first commit

Author: kmahyyg

.gitignore

@@ -0,0 +1,79 @@
+# Created by .ignore support plugin (hsz.mobi)
+### Java template
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+### JetBrains template
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and WebStorm
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/**/dictionaries
+.idea/**/shelf
+
+# Sensitive or high-churn files
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+.idea/**/dbnavigator.xml
+
+# Gradle
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# CMake
+cmake-build-debug/
+cmake-build-release/
+
+# Mongo Explorer plugin
+.idea/**/mongoSettings.xml
+
+# File-based project format
+*.iws
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+# Editor-based Rest Client
+.idea/httpRequests
+

.idea/artifacts/decipher_mremoteng_jar.xml

@@ -0,0 +1,4 @@
+#!/bin/sh
+
+cd out/artifacts/decipher_mremoteng_jar
+zip -d decipher_mremoteng.jar 'META-INF/.SF' 'META-INF/.RSA' 'META-INF/*SF'

.idea/description.html

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" inherit-compiler-output="true">
+    <exclude-output />
+    <content url="file://$MODULE_DIR$">
+      <sourceFolder url="file://$MODULE_DIR$/src" isTestSource="false" />
+      <excludePattern pattern="*.SF" />
+      <excludePattern pattern="&amp;.DSA" />
+      <excludePattern pattern="*.RSA" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" name="org.bouncycastle:bcprov-jdk15on:1.61" level="project" />
+    <orderEntry type="library" name="commons-codec:commons-codec:1.9" level="project" />
+  </component>
+</module>

.idea/encodings.xml

@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Main-Class: xyz.kmahyyg.htb_mr3m.Main
+

.idea/misc.xml

@@ -0,0 +1,102 @@
+package xyz.kmahyyg.htb_mr3m;
+
+//
+// htb_mr3m_decoder
+// Copyright (C) 2019  kmahyyg
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+import org.apache.commons.codec.binary.Base64;
+import org.bouncycastle.crypto.InvalidCipherTextException;
+import org.bouncycastle.crypto.generators.*;
+import org.bouncycastle.crypto.params.*;
+import org.bouncycastle.crypto.engines.*;
+import org.bouncycastle.crypto.modes.*;
+
+import java.nio.charset.Charset;
+import java.util.Arrays;
+
+public class Main {
+
+    private static int KeyBitSize = 128;
+    private static int SaltBitSize = 128;
+    private static int NonceBitSize = 128;
+
+    private static int MacBitSize = 128;
+    private static int KeyDerivationIters = 1000;
+    private static int Pkcs5S2KeyBitSize = 256;
+
+    private static String DefaultPassword = "mR3m";
+
+    public static void main(String[] args) {
+        String encrypted_b64 = "";
+        String decrypt_password = "";
+        try {
+            encrypted_b64 = args[0];
+            System.out.println("User Input: " + encrypted_b64);
+        }
+        catch (Exception e){
+            e.printStackTrace();
+            System.out.println("Encrypted string not found. Exit.");
+            System.out.println("Usage: htb_mr3m.jar <Base64-Encoded AES-128-GCM String Here> [Password user defined]");
+            System.exit(1);
+        }
+        try {
+            decrypt_password = args[1];
+        } catch (ArrayIndexOutOfBoundsException e){
+            decrypt_password = DefaultPassword;
+            System.out.println("Use default password for cracking...");
+        }
+
+        byte[] encrypted = Base64.decodeBase64(encrypted_b64);
+        byte[] b_salt = Arrays.copyOfRange(encrypted, 0,16);
+        byte[] b_associatedText = Arrays.copyOfRange(encrypted, 0,16);
+        byte[] b_nonce = Arrays.copyOfRange(encrypted,16,32);
+        byte[] b_ciphertext = Arrays.copyOfRange(encrypted,32, encrypted.length);
+
+        byte[] b_password = dvKeyGen(decrypt_password, b_salt);
+        byte[] b_decrypted = decryptAEADgcm(b_password, b_nonce, b_ciphertext, b_associatedText);
+
+        String sfPlain = "";
+        sfPlain = new String(b_decrypted, Charset.forName("UTF-8"));
+        System.out.println("Decrypted Output: " + sfPlain);
+    }
+
+    public static byte[] dvKeyGen(String password, byte[] salt){
+        byte[] b_pwd = password.getBytes(Charset.forName("UTF-8"));
+        // PBKDF2-SHA1-HMAC
+        PKCS5S2ParametersGenerator pbkdf2gen = new PKCS5S2ParametersGenerator();
+        pbkdf2gen.init(b_pwd, salt, KeyDerivationIters);
+        byte[] derivedKey = ((KeyParameter) pbkdf2gen.generateDerivedMacParameters(Pkcs5S2KeyBitSize)).getKey();
+        return derivedKey;
+    }
+
+    public static byte[] decryptAEADgcm(byte[] password, byte[] nonce, byte[] cipherText, byte[]associatedText){
+        KeyParameter pwdparam = new KeyParameter(password);
+        AEADParameters aeadpm = new AEADParameters(pwdparam, MacBitSize, nonce, associatedText);
+        GCMBlockCipher gcmcipher = new GCMBlockCipher(new AESEngine());
+        gcmcipher.init(false, aeadpm);
+        byte[] plainBytes = new byte[gcmcipher.getOutputSize(cipherText.length)];
+        int retLen = gcmcipher.processBytes(cipherText, 0, cipherText.length, plainBytes,0);
+        try {
+            gcmcipher.doFinal(plainBytes, retLen);
+        } catch (InvalidCipherTextException e) {
+            e.printStackTrace();
+            System.out.println("\n Error Occured While Trying to Decrypt the AES-128-GCM. \n");
+            System.exit(2);
+        }
+        return plainBytes;
+    }
+}