Godzilla traffic decoder Godzilla Decoder 是一个用于 哥斯拉Godzilla 加密流量分析的辅助脚本。

Related tags

Networkinggodzilla_decoder
Overview

Godzilla Decoder

简介

Godzilla Decoder 是一个用于 哥斯拉Godzilla 加密流量分析的辅助脚本。

Godzilla Decoder 基于 mitmproxy,是mitmproxyaddon脚本。

目前支持 哥斯拉3.0.3 PhpDynamicPayload的三种加密器:

  • PHP_XOR_BASE64
  • PHP_EVAL_XOR_BASE64
  • PHP_EVAL_RAW

运行环境

  • python 3.7 及以上
  • mitmproxy 5.1.1 及以上

用法

  1. 首先,启动mitmweb并加载godzilla_decoder.py脚本
usage:
  mitmweb -s godzilla_decoder.py [-p 9090] [--set pas=SHELL_PASS] [--set key=SHELL_KEY] [--set charset=gb2312]
  optional arguments:
    --set help              show this help message and exit
    -p PORT, --listen-port PORT
                            mitmproxy listening port, default: 8080
    --set pas=SHELL_PASS    shell password, default: pass
    --set key=SHELL_KEY     shell key, default: key
    --set charset=gb2312    shell charset, default: utf-8
examples:
  mitmweb -s godzilla_decoder.py
  mitmweb -s godzilla_decoder.py -p 9090 --set pas=test --set key=shell_key --set charset=gb2312

image-20210822000900377

  1. 哥斯拉中设置shell代理为mitmproxy服务器监听地址和端口

image-20210822001006874

  1. 操作哥斯拉过程中,控制台实时输出解密后的请求数据和响应数据

image-20210822001433710

image-20210822001800886

image-20210822002109141

Owner
He Ruiliang
He Ruiliang
GitHub Repository
Monitoring plugin to check network interfaces with Icinga, Nagios and other compatible monitoring solutions

check_network_interface - Monitor network interfaces This is a monitoring plugin for Icinga, Nagios and other compatible monitoring solutions to check

DinoTools 3 Nov 15, 2022
Automatically block traffic on Cloudflare's side based on Nginx Log parsing.

AutoRL This is a PoC of automatically block traffic on Cloudflare's side based on Nginx Log parsing. It will evaluate Nginx access.log and find potent

Nova Kwok 62 Dec 28, 2022
Nexum is an open-source, remote administration tool written in Python 3

A full-featured remote administration tool written in Python 3. The goal of this project is to make the use of a remote administration tool as simple

z3phyrus 2 Nov 26, 2021
BaseSpec is a system that performs a comparative analysis of baseband implementation and the specifications of cellular networks.

BaseSpec is a system that performs a comparative analysis of baseband implementation and the specifications of cellular networks. The key intuition of BaseSpec is that a message decoder in baseband s

SysSec Lab 35 Dec 06, 2022
Pesquise, filtre e obtenha informações sobre animes. ( Módulo PIP )

Pesquise, filtre e obtenha informações sobre animes. ( Módulo PIP )

AimCaffe 3 Jan 30, 2022
The OUCH Project - OUCH Server/Client

This software simulates OUCH Server/Client communication through a script which initialises a central server and another script which simulates clients connecting to the server.

Jahin Z. 2 Dec 10, 2022
Simple client for the Sirah Matisse Commander TCP server.

Simple client for the Sirah Matisse Commander TCP server.

Nelson Darkwah Oppong 1 Nov 02, 2021
Connects to databases or sftp server based on configured environmental variables.

Myconnections Connects to Oracle databases or sftp servers depending on configured environmental variables. VERY IMPORTANT: VPN must exist. Installati

0 Jan 02, 2022
D-dos attack GUI tool written in python using tkinter module

ddos D-dos attack GUI tool written in python using tkinter module #to use this tool on android, do the following on termux. *. apt update *. apt upgra

6 Feb 05, 2022
This program ingests a Cisco "sh ip arp" as a text file and produces the list of vendors seen in the file

IP-ARP-Vendor_lookup This program ingests a Cisco "sh ip arp" as a text file and produces the list of vendors seen in the file Why? Answers the questi

Stew Alexander 1 Dec 24, 2022
DEMO SOCKET AF INET SSL PYTHON

DEMO_SOCKET_AF_INET_SSL_PYTHON Python demo of socket family as AF_INET using TCP with SSL. Compatibility : macOS & GNU/Linux Network Topology style :

Enola 1 Jan 24, 2022
The Delegate Network: An Interactive Voice Response Delegative Democracy Implementation of Liquid Democracy

The Delegate Network Overview The delegate network is a completely transparent, easy-to-use and understand version of what is sometimes called liquid

James Bowery 2 Feb 25, 2022
Event-driven networking engine written in Python.

Twisted For information on changes in this release, see the NEWS file. What is this? Twisted is an event-based framework for internet applications, su

Twisted Matrix Labs 4.9k Jan 08, 2023
Enrich IP addresses with metadata and security IoC

Stratosphere IP enrich Get an IP address and enrich it with metadata and IoC You need API keys for VirusTotal and PassiveTotal (RiskIQ) How to use fro

Stratosphere IPS 10 Sep 25, 2022
Simple threaded Python Rickroll server. Listens on port 23 by default.

Terminal Rickroll Simple threaded Python Rickroll server. Listens on port 23 by default. Rickroll video made using Video-To-Ascii and the standard ric

AG 10 Sep 13, 2022
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.

Description Killing features Perform a large-scale scans using Nmap! Allows you to use Masscan to scan targets and execute Nmap on detected ports with

377 Jan 03, 2023
Typhon is a macOS specific payload aimed at targetting Jamf managed devices.

Typhon is a macOS specific payload aimed at targetting Jamf managed devices. This payload can be used to manipulate macOS devices into communicating with a Mythic instance, which acts as a Jamf serve

Mythic Agents 29 Dec 23, 2022
A Python script that alerts via SMS when a stock is reaching an inflection point

TradeAlert Not sure what this will ultimately become, but for now, its a Python script that alerts via SMS when a stock is reaching an inflection poin

3 Feb 22, 2022
Python code that get the name and ip address of a computer/laptop

IP Address This is a python code that provides the name and the internet protocol address of the computer. You need to install socket pip install sock

CODE 2 Feb 21, 2022
GitHub action for sspanel automatically checks in to get free traffic quota

SSPanel_Checkin This is a dish chicken script for automatic check-in of sspanel for GitHub action, It is only applicable when there is no verification

FeedCatWithFish 7 Apr 28, 2022