文档更新

README.md

@@ -48,6 +48,7 @@ source: 简单的命令行远程注入源码。
 #### 问题讨论   
 个人常用的方法，请参考https://github.com/ttttupup/wxhelper/wiki    
 使用上的问题，可查询https://github.com/ttttupup/wxhelper/discussions    
+数据库解密，请参考https://github.com/ttttupup/wxhelper/wiki      
  
 
 

python/decrpty.py

@@ -1,51 +0,0 @@
-import ctypes
-import hashlib
-import hmac
-
-# pip install pycryptodome
-from Crypto.Cipher import AES
-
-
-def decrypt(password, input_file, out_file):
-    password = bytes.fromhex(password.replace(' ', ''))
-    with open(input_file, 'rb') as (f):
-        blist = f.read()
-    print(len(blist))
-    salt = blist[:16]
-    key = hashlib.pbkdf2_hmac('sha1', password, salt, DEFAULT_ITER, KEY_SIZE)
-    first = blist[16:DEFAULT_PAGESIZE]
-    mac_salt = bytes([x ^ 58 for x in salt])
-    mac_key = hashlib.pbkdf2_hmac('sha1', key, mac_salt, 2, KEY_SIZE)
-    hash_mac = hmac.new(mac_key, digestmod='sha1')
-    hash_mac.update(first[:-32])
-    hash_mac.update(bytes(ctypes.c_int(1)))
-    if hash_mac.digest() == first[-32:-12]:
-        print('decrypt success')
-    else:
-        print('password error')
-        return
-    blist = [blist[i:i + DEFAULT_PAGESIZE] for i in range(DEFAULT_PAGESIZE, len(blist), DEFAULT_PAGESIZE)]
-    with open(out_file, 'wb') as (f):
-        f.write(SQLITE_FILE_HEADER)
-        t = AES.new(key, AES.MODE_CBC, first[-48:-32])
-        f.write(t.decrypt(first[:-48]))
-        f.write(first[-48:])
-        for i in blist:
-            t = AES.new(key, AES.MODE_CBC, i[-48:-32])
-            f.write(t.decrypt(i[:-48]))
-            f.write(i[-48:])
-
-
-def main():
-    password = '565735E30E474DA09250CB5AA047E3940FFA1C6F767C4263B13ABB512933DA49'
-    input_file = 'C:/var/Applet.db'
-    out_file = 'c:/var/out/Applet.db'
-    decrypt(password, input_file, out_file)
-
-
-if __name__ == '__main__':
-    SQLITE_FILE_HEADER = bytes('SQLite format 3', encoding='ASCII') + bytes(1)
-    KEY_SIZE = 32
-    DEFAULT_PAGESIZE = 4096
-    DEFAULT_ITER = 64000
-    main()