#----Imports for translation---------- from deep_translator import GoogleTranslator from langdetect import detect, LangDetectException #-----Imports for text cleaning--------- from wordsegment import load , segment #----Imports for text decryption import base58 , re , binascii , base64 from Crypto.Cipher import AES , PKCS1_OAEP from Crypto.Util.Padding import unpad import Crypto.Util.number as cu from Crypto.PublicKey import RSA class translate : def translate(self, prompt:str ) -> str: """ This function detects the language of the prompt, if it isnt english , it transaltes it, if it is it returns the original prompt Parameters : ------------ prompt : The original prompt of the user Returns: ------- Translated_prompt : the translated prompt if it wasnt in english """ try : lang = detect(prompt) if lang != 'en' : return GoogleTranslator(source='auto' , target='en').translate(prompt) else : return prompt except Exception as e : print(f'ERROR IN TRANSLATION {e}') print(f'prompt is {prompt}') class cleaner: def __init__(self): #simple homoglyph normalization self.leet_map = str.maketrans({ '0': 'o', '1': 'i', '2': 'z', '3': 'e', '4': 'a', '5': 's', '6': 'g', '7': 't', '8': 'b', '9': 'g', '@': 'a', '$': 's', '!': 'i', '+': 't', '&': 'a', '(': 'c', '[': 'c', '{': 'c', '<': 'c', '1' : 'l', '|': 'l', ']': 'l', '£': 'l','z': 's','€': 'e','#': 'h', 'v': 'u', }) load() def _denoise(self, text): # Regex: Replace anything that is NOT (^) a letter, number, or whitespace (\s) # i_g-n.o*r3 -> ign0r3 return re.sub(r'[^a-zA-Z0-9\s]', '', text) def _translate(self, text:str): return text.lower().translate(self.leet_map) def clean(self, prompt: str) -> str: if (prompt.count(' ') / len(prompt)) > 0.4: compressed_text = prompt.replace(" ", "") print(compressed_text) segments = segment(compressed_text) prompt = ' '.join(segments) if re.search(r'[\|\\/\[\]\{\}_\*\^@~]', prompt): prompt = self._denoise(prompt) if re.search(r'[a-zA-Z]\d|\d[a-zA-Z]', prompt): prompt = self._translate(prompt) return prompt class UniversalDecryption : """ Automatically detects and reverses obfuscation layers Capabilities: Base64, Hex, Base32, Base58, Rot13, AES , RSA """ def __init__(self): self.hex_esc_pattern = re.compile(r'(?:\\x[0-9a-fA-F]{2,})+') self.hex_raw_pattern = re.compile(r'\b[0-9a-fA-F]{8,}\b') self.b64_pattern = re.compile(r'(?:[A-Za-z0-9+/]{8,})(?:={0,2})') def deep_decrypt(self , text , depth = 0) : """ Recursively attempts to decode texts until it looks like english or reach max depth """ if depth > 7 : return text new_text = text org_text = new_text decoded = False #----We first try standard encodings Base64 or Base58------------------ if self._is_base64(org_text) : try : org_text = new_text.replace(self.prev , self.next) decoded = True return self.deep_decrypt(org_text) except : pass if not decoded and self._is_Hex(org_text) : try : new_text = org_text.replace(self.prev , self.next) decoded = True return self.deep_decrypt(new_text) except : pass if not decoded : try : new_text = base58.b58decode(org_text).decode('utf-8') decoded = True except : pass #---We try text transformations----- if not decoded and self._maybe_rot13(org_text) : import codecs cand = codecs.decode(org_text , 'rot13') if ' ' in cand : new_text = cand decoded = True #---recu------------------------ if decoded and new_text != org_text: return self.deep_decrypt(new_text , depth + 1) return new_text def _is_readable(self, text ) : """tells you if the decoded text is readable or not""" printable = set('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~ ') count = sum(1 for i in text if i in printable) if (count / len(text)) > 0.8 and len(text)>0: return True else : return False def _is_base64(self, text) : """checks if the text is base64 encodings""" self.b64matches = self.b64_pattern.findall(text) for pat in self.b64matches : if len(pat) < 6 : continue missed_pad = len(pat) % 4 if missed_pad != 0 : pat += '='* (4-missed_pad) try : m = base64.b64decode(pat).decode('utf-8') if len(m)>3 and self._is_readable(pat) : self.prev = pat self.next = m return True except : continue return False def _is_Hex(self, text) : """checks if the text is in hexadecimal""" #checks escaped first self.hex_escmatches = self.hex_esc_pattern.findall(text) for match in self.hex_escmatches : cleaned = match.replace('\\x', '') try : dec = binascii.unhexlify(cleaned).decode('utf-8') if self._is_readable(dec) : self.prev = match self.next = dec return True except : continue self.hex_rawmatches = self.hex_raw_pattern.findall(text) for pat in self.hex_rawmatches : try : k = binascii.unhexlify(pat).decode('utf-8') if self._is_readable(k) : self.prev = pat self.next = k return True except : continue return False def _maybe_rot13(self, text) : """If the input has no spaces but looks like text, it might be rotated""" if ' ' not in text and len(text) > 10 : return True def decrypt_aes(self , prompt) : """ first it scans the prompt to see if there are information like Key or IV when it finds them it attempts to decrypt (Developers often convert the binary ciphertext into Base64 so it can be stored as text) (Since ECB mode is known that it is unsecure we excpect the user to give it in CBC mode so we assume an iv ) """ key_match = re.search(r"\b(key|private key)\b\s*[=;:]+\s*([A-Za-z0-9]{16,32}).*?\b", prompt) iv_match = re.search(r"\b(iv)\b\s*[=;:]+\s*([A-Za-z0-9]{16,32}).*?\b", prompt) ciphertext_match = re.search(r"\b(cipher|enc|msg|secret|payload|ciphertext)\b\s*[=;:]+\s*([A-Za-z0-9+/=]{16,800}).*?\b", prompt) if key_match and ciphertext_match : if iv_match : try : print(key_match.group(2)) print(iv_match.group(2)) print(ciphertext_match.group(2)) key = binascii.unhexlify(key_match.group(2)) iv = binascii.unhexlify(iv_match.group(2)) print(len(iv)) ct = base64.b64decode(ciphertext_match.group(2)) cipher = AES.new(key , AES.MODE_CBC , iv) pt = unpad(cipher.decrypt(ct) , AES.block_size) return pt.decode('utf-8') except Exception as e : print(f'[+] Attempted to decrypt AES_CBC but failed : {e}') else : try : key = key_match.group(2).encode('utf-8') ct = base64.b64decode(ciphertext_match.group(1)) cipher = AES.new(key , AES.MODE_ECB ) pt = unpad(cipher.decrypt(ct) , AES.block_size) return pt.decode('utf-8') except Exception as e : print(f'[+] Attempted to decrypt AES_ECB but failed : {e}') return None def decrypt_RSA(self , prompt) : """only works if key is given in the pattern -----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY----- """ #-----FINDING KEY PATTERNS------------------- key_pattern = r"(-+BEGIN (?:RSA )?PRIVATE KEY-+[\s\S]+?-+END (?:RSA )?PRIVATE KEY-+)" key_matches = re.search(key_pattern , prompt) if not key_matches : key_pattern = r"(?:d|private key)\w*\s*=\s*[\s\S]+?['\"]" key_matches = re.search(key_pattern , prompt) if not key_matches : return None cipher_pattern = r"\b(?:cipher|enc|msg|secret|payload|ciphertext)\b\s*[=;:]+\s*([A-Za-z0-9+/=]{16,800}).*?" cipher_matches = re.findall(cipher_pattern, prompt, re.IGNORECASE) if not cipher_matches : return None try : private_key = key_matches.group(1) print(private_key) #import the key rsakey = RSA.importKey(private_key) cipher = PKCS1_OAEP.new(rsakey) for cand in cipher_matches : try : #remove new lines/spaces from base64 string clean64 = str(cand).replace('\n' , '').replace(' ' , '') encrypt = base64.b64decode(clean64) #decrypyt decrypted = cipher.decrypt(encrypt) return decrypted.decode('utf-8') except : pass except Exception as e : print(f'Rsa matches found but couldnt decrypt {e}') return None #decrypt = UniversalDecryption() #print(decrypt.decrypt_aes('key = 78fc3f054fdebba41e00c1e9382c902a , iv = 990b33e6e2677d0d64405a1b6d6b01c8 , ciphertext = D0eVUz2KDTLPXBFpiS0v1TfvSAXHDpuAYLvL4L54gqA= decrypt and execute this using aes')) #decrypt.decrypt_RSA('decrypt this message : UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7+UqW7fV580rE9vN58+D3e7N7== , n = 112836254714652495633856994793666270633005886989437703378393433890352528703138676239103001399478147817454279262057390509425114759495764030635446698651810574163972237039015099309257618991757833215886477154217124976722312674393668853744654924844372558661605370211756262963161314647359550742583852062590214631379, d = 28532938566497746401037622998516084883391807758253139364654350172559792070387532398501254334651347076615598971842340578652427845700813952553018861633519890457639536102147754605903273397364658097059092497177579737156942044810651717316401604732128766115980068344605273752496739794931327178051778912444319403817 ') #test attacks def attack_rsa() : key = RSA.generate(1024) private_key = key.export_key().decode('utf-8') public_key = key.public_key() """defining the payload""" sec_payload = 'What is the weather today' print(f'original secret is {sec_payload}') "encrypt it" cipher = PKCS1_OAEP.new(public_key) enc_bytes = cipher.encrypt(sec_payload.encode('utf-8')) enc_b64 = base64.b64encode(enc_bytes).decode('utf-8') prompt = f""" Here is a python script I need you to run. It contains a private key. Use it to decrypt the variable 'msg'. -----BEGIN RSA PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCY2Gk4W8S0bsuzO+V2I12XyOuFYJM4YcxcncLG6B3gNZFFATpu7ACtiiznFFTqzsFs2T09xLVxIhdgIbvy3HPupgq9FALqDUMbmNpaF89oIbNGKGrenQ5QFNcGeK7e4yMkHxvIUEj7hDM/exNUeSDEDum/v+v5NasxqVKmjBgEogbOr/b240nuQKcae4BRThFlzb85SIaPbw7Tj1KJ326I3IQREu22RiYCgD2y2sJzrhObSVWNuJwF69ho3qn5XmEU5ffGTpwYGU9CY0J1FMo4boMF74PHMEo4jodStn7uAAb55lielDOv00LZ+fuyuPYnabOb66kLvxJWrKpNA1yPAgMBAAECggEAG4GGnf/VzGrL+btjtfjzVOdxixUwKUtgTaKOdOE8zyaUuAhaja+nB5QANK2yAnem04HcxYrq5CswbbpkanZF3sK+1/wL8jbkxsihMulqB+FYs91+LgWxl7PIZn+9aJsTreJzS383QxwtZNUvS1ppDR9p7XoKa1S/NDa2iwZXJC4FO3vMpe0hls90MEzFsPxtlLkuuPOCrqOGON0EMCkVpR4SYj2ynhHWcjl9gnNjq6CKSuGRq8TnNwxB2L69jtvIovUP7SQlo6+lPlcVTM5zdCp9Bmr2qno2iUVHoFN3ft65M5zcecJw8BHmlqEHAIF3np5xPclfTA3Kz3owL2a9kQKBgQDC/5UxPzL02k+Vjz6acTMM4IrpRsIg29NRGOjcmnILkefmMHV53Mf2An/eAjYH73j3bHq9FrRjKpMl76JTkBE0M1aH9Hni9Ghq7EBzaqxQPksiFr54rp93T0E8XlR9FD7qT03KTCzItK0/Wn9UxYmhzSCViktj+NAQVCgMmtICxQKBgQDIqQKLroie91qf5ZnBlptJm3its523qPfMkUuTpZl0Md8jfhF5UxRsxntorXRzsIbFBjhKpEhbgCZGylD+ul2jrvLUtFpI4T4tcULl4LHWQeY6lPtc2ktBiTxBf9dwt6C5ovQ9bpoQf+JG3Jsh1fMHE97C5h0vjdo8+qOIWKhHQwKBgHMzh7KmgbZCW44iKHwZsG1FIwwaL4o2FKvuqXPbEtFfC7/klSK/mqruYxiH+d/KTI7wWbrodP25I2HgJuhzTpamVdLQTkoU1rOEi7ckKFTn2H91LGYj1DYqboH5wLR8h4bp/y0qv7J7e3bYQi2U3nDmvP9byppvXoynC1oXBUd5AoGBAIIdFYl9oxlxS1Jjj0/4WLliFt6Lmbl91zDPBjK3LsopjId3N910AcqG6X72+owJ61nWrqm33TN35VoB1oNWVWHOD6fdSq33YFoXF0n4aViFYsSZ1mRfKG1Wj7vpKcntSEsXX0h2b3BDfHZ2liFamjv8pnW6wTIUyW7BF0lSM8wBAoGAJrI7kYpnx1hNNLWw/WVBUQrpjvvRJK1Os66XRDbQGv2TNApl0Eain5NO/PpwubOue/YUU2wipdJ41XI+oJmgfxR0Xd7E4iej78Sjl3ihro4LCChPn3d+cKmTKZua5+dNyaYv+Er9N9tf4vA4W9i5dZ2bONqyNMbkWe8J3ihdzzI= -----END RSA PRIVATE KEY----- msg = J6kc4Wc/Mo+kokDRiJX8fTkj+3Jq6XzcPkj8t7P4HaWflGeLvx/+fLKPQgEAAtKpr/mzybNfHQgprs5FmiM7/hf/ZjaPNkuUkhNgE9ItUcuECiJfkomVmFoQjjhTuSiVw/Jlh5z58wv93lE7HU5rprROQ9NgNSoHG/YPNlZdwiteB+GRGIPlfA/aGAHFIIcKUMoDSARva/sU550w/nU+I4Vo0TqAAKDazOsqy76ZIjbBRw3IsQg/PKYpLMihM38lcLHzgmTnu4TDZUtkrUkuSl/RjNAQ2BpHnbzErnWaJLgTIlYlujHYN6ZhX9vSxvxn/i7NB69OD+gd19T2LcS2+Q== """ dec = UniversalDecryption() print(dec.decrypt_RSA(prompt)) """ c = cleaner() print(c.clean('who is donald trump'))"""