Skip to content
/ SimExp_Cracker Public

Python Script for 科大奥锐 , which could upload / decrypt SimExp Content with only few lines.

License

MIT license
9 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

MuelNova/SimExp_Cracker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pwn.py
pwn.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

SimExp_Cracker

一个简洁的科大奥锐的虚拟仿真实验上传 / 解密的Python脚本

仅用于研究算法,任何个人不应该使用此脚本进行包括但不限于篡改自己或他人成绩;对网站进行大量数据写入;对网站进行木马注入等一切违规违法行为

任何因违反上述准则而产生的纠纷或经济利益损失,一切责任由使用者承担

使用此脚本默认您已同意上面的内容

Installation

run the command below:

git clone https://github.com/Nova-Noir/SimExp_Cracker.git
cd SimExp_Cracker
python -m pip install -r requirements.txt

Usage

After Cloning, you should first edit pwn.py, change the value of URL at the Line 15 to your own SimExp_URL

Note: no '/' needed at the end of the URL

Encrypt

SimExp Cracker can encrypt your own *.xml file into the API-recognizableContent using Experiment.encrypt.

It takes a byte-like value as its argument

with open('path_to_the_xml_file.xml', 'rb') as f:
    c = f.read()
    content = Experiment.encrypt(c)
    print(content)

Decrypt

SimExp Cracker can decrypt the Content using Experiment.decrypt

In order to get the Content, you need first capture the packet posted to /ServiceAPI/UpdateRecord

To do so, while the Packet Capture Software is running, you could click submit button (recommended) or click close button and then find the data in your Packet Capture Software.

You can also getUserIDLabIDRecordIDFileName and LabName in this packet, which would be useful when you upload.

encrypted_content = 'encrypted_content_here'
with open('path_to_decrypted_xml.xml', 'w') as f:
    f.write(Experiment.decrypt(encrypted_content))

Upload

SimExp Cracker can upload the file to the server using Experiment.upload

r = Experiment('UserID', LabID, 'LabName', RecordID, 'FileName')
c = Experiment.encrypt(content)
r.upload(c)

Content

SimExp Cracker can get your experiments content using Experiment.gen_content

with open('Content.html', 'w') as f:
        cookie = {
            "ASP.NET_SessionId": "%YOUR_COOKIE_HERE%"
        }
        # Method 1
        f.write(Experiment.get_content(r"Upload\\LabDate\\%LABNAME%\\%FILE_NAME%.xml",
                                       # make sure the url string has tag r, otherwise you gotta use "\\\\" instead.
                                       cookie))

        # Method 2
        r = Experiment('UserID', LabID, 'LabName', RecordID, 'FileName')
        f.write(r.gen_content(cookie))

How it works?

I'll write a full blog on my own blog.

A simple reverse. Removed some noise and then got the source. Write the exploit then. Too easy to write a blog, so just a quick talk here.

About

Python Script for 科大奥锐 , which could upload / decrypt SimExp Content with only few lines.

Resources

Readme

License

MIT license
Activity

Stars

9 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages