -r * >nul 2>&1
  98. cd ..
  99. rd /S /Q .\update >nul 2>&1
  100. if not exist .\update.zip goto erro1
  101. certutil -hashfile %bin%\signapk.jar|find /i "0a6dc7f65c52537d8f552c608c586d650d829cfb" >nul 2>&1||goto erro1
  102. certutil -hashfile %bin%\testkey.pk8|find /i "92de052cb804dea75f9815a66d7d3f6f911cdb63" >nul 2>&1||goto erro1
  103. certutil -hashfile %bin%\testkey.x509.pem|find /i "ef543a467d830d9975ccf0d569a7841c8b5df988" >nul 2>&1||goto erro1
  104. java -Xmx2048m -Xms2048m -Xmn512m -jar %bin%\signapk.jar -w %bin%\testkey.x509.pem %bin%\testkey.pk8 .\update.zip .\%model%_%cpu%_update.zip >nul 2>&1
  105. del /f /q .\update.zip >nul 2>&1
  106. if not exist .\%model%_%cpu%_update.zip goto erro1
  107. echo.
  108. echo.恭喜,固件制作成功!   ^^_^^   ^^_^^
  109. echo.
  110. echo.已生成%model%_%cpu%_update.zip
  111. echo.
  112. echo.具体信息查看固件包内的info.txt
  113. echo.
  114. echo.%model%|findstr /i "6109 6110 Q21 Q22 860" >nul &&echo.此机型固件也许需要作者的专用工具刷入!
  115. echo.
  116. echo.反馈交流可加QQ群:878756654
  117. echo.
  118. echo.全部工作完成,程序正在退出。。
  119. %bin%\adb kill-server >nul 2>&1
  120. ping 127.1 -n 10 >nul
  121. exit
  122. :erro
  123. cls
  124. color 0a
  125. echo.  
  126. echo.-------------------------------------------------------
  127. echo.  
  128. echo.哦噢!
  129. echo.  
  130. echo.连接不上盒子或者已连上但没有adb root权限
  131. echo.  
  132. echo.排除后再试。。
  133. echo.
  134. echo.
  135. echo.
  136. echo.
  137. echo.准备罢工退出。。。
  138. echo.  
  139. echo.
  140. %bin%\adb kill-server >nul 2>&1
  141. ping 127.1 -n 8 >nul
  142. exit
  143. :erro1
  144. rd /S /Q .\update >nul 2>&1
  145. del /f /q .\*update.zip >nul 2>&1
  146. cls
  147. color 0a
  148. echo.
  149. echo.不要修改及更换%bin%内任何文件!
  150. echo.
  151. echo.检查解压路径是否有空格或特殊字符
  152. echo.
  153. echo.
  154. echo.也可能盒子系统没有所需的必要组件
  155. echo.
  156. echo.或许是电脑原因等各种因数固件制作失败!
  157. echo.
  158. echo.如果有安装360请先卸载重启电脑再试!
  159. echo.
  160. echo.
  161. echo.
  162. echo.按任意键退出。。。
  163. pause >nul
  164. exit
  165. :java
  166. cls
  167. color 0a
  168. echo.
  169. echo.
  170. echo.
  171. echo.检测不到系统有已正确安装配置的JAVA
  172. echo.
  173. echo.
  174. echo.
  175. echo.
  176. echo.按任意键退出。。。
  177. pause >nul
  178. exit
  179. :recovery
  180. cls
  181. echo.
  182. echo.体验版没有相应功能或者无法对目标处理!
  183. echo.
  184. echo.完整版也许有相应功能。。。
  185. echo.
  186. echo.
  187. echo.
  188. echo.按任意键退出。。。
  189. pause >nul
  190. exit
  191. :erro2
  192. cls
  193. echo.
  194. echo.
  195. echo.输入或拖入的什么呢
  196. echo.
  197. echo.仅支持拖入晶晨的IMG包或输入正确IP
  198. echo.
  199. echo.
  200. echo.
  201. ping 127.1 -n 8 >nul
  202. exit
复制代码

作者: eflys666    时间: 2023-8-25 18:09

回复 6# yakeyun
非常感谢大佬,用的哪个解密出来的呢
4楼那个试了不行
作者: Batcher    时间: 2023-8-25 23:05

回复 1# eflys666


试试这个可以吗
http://bbs.bathome.net/thread-64805-1-1.html
作者: yakeyun    时间: 2023-8-26 09:44

回复 7# eflys666


就是用的“BatchEncryption DeCoder”软件解密的,需要用这个软件多跑几遍,类似于穷举。具体加密方式因为数据量比较大,暂时无法拷贝出来,数据多了只要拷贝就会卡死。
作者: 77七    时间: 2023-8-26 09:55

BatchEncryption - 批处理加密程序
4楼秒解密。

是不是没把文件名修改为一致的?




欢迎光临 批处理之家 (http://bbs.bathome.net/) Powered by Discuz! 7.2