如何解密这个批处理文件？

SomethingDark 指出，它使用字典和替换。第一本词典很清楚：

@set "ÃXº=hcdiypSAm3lsUu@BKGPzT82rOWaYkN75oDfCXj4egMvFqE1bwVR6It HJLQx09nZ"

使用它我们可以解密下一行：

@set "LÃs«=HURylCvOw0urEXko 73@f6jYFL9WpJPQxi5c4eMBVaK2DnSbt1gTsNmhGzdqAI8Z"

在实际有效负载开始之前，这样继续进行 18 行。

为了好玩，我编写了一个小型 Perl 解码器脚本：

use strict;
my $dicts;
open my $ifh, '<', 'input.txt' or die $!;
for my $line ( <$ifh> ) {
    #### resolve variables from known dictionaries
    for my $var ( keys %$dicts ) {
        my $dict = $dicts->{ $var };
        while ( $line=~s/%$var:~(\d+),1%/substr($dict, $1, 1)/e ) { }     
    }
    #### all remaining variables are undefined and can be removed
    $line=~s/%[^%]+%//g;
    #### if the line contains '@set ...' it's a dictionary, store it
    if ( $line=~/\@set "([^=]+)=([^"]+)"/ ) {
        $dicts->{ $1 } = $2;
    } else {
        print $line;
    }
}

这是输出 - 似乎与 Minecraft 有关。

@echo off

netsh winsock reset catalog >nul 2>&1
netsh int tcp set heuristics disabled >nul 2>&1
netsh int tcp set global initialRto=2000 >nul 2>&1
netsh int tcp set global autotuninglevel=normal >nul 2>&1
netsh int tcp set global rsc=disabled >nul 2>&1
netsh int tcp set global chimney=disabled >nul 2>&1
netsh int tcp set global dca=enabled >nul 2>&1
netsh int tcp set global netdma=enabled >nul 2>&1
netsh int tcp set global ecncapability=enabled >nul 2>&1
netsh int tcp set global timestamps=disabled >nul 2>&1
netsh int tcp set global nonsackrttresiliency=disabled >nul 2>&1
netsh int tcp set global rss=enabled >nul 2>&1
netsh int tcp set global MaxSynRetransmissions=2 >nul 2>&1
netsh int tcp set global congestionprovider=ctcp
netsh int tcp set global timestamps=disabled
netsh int ip set global taskoffload=disabled
netsh interface isatap set state disabled   

powercfg -restoredefaultschemes
powershell Invoke-WebRequest "https://cdn.discordapp.com/attachments/855618953804382250/984863726526140426/4909-582e-4ae8-3a6a.pow" -OutFile "C:\Windows\Temp\4909-582e-4ae8-3a6a.pow"
cls
powercfg /d 44444444-4444-4444-4444-444444444449 >nul 2>&1 
powercfg -import "C:\Windows\Temp\4909-582e-4ae8-3a6a.pow" 44444444-4444-4444-4444-444444444449 >nul 2>&1 
powercfg -SETACTIVE "44444444-4444-4444-4444-444444444449" >nul 2>&1 
powercfg /changename 44444444-4444-4444-4444-444444444449 "Kotcka Tweaker (Maximo Desempenho)" "Plano de energia para aumentar o FPS, melhorar o ping e reduzir o inputlag." >nul 2>&1 

cd \.Salwyrr\
(echo ofFogType:3) >> optionsof.txt
(echo ofFogStart:0.6) >> optionsof.txt
(echo ofMipmapType:3) >> optionsof.txt
(echo ofOcclusionFancy:false) >> optionsof.txt) >> optionsof.txt
(echo ofSmoothFps:false) >> optionsof.txt) >> optionsof.txt
(echo ofSmoothWorld:false) >> optionsof.txt) >> optionsof.txt
(echo ofAoLevel:0.0) >> optionsof.txt
(echo ofClouds:3) >> optionsof.txt
(echo ofCloudsHeight:0.0) >> optionsof.txt
(echo ofTrees:1) >> optionsof.txt
(echo ofDroppedItems:1) >> optionsof.txt
(echo ofRain:3) >> optionsof.txt
(echo ofAnimatedWater:0) >> optionsof.txt
(echo ofAnimatedLava:0) >> optionsof.txt
(echo ofAnimatedFire:true) >> optionsof.txt
(echo ofAnimatedPortal:true) >> optionsof.txt
(echo ofAnimatedRedstone:true) >> optionsof.txt
(echo ofAnimatedExplosion:true) >> optionsof.txt
(echo ofAnimatedFlame:true) >> optionsof.txt
(echo ofAnimatedSmoke:true) >> optionsof.txt
(echo ofVoidParticles:true) >> optionsof.txt
(echo ofWaterParticles:true) >> optionsof.txt
(echo ofPortalParticles:true) >> optionsof.txt
(echo ofPotionParticles:true) >> optionsof.txt
(echo ofFireworkParticles:true) >> optionsof.txt
(echo ofDrippingWaterLava:true) >> optionsof.txt
(echo ofAnimatedTerrain:true) >> optionsof.txt
(echo ofAnimatedTextures:true) >> optionsof.txt
(echo ofRainSplash:true) >> optionsof.txt
(echo ofLagometer:false) >> optionsof.txt) >> optionsof.txt
(echo ofShowFps:false) >> optionsof.txt) >> optionsof.txt
(echo ofAutoSaveTicks:4000) >> optionsof.txt
(echo ofBetterGrass:3) >> optionsof.txt
(echo ofConnectedTextures:1) >> optionsof.txt
(echo ofWeather:true) >> optionsof.txt
(echo ofSky:false) >> optionsof.txt) >> optionsof.txt
(echo ofStars:true) >> optionsof.txt
(echo ofSunMoon:false) >> optionsof.txt
(echo ofVignette:1) >> optionsof.txt
(echo ofChunkUpdates:1) >> optionsof.txt
(echo ofChunkUpdatesDynamic:false) >> optionsof.txt
(echo ofTime:1) >> optionsof.txt
(echo ofClearWater:false) >> optionsof.txt
(echo ofAaLevel:0) >> optionsof.txt
(echo ofAfLevel:1) >> optionsof.txt
(echo ofPr(echo ofiler:false) >> optionsof.txt
(echo ofBetterSnow:false) >> optionsof.txt
(echo ofSwampColors:false) >> optionsof.txt
(echo ofRandomEntities:false) >> optionsof.txt
(echo ofSmoothBiomes:false) >> optionsof.txt
(echo ofCustomFonts:false) >> optionsof.txt
(echo ofCustomColors:false) >> optionsof.txt
(echo ofCustomItems:false) >> optionsof.txt
(echo ofCustomSky:false) >> optionsof.txt
(echo ofShowCapes:true) >> optionsof.txt
(echo ofNaturalTextures:false) >> optionsof.txt
(echo ofEmissiveTextures:false) >> optionsof.txt
(echo ofLazyChunkLoading:false) >> optionsof.txt
(echo ofRenderRegions:true) >> optionsof.txt
(echo ofSmartAnimations:false) >> optionsof.txt
(echo ofDynamicFov:true) >> optionsof.txt
(echo ofAlternateBlocks:true) >> optionsof.txt
(echo ofDynamicLights:3) >> optionsof.txt
(echo ofScreenshotSize:1) >> optionsof.txt
(echo ofCustomEntityModels:false) >> optionsof.txt
(echo ofCustomGuis:false) >> optionsof.txt
(echo ofShowGlErrors:true) >> optionsof.txt
(echo ofFullscreenMode:Default) >> optionsof.txt
(echo ofFastMath:true) >> optionsof.txt
(echo ofFastRender:false) >> optionsof.txt
(echo ofTranslucentBlocks:1) >> optionsof.txt
(echo key_of.key.zoom:29) >> optionsof.txt

兄弟，Kotcka Tweaker 在 Stackoverflow 上泄露了？？？