JA3特征修改
JA3指纹识别工具,可以在censys里面找对应指纹的C2
git clone https://2867a0.github.io//salesforce/jarm.git
cd jarm
pip3 install -r requirements.txt
python3 jarm.py IP/DOMAIN -p 443
services.jarm.fingerprint: xxx
解密sleeve里面的dll文件
找到密钥
解密,解密后的文件存放在cs45Resource\Decode\sleeve文件夹内
javac -encoding UTF-8 -classpath cs_2867a0.jar CrackSleeve.java
java -classpath cs_2867a0.jar;./ CrackSleeve decode
# 加密
java -classpath cs_2867a0.jar;./ CrackSleeve encode f38eb3d1a335b252b58bc2acde81b542