This is an update for my tool to perform XOR known plaintext attacks: xor-kpa.py.
The tool has been updated for Python 3, and 3 new plaintext have been added, all for Cobalt Strike configurations.
cs-key is the header of the configuration entry for the public key.
cs-key-dot is the header of the configuration entry for the public key XORed with value 0x2E (a dot).
cs-key-i is the header of the configuration entry for the public key XORed with value 0x69 (letter i).
xor-kpa_V0_0_6.zip (http)
MD5: 4BA5EDEAEF6C8D528227607E78A2A797
SHA256: F7BE170D09E8B8A5B4127F64EC66FFF69EFD3EFA3B4EAC0304B39905A75CDE2A
No comments yet.