我如何去混淆这个 shell 脚本?

How can I deobfuscate this shell script?

我想将字符串更改为可读代码。

RDvmKMlDaaEXvrStCapvxerwITPSGCQymhhHBYgCylKANDKbhhkiiroGZvYuMlrCfEsJTTSfxDDFhhKKmOUdgocLkrWvRmLDuCzO="aXjurNdzTpvHTHVIEpkPqSZRaaNPbyJkFVHTYeignvUlajCYgALkQCEeVXVVzqjBiYUshDhWdMrwyZjgcViMLqvJXOvKWOdnYBZC";UWqSDMcrUYrYqxwZEbFeLRJfpOgwolmQEiFOyTOZAAiIkLNbfSkJdVLASIrporcMaffGfGMXRIifIDonSvcxAJrSFVDYZJUcuuCF="ENkegCJlJGBbjSWDeIbEpQZYOZIDqhNNedyFOehHToiMdZCgTlNhqCmGVKBRMaDZyxPXdctVyGUwCnUlQzLuyKGFjltLHxzBXDdG";ejiPLqystXNxYtUgGUmifXgEBYDJuuvbdfkHJJFoStvuChXvMFPqwxLhcfsfObdJvRzhfdvBxNuxxIWawIlKujAQemmYvaDEpZMA="ch";XtLyKRugMhglPWkrgtmVhoeFDScpBizKGTsUXbkwqWSPzRxunbECMzbMoFDXQhEwAmfoBGPqnBvBOmftaIespvqiMivZriNyjJPp="4";VZUMFCfJjLQThCqKatXyIFZYSAqBNaDtYUQCzPeGGsIaEUQsNzzLajQNNDlKxJAnMIexNlKUfXJBHlnjzwyiVNVwFNlNCUpeejdq="";uZPOPJKOjzyjFGukvbEtnKBjgmmyzffdyzpTGWzvvgzvdQAItImoTGRwCSqbaGFtCihauMWeChhYlBrVlKuVXuAndDMoDYIWEAKS="vxLODJOyHmTxkDVByipAyDKkHbZSLpbyABByIfUNFtKsLexCbGJxbCsWWfRanqRokaVcJaBNLVUecNtjUVSVQeHQYEbonmsfXoZm";ervmMcrZUygMcRSkJOEziALhPJEyPaPxmtpmNgwZOHRuTwnWUJXXHRpTMDAYqMFJRNxbmKOiWrXATPeSbSpnDRZTbXGnjOgWdjra=" ==gIKVXZml1cNFEdBV1cvp1YTF1YBJUQXhXYlJHVZN0a21UTXlFUnpFc2FUcJZHcsJVSClXTNBldkR0RzBnapx2SuREW5hESuhkU4JlUZlUWU9kQWBlWkJGcRxmWaxmSzJHa0NnRvRCbhZ0RvZ3RENFe1B3dhx2T3VHR5BHdZ10callRmd2VxlkUVF3Vth0VHNlRYh0a09kZjNWamZ2TRV1QDlVeVl0VuJVZK1EUi12Qtd1ZZdkUiJURaRXQYJ2cTBHe3h3Vr1WTt9kWkYESRJ0USpkWRV1QDRUQ6hFWHBlQUlkWapVWEdlRC9kUUBVUMJVRB9ERSp0RQZ1UJZleJlVSNl0UJdUQRRlQNpEVEF1QKVFVQJlePp1VUdUQQF0TLB1QKlVVWdkVWp3VIN0QQpHJlhmaW5WTypWUHxERJtEdZ5WeK5WaTdGS3p2bMRWVuFWTUR1dVh3RXhHaUdkdBh1UNZ3UH50auBnePFXVadmRvxUSqZEVpNHdZFmR5V1ZFpHR4xUdNFWRjB1cth3csdGcKRnTURiIgwWY2V2OpICUHhGaq5EaatmbKBHeh90Z0xEUxVWZa1EZhFkbjp2cCRlaGZnaIJ1a1xUVvJWR3lFUSx0b2BFeTdXVPhkZhdFeQ50dt5GdlF3VNVnTR9kbJFXctF1aX1mWjZHUNd0cUFXaEtESkE2TZd2aMFVTOpnUYNXaNFHZndlSttGdVlWWn5GVPdVRvtkRJpkYhlGVuBlcmNGVLRnZshVRyp1ZFlmZIdVStxGaVFnZQJ0ZphkU6R2bllVRGJlVYJkcGhXSWRHbFh2UjlmdiREJopVZkpkcxB3QEBVToZnYWZmdvN2ZDRkYPdkYQlmZyl1aOR0dp1GaitUbi1Wekl1TRpGV0lVYrhmQkZkVOhleTVlUEVkW2p0b25GayVHezl0ZKpnc3tGeVtkbOxEUwREUNFlbLRiS1VmZZNXTBRXQVN3baN2URNWQCF0V4FWZyRVWDtmdN10VZB1ZaBndBFXS2BHbSlkQ51UTQZHZEd0cwpWastkbEhVeIhkbIJFeSJVWJlFVPJkVQpFZiBXUsplWsp0cyhGdzZ0bkY3aGlkQLpWUTNmRiplcpNUcIlVTWRlcVJHRqBHbwh1YR5UcmBnY5RXVhBXTWtkWt12b6F3aMZlQatmWTtEUDNFTmNXeZVmeRZnYsZFT5V0bM50RTJ0ZP5UZVZGVUREVnl0ckpEJiJWcXZmet1EUzF1YTF1akZUahNUUTZEb4dVV3NmcPdGRsR0U29UbUVXTql3VBhVTix2RHJmQDdmdxdmS3JUYolnbDpWVOVXZnp2an9maMRneypXQmZ1TMJVYqpEdGVnUUhUVhRSYF9mVHRnSHpFdPNVcpFEUmJVV2J1cYFERC90SOhmRKNkZ0xEeCNmU2Z2Yrh3UQZXeQpmW1l3SXVWaGdVQLpXart2TkFFWi5GTSl2UTN1QHpmZlFFViJERBZWYr9EcMV0QDJUZkA1RohmaOhmWr5mSwhXYPdGdMBVclVmWNRWYB52YqNnQUpmR2pGSStWdMV1biV0dZBlUM9mdQh3U3V1TIZWYXhHUOdXbuRXZxdVT15UUP5WSxFXbRt2Vtp1Y2BVTHNHVxlGRLhEJWJWc4N1TFJ0Qt5GRYhXQQtmbOlkeV10Z0NmQqVHSIpkT1lXbstEdTpHSkRGdll3YYB1Qx1URDJFZOlVUWh1asJXQUtEekVUVtlHb1hXWoBHbRp2aUhFbWpWTTt2TIFXWCNXYYRCbhZ0RvZ3RENFe1B3dhx2T3VHR5BHdZ10callRmd2VxlkUVF3Vth0VHNlRYh0a09kZjNWamZ2TRV1QDlVeVl0VuJVZK1EUi12Qtd1ZZdkUiJURaRXQYJ2cTBHe3h3Vr1WTt9kWkgWZXFlZFNFdBB1VM1Edpl3ZRp1R0plVzRXYrJ1bpBFaTB3YmdFe0JkV0tkbEFGTJZUYTFGSQlUTw1UdpZmeTdGb1ZFbNpEZTRWdk10cUpVRudHaNpETJlVeapnQztkbjdkYllHJiJWcXZmet1EUzF1YTF1akZUahNUUTZEb4dVV3NmcPdGRsR0U29UbUVXTql3VBhVTix2RHJmQDdmdxdmS3JUYolnbDpWVOVXZnp2an9maMRneypXQmZ1TMJVYqpEdGVnUUhUVhRCUoN1QqNFUaFFRqlWR2JmcLJkZLF0TvFmVw5mV1RUZilWbmVFSrNlTWtUTiBFTNpkeVF1VDV0SFZVcz52Ss1GTUZmU2RVeZdWRipEcLJWZ2dVcO5memF2TvxEW1hnSsN2cXtmRkg0Z3JkUDBnUMFFasBVbJpGROJ2ZLRnV6p3dOl2YOJUYxZ1TlVVbL9EWlZ2QoF2YSpUcIRGdYtWWuV2UyR0Y2Z1aXdVT4hUcRNEWs5kU1ZHR6hUWXd1UTdEWwFXYYpFSaV3ZydFJKVXZml1cNFEdBV1cvp1YTF1YBJUQXhXYlJHVZN0a21UTXlFUnpFc2FUcJZHcsJVSClXTNBldkR0RzBnapx2SuREW5hESuhkU4JlUZlUWU9kQWBlWkJGcRxmWaxmSzJHa0NnRvRiYYtkWkRUQKxUdSRWb1h1bzRGZFZ0aKh2Qa9GTMlXZBdUbnd2VGd0RHVWe5N1ZNVVbSZ0U2l3QYRXbjhmSOJnb29kTp5mRzVVeNZXTzVVSCBFdzR3bRtme0RkTzZ3dhFEaadlekImYxdlZ61WTQNXUjNVUrRmRpF2QRNlRsh3VVd3Yy90ZExGRTZ3TtRVdNpWeXFEWNJGbHdkYCN0Z2F3ZKdnQhhWeuNkaV5Udldmard2bqxEd6JneBZmVPxkUhpmS0ZUdSRFSVFGJsFmRH9mdHR0U4VHc3FGbPdXdElHc0lVTzpVWGZ2ZXFXSSVVcX1GSXd0UGhFSrR3TmN2YpZmZPFVVDNUW5VVSX5mUlpUTQJWbD12Vnl1RSJmQFpFdBhlYzNFc4dHeXtWbN12TaRiIgwWY2VGKk0jRIFlQTJlSaFVVDNERBpHWYdEUCRVSaplWZR0VGJ0TSRFURxkUFF0TEJlSHBlVTlkV6lUWJ1USTl0RBFFVC1kSURUUDpUVUBlU69kWXR1RBBVQPtEUDpUWVZ1RWZleXh0QDBle7IiI9A1RohmaOhmWr5mSwhXYPdGdMBVclVmWNRWYB52YqNnQUpmR2pGSStWdMV1biV0dZBlUM9mdQh3U3V1TIZWYXhHUOdXbuRXZxdVT15UUP5WSxFXbRt2Vtp1Y2BVTHNHVxlGRLh0OzRWR9gHV7ICfgYnI9gWZXFlZFNFdBB1VM1Edpl3ZRp1R0plVzRXYrJ1bpBFaTB3YmdFe0JkV0tkbEFGTJZUYTFGSQlUTw1UdpZmeTdGb1ZFbNpEZTRWdk10cUpVRudHaNpETJlVeapnQztkbjdkYll3OiUmI9ImYxdlZ61WTQNXUjNVUrRmRpF2QRNlRsh3VVd3Yy90ZExGRTZ3TtRVdNpWeXFEWNJGbHdkYCN0Z2F3ZKdnQhhWeuNkaV5Udldmard2bqxEd6JneBZmVPxkUhpmS0ZUdSRFSVF2OiImI9YlYxh3UPVkQD1mbEhFeBB1au5US6VVTnR3YCpWdIhkSOVXetx2S0NleIRGZ0VWejhFUDFXTFNkUk5UWRZFWrxmcBR1S4RWRV1WesVHeZhGcsFlarRFWsZlaNN1aPhUcZJ0chh1OiISPlhmaW5WTypWUHxERJtEdZ5WeK5WaTdGS3p2bMRWVuFWTUR1dVh3RXhHaUdkdBh1UNZ3UH50auBnePFXVadmRvxUSqZEVpNHdZFmR5V1ZFpHR4xUdNFWRjB1cth3csdGcKRnTUtjIZN1VKt2SodkUo1GcSZHcZxGdplUWsJXaYdUZHxGcGh2QrpEZkJUWrVUWPRVYGpEUERnTRFXWEVWcNRVVQVmRTpkezhnbK5kZ2lnQ3VHbzFHVTRWQFN1SYFlTHF0cmdGZrRWQxJSPhl0a21marV2co1WWjRHdl5GTVZXYPZ0YIFEcitmQhV2czxUQ6JWTSpFaUJGTjF3TL92QjFXY1pXTLVXYEpneXVXdYxWRiJVerJmZOtGTiRmQIdEdMN0SB5GTi9UTq5mSSx0S5tjIk1CIi0TYPl1ZrxUUN5keSh1cp1Uckd2VK12a0VVaZdmbU90VF92SGlkSiFWaU5GUyZ2YUtEdmxGWFJnWnVUamh0VJ1GboVVcmBlQnlGSSpHZvVWWFZkUWhlQyZEeJZFdsVEaTNWa2JGR7ISWYJ1ZDlnYtlndipne29We2pUVUtWREVlcXVlcpJkUmNmQsdWYipGVKxUUhxGSHRUavBHTXZFTON0RSJWZnhkbId0cHV1aTZnWDdVYWd3SPNWdUd0caJlRJpHdphnWUZFWy9Uai0Te2l2TWBna1ZVQ6JkaXhkWEVUZEBneSZ0Rjx2S3pmelhnTWJ2UqBleGZnaKJ2bLFmbKdFaspGcwlUb2JnU0h2aRpUW4pFWGFWaM9GVPRFd6p2dKp0bi5UYDJVd1p1Y1F2ZZJVT7IiNi0jdrZUSCtkaRN1YGJmWyl2QxhUWNZFVyVlcEpGcsBHWjFlTxZGcilHdVFGcNZ1Sa1WbvpXcrxkVCp1aaN1SQN0UMZ2c5lVZ6FldixmVMlXRvxkTHNlQn9kTlVlZURFRUdWSzRmS7Iybi0DSndnQSNEcSxUUoxGUtlkaE5kYntEdWpne35Uaj5kQhFnVPVWVtt0TYVmZDhWYjJlSxhEZ0h1aZ5WZTJHRjZnVrd1VNhHSxF1QYxmTSVndEpHSZd1VTN1RYBXchhlWIpVdnJ3V7IiQoB3crdlaNl0VFdWRlF0VFNWZmZmUBR2UOp2YZ5GUiF1b4pEZjllYQREcm9GShlmRRJ1UFhUZtVlZBl1aZdEWt5ETQBHWRpHaDBVRhZ3VWJ3Q5JmbXFnU6VFc652ShJEeENkbi0zZldUe3d3Yyp1Yid3TBRGayNmV4BnR6BFSGlGRl92YCdnc25kVuVnRxNXbBBHVkFFbqFXTF5USOdVdn1mTWR1SsZWQTVmVk1UcJFFTEpldYlGbjJUYnNUVTRkTHVUTUdHZ6F3Y7ISbyxWb41kYyhXa1NleEZkcC1kR1tGWCJmeYJmezxmV3FGS5BXZHF1bp9kUC9mUtZUQ6xkdRV1UYFVYqpXbIR0bZZFcTZ3Q3hGRnlVUERlQKp0UYRmQtdld4h0RBpFUCJ2br1WQi0TbEpEekNWVBtWcB9EWOt2axZnRKBXS2tkalJHaOtGaXNFVqRkWQh1QRhXakFndJxER3dWUrJkSG1EWspldKd0ZuVVbuVFSUR1Y1FVYrpnZwtkRZhlZNRHV4VleI10Vnl2VLl2Q7IychJSPhV0bWdEdKdkW090UxlWQQZmUVZnUzhVQEJ0TL5EaGp0QmRHT4J0YSZnZjtGeTBld5BlaaVXeLdVZpZ0VBtkept2aPRWUYJmbMJVaTN1UDdkamVWUUJmQEFkZht2TwxURDNkQltjIi0DbhZ0RvZ3RENFe1B3dhx2T3VHR5BHdZ10callRmd2VxlkUVF3Vth0VHNlRYh0a09kZjNWamZ2TRV1QDlVeVl0VuJVZK1EUi12Qtd1ZZdkUiJURaRXQYJ2cTBHe3h3Vr1WTt9kW7IyQvVEd31EcX1UdqlkVyRVbtRWaLpkQBNGTYlFSndFaot2VoR2d3hleMt2arlnbMZ1ayV1QTJncI1me5RXZWFXb3p3c3Jkam5Ean9UWa1GaohkRRVVbO9ERDlUdwtWauZFVoh1Ri0jQoVHaKZmQZdXaUdUciBXeZhneSJHaDp0co5kT5JWakNlavFWd0VGchl1YwRGUvNER1Z2QCpnY4pGe5pmcKFlWHhEaqh2Qwh1QvBlVsBFSUJFZTlGe5pnalBVW6N0dUpWd2l3S7IicgwHIJNjV6NWa5kWYXRjdZ1mR6FWQwdHUTp0YNRUT6dleJVzT6ZEdJdGcoB1UKNWTE1keXpXT39keGRXSnBHdQNlSj1ERNp3V61EePpnR0l0Zw9GUTp0YNRUT6dleNl3T6ZEdJdGcyB1UKNWTE1keXpXT69keGRXSnBXaQNlSj1ERNp3V61EMPpnR0l0ZwpGUTp0YNRUT6dleNFzT6ZEdJdGc3RGVwkGWEFkeNFzc65kazhnYTl0SjRUR5kEb3dXT65kYNp3Y300Vwk2QtBDeQNlSj1ERNp3V61ENPpnR0l0ZwdXTqBTaYRUQ61UMzp3TUNHeiNVSLF2RrlTSsd3dNpnTi5ERBdTTXBTaD52b5kEbnRHVyUDbJd2bnllM4xWWYl0SadlTvJWeBlmSIRncmNVQnRDcXVFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VRRDcXFFNwdVU0A3VYl0ZwxWWygmdJNUSrVmM0lTSDRUaspVRnpES0dXTuFTViJTOzNWeBtWZzIUMmZlWsNmbOBXSGJUeadVMwR2VwcmSIR3dN5WMLl1VSBXSFZ0aidFb1l0QBdmSIRncmV2SWt2UJtkWX50bilXQppES0JnZTF0Z0A3VSl0QSdzYEpUOSJjR1R2RrdmVY5Ebj1WNoJ2VVdmUHZUdJZkQoN2MkZ3YtF1alNTQ5Z2UC9UZXV0ZJNUQrVmM0lDNwdlUJdGcsllMoZXSDl0alJDd5k0QElGbaV0ZKhEd31kbxsUYXRHaJVEZoFWeCVVWYV1ZKhEdvZmVWpnWYl0ZKlmQRlFWOpXSHVTNZNVQnl0QBdmSIRncmV2SWt2UJtkWX50bilXQppES0JnZTF0Z0A3VSl0QSdzYEpUOR1Gb6l1UC1UWXVjbjNjV1pVeCVkYzQWdidUOop1QCVEZXhXMJB1QmtWWmdnb1cESJNkU3E2MzkGbaVUaD1mVqF2R4cWSpJ1NhNDMnl0TLZVb1tkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SWt2TLZ1aPtkVr90SW52UJtkWX50bidHcsllMoZ3QtZlahdEOLp1VO9mY5FUaKhEd31kbxcjSIR3bmRVQ4pES0dXTuFTOJNkU3k1MxUkYzQWdidUOop1QCZ1YyYVeKxmQoN2MNdGVuxGaJdGcsllMoZXSDl0alNTQ5ZGWztWZygWONRUSrV2MBlnZYBzZKhEdqZWV4ZnWywWdJZkU2JmM4pXSFVTNZNVSLp1VO9mY5FUaKhEd31kbxcjSIR3bmRVQ3pES0dXTuFTOJNkU3IGWxYUZHxGMJdGcsllMoZ3QtZlahdEOnlUaSdzYEpUOJd2bLNkbKxWWXF1ZMhVQnlEbzJHWWJkSUVEbJlERvdWSpJUeD1GbtlkRzdmSIl0ZQNVQ310UCRWSIhHOJZ0cnpESJdGUTFEeJZEM3Q2RoxmYnBneidkVsN2QBh3QtZlahdEOnlUaSdzYEpUOXlnU3EGSzkWaK92alNTQ5ZmVwsWZyoUOVJjVrl1V14WSFFDbidlSxEmMFdWUupkdkNjTsNWaJt0YygHbahVQn1UUwxWWygmdJNUSrV2MBlnZWN3alJDa5QzbpFmSIR3dN5WMkpES0lmZW5EcidkRvFmMGVXSFpUMhJTRnFlbKZHZz4Ebj1WN1k1UJt0YygHbahVQn1UUwxWWygmdD5mUsNWbxETZDFjdjdkV1xEWWlnYDFUahhkUwMGSNZDT5lTahhVU1JGSrZXTrVTWlpGaVR2UJt0YygHbahVQn1UUwpXYDJkMNlWN6FWQvtkWXhHcalmQil0QSlXSEBzZNRUSnh1UChjZDJkYJNkU5lERwcWTpJEZPNjUvp1V0s0Yyc2ZkpWT1NmMnt0QtZ1chdVWndVeBt2YpFUOJRUQ3lkRwcmZId3ZXlXQrNWaBlTSEF0ZYRFdwE2RWV3Qu50cadlV3lERFtkWX50bilXQppES0lmZTJUVhdkR1F2MNd2VXlTMJNEcmtUaJtkWYhGckF0bLp1V4pnWTF0SadlTvJ2dwxWWygmdJNUSrVmMolTSDF0ZJNUQnl0QBdmZpJ0KJNERpxWS3tWZzEEemV2SJF3USdTYINTaspUQrVmM0lzSDJ1Nih1MpxmNNtWZzEEemZFOrVmMxkDNwVWaKhEdyZ2UrtWZygWO0A3UNpES0dXTYNTapt0arVmMolDNwNVUJNkQrkES0k2QtZlahdEOnlUaBdWSDF0ZJNUQnl0QSdzYIFjYKhEd0Z2UFtWZzIUOYNlU3IGWwc2YHx2chdFaoJWaCpXWXhHahNUQrV2MClzV5J1NihFMopES0dnZWBzalJDd5k0ZwxWWygmdD5mTzp1VWdXSEV0SjJzZnRmaJV3Yyc2Sa12a9AiI9AFaTNkaTBlWRRkapVkdiJ3SCZ2SB90bhZFcuZVdEVmYp1mZVh0aT5kVL1kYQxUTKpXVRd1QFtURWF3cutEbtxEVmJldUlXWnVkYKB3SiVmdXFnTupnZh90bMhVd4pEbjN3VrZ0Oiw0UHhUdO5mSYtmaIZXWlFkQsFlSBB3VSl0aYZERHFHW5ZXcWt0SJtEeCJVQCNmV1hFZnhETkNmYGVWVthEdpFURItGUTNlRBN0cWR0cIFXcnJlaU9EaZhkWPlVYoR1d3ZHUpFkI9kVUSp1b3pHdNVFeQF1TH5UVDpUW4F0cLNGev9kQsdFRiZ2dYNVVLlHbUB3Z4dWctZmWUh3Ux5mbQVUTVV2QnlUU3ZHV3FnZmJmeJZFVvh1cLJUdZJXdMNHd3hXbVF3ZHxGR0x2OiISPKVXZml1cNFEdBV1cvp1YTF1YBJUQXhXYlJHVZN0a21UTXlFUnpFc2FUcJZHcsJVSClXTNBldkR0RzBnapx2SuREW5hESuhkU4JlUZlUWU9kQWBlWkJGcRxmWaxmSzJHa0NnRvtjI0ISPopVZkpkcxB3QEBVToZnYWZmdvN2ZDRkYPdkYQlmZyl1aOR0dp1GaitUbi1Wekl1TRpGV0lVYrhmQkZkVOhleTVlUEVkW2p0b25GayVHezl0ZKpnc3tGeVtkbOxEUwREUNFlbLtjIoNmI9IGWLpFZEFkSMVnUk1WdY92ckRWRGtmSoNkWvxET5VWQH12ZndlRHd0RllXeTdWTV1mUGNld5NEW012YopkTy5mdP5UauZ0cVlXT210cVlkQQR3c09WUrpHdE50c2dXYBhmWXp3OiEVdsZ0T5ZHdTdVdnhleYd0SLNmU2tGWJ50YWhXYWdFcXF3YEZkZKp2Q0xERjhWdE1EdQtkVwhnWGlmWap0YM9kbxF1aRJXZhRVdLFGew9kSGN1UjZHT4V3RJd3RDFVSOxkSXdlI9kHZjdHWE9GSJFld6FEUiJ0QSdXRVlmeClleytkbmVnRqZ0YDhXcKZmWz12URdmRCZGShpGSRRFbKpnWuFUesdUYkRHRnhWckpEdQN1aV1kQNZHWG1WaWxkUQNVRvBFZO5UVlV0Oio3dkRWeXhkcYpnTjx2VrpEeC12Rwd1Qv9EUW1mUop1alVne2hUQDBVSxNleC9WURl2aDJEdrJVTItUThZVaRxGUDFma6ZmVuNmZ4JnaUh2cNtmRp5UVUF2aDhGaaNVcDRnVRFlI98EaxNXZqplRMxGZDtWb0VWbVl0csVXbGZFeZllaTlVYBdHetN1cWVESaNkR0J0RYl1QYhVTCtmS2hkeSF2ZDp3dYpkQHFXcuZXVpN3T1pHdFl1aBJFZPhHe0FGSzJ1aHlmZSpmCy9GdjVGdvJHUoNXYC9yauNWZrFGdhh2Lt92YuIWdoRXan9yL6MHc0RHagoDIiVHa0l2RjoAZuV3bG9Fdv5EegknQgQWZ0F2YzVnZi90IKg2chJ2LulmYvEyI | r";otXyxKWEXcLWUalMFNNxKWWicmVvELQuFIaqdHThCPQRgOLvRgwwlFcIhlsaMeMXMSdouNuILedDnFUaFGjiwaMjhfHAcddUZEIK="VBpNgqlXUtgjuGpBJIxkKboHXNkypRgwZDLRlHFRlKOGArmcbPaMucHZcXDvkfngGQmvTPZaTvIXJnvVUyIMqgPbQEZAsmRSzUTU";hUcrxfccxzkiCFDXGKzlUdeYGRHTfuRWimutzYFXHBcKfQoZivVozBTDaFbKcqShsbnCfEdWtbZMHHxVTUYavRMfQoVyIMzyKEWM="";NNFZHbNBaxHQfEMzEVPKXibcpmeWgdtFKWfeYOSRMNVKLpiyGzxgwqodFKItNqRRMVmQrfjLWrhrDrDvGjwOPjrPrhmLcpHummNT="as";pRZkjmdkVrmjtsbaSGkSxHNFioKLhEetaLCIhPsWLdaUtvBMEUnkElMuspfwzaayizdRVGlQjEQmScVLchlfHMZUQzruPqnNtLkE="jxGbMyhxfIWnwJleymVyxpVcljPvduTWkrqwWTWzwiocJTCDtMrVjtFvTvoalfRhTrMtOFkmeuyiOJmFPEoYEyFrvhkiowDFNmFm";nTmofsNdRUwvMPLtbOXcHxdLmPPiaFcRXGrxKNECwiqgKsaNVvzFwObUDzXWDxEwocQjJrCgjpoVBGIFNcREePXDqYByiHOkfvOo="QXLpOMkwhJMHbeOYyZResUmlMBOIooZueZGnAdviasPJPPRmDCNVcCoaKPhauoCzMnFviFGxVOObAyfMYDebOMMyeAigQAftoOjT";vnPEKFFYIIqVjVcOruoNBVfssVDsqjyuqiimDrkmHLJwDvtxmiGfCmFJRPOeRtTbnhllAqsNZvbSqwnVBUZGSBqsrXtFDqOoZQNp="o";IYVIfpjLXeQNOtMPnUuyXLrdLIIDOFiRtUdYhoNdvLrEnqGuuvsulHHjGqjgvbYblRphRmZDhSdeEjTSBNwjgeZzDfBNOMtRcugl="6";tPmbuyHGuoMFpqQmsDVLsnIbgfFLXebnbcNrrNXVEICOCsZxLAuKBUEEGRiavKDNxqcYurqiRDLNMzlsXvleoFULSFbHnYMRXjmF="CJhNiDgMFipfFyBBzPxSIRaBLSspUfruEtkpKdqwavPyBIkWmuWIXfIWBgXvYcYujNydOcchdYivvddfCyjRgNxXtmnRiQptcpwV";pfKtsErsigpZnrimlanUwtcxufamyQwuRqrnVaLiVNGwspTJYTWPdAVePPmZgFFGAtqnVCFGbWnSIJHuKlfYurZWADEFtiAunRmS=" -d";sSOwfPMczgGfRKsTjbPKqjlINcJogahwqUNgcVwSKPprENwLtordItQtkPtMeJboHmALXWcPQRDidAQfdcISnOlihRHcpkcmQmHN="guixRFdUrJhlVuGkkGUldaOPTLXDhgCuXVBIwRSWecXpOaBJEPNiVISEzkYlFcrJkBGeRzwBIcRBLblleeemnvsGnjrSUVURCIBA";mLPzaWFYhvwrYMgQcRjFgSIMRAdDxgQPZbOORkGConfoOtjgPSpaTbCxjYEMWTSJESyoeoCnxYSsRDoxAymNCUmGMlWGVrSVnMsZ="";wPpaYvTKAJWRPgpFODYTcJGVwijZPukMpkNjeIZUKhXqeEECkzHPwPCRwpzHycNDoaKAAdqezNKjyVHdDUVHSsUEdeLuHkwhSJax="b";MlXgAKNipRUEqGFELXEWsbjjbkXuLPASEgTcHXxptccobGALsdnlGxWFelnwQIILAKIzzhhDmBddqsrlvhwjLcooqxcLWenbrtBw="e";tywSjFmQSdCkBaBkgRlioSwPiscQprLeqcXmEgoLyubhMrIYdAwADnaTARqLXHHnsQcwmkdNIaWcJPFErhjcRzWIyYrEFNltPfWi="v |";Tx=Eds;LhZpzYEGtuPsaSAamZYbDDvvrfQZXrMCbCLmgkLeVTwRZHiqBWgPmTNqgyDTLIEpMFqFPxPmxDXPWDgLldFOxfTjJIEwCukhHwie="";EWHIPIULTzHJITFZGMMZBQBLZDTHBCLzOXMFHzTKETHHBFORIJAWRKWEEVzAMJZJVSzQzLRPCCICAYIDJzSIOCNWMLDKFUSZBWEU=$(eval "$hUcrxfccxzkiCFDXGKzlUdeYGRHTfuRWimutzYFXHBcKfQoZivVozBTDaFbKcqShsbnCfEdWtbZMHHxVTUYavRMfQoVyIMzyKEWM$MlXgAKNipRUEqGFELXEWsbjjbkXuLPASEgTcHXxptccobGALsdnlGxWFelnwQIILAKIzzhhDmBddqsrlvhwjLcooqxcLWenbrtBw$ejiPLqystXNxYtUgGUmifXgEBYDJuuvbdfkHJJFoStvuChXvMFPqwxLhcfsfObdJvRzhfdvBxNuxxIWawIlKujAQemmYvaDEpZMA$VZUMFCfJjLQThCqKatXyIFZYSAqBNaDtYUQCzPeGGsIaEUQsNzzLajQNNDlKxJAnMIexNlKUfXJBHlnjzwyiVNVwFNlNCUpeejdq$vnPEKFFYIIqVjVcOruoNBVfssVDsqjyuqiimDrkmHLJwDvtxmiGfCmFJRPOeRtTbnhllAqsNZvbSqwnVBUZGSBqsrXtFDqOoZQNp$ervmMcrZUygMcRSkJOEziALhPJEyPaPxmtpmNgwZOHRuTwnWUJXXHRpTMDAYqMFJRNxbmKOiWrXATPeSbSpnDRZTbXGnjOgWdjra$MlXgAKNipRUEqGFELXEWsbjjbkXuLPASEgTcHXxptccobGALsdnlGxWFelnwQIILAKIzzhhDmBddqsrlvhwjLcooqxcLWenbrtBw$tywSjFmQSdCkBaBkgRlioSwPiscQprLeqcXmEgoLyubhMrIYdAwADnaTARqLXHHnsQcwmkdNIaWcJPFErhjcRzWIyYrEFNltPfWi$hUcrxfccxzkiCFDXGKzlUdeYGRHTfuRWimutzYFXHBcKfQoZivVozBTDaFbKcqShsbnCfEdWtbZMHHxVTUYavRMfQoVyIMzyKEWM$wPpaYvTKAJWRPgpFODYTcJGVwijZPukMpkNjeIZUKhXqeEECkzHPwPCRwpzHycNDoaKAAdqezNKjyVHdDUVHSsUEdeLuHkwhSJax$LhZpzYEGtuPsaSAamZYbDDvvrfQZXrMCbCLmgkLeVTwRZHiqBWgPmTNqgyDTLIEpMFqFPxPmxDXPWDgLldFOxfTjJIEwCukhHwie$NNFZHbNBaxHQfEMzEVPKXibcpmeWgdtFKWfeYOSRMNVKLpiyGzxgwqodFKItNqRRMVmQrfjLWrhrDrDvGjwOPjrPrhmLcpHummNT$MlXgAKNipRUEqGFELXEWsbjjbkXuLPASEgTcHXxptccobGALsdnlGxWFelnwQIILAKIzzhhDmBddqsrlvhwjLcooqxcLWenbrtBw$IYVIfpjLXeQNOtMPnUuyXLrdLIIDOFiRtUdYhoNdvLrEnqGuuvsulHHjGqjgvbYblRphRmZDhSdeEjTSBNwjgeZzDfBNOMtRcugl$VZUMFCfJjLQThCqKatXyIFZYSAqBNaDtYUQCzPeGGsIaEUQsNzzLajQNNDlKxJAnMIexNlKUfXJBHlnjzwyiVNVwFNlNCUpeejdq$XtLyKRugMhglPWkrgtmVhoeFDScpBizKGTsUXbkwqWSPzRxunbECMzbMoFDXQhEwAmfoBGPqnBvBOmftaIespvqiMivZriNyjJPp$pfKtsErsigpZnrimlanUwtcxufamyQwuRqrnVaLiVNGwspTJYTWPdAVePPmZgFFGAtqnVCFGbWnSIJHuKlfYurZWADEFtiAunRmS$LhZpzYEGtuPsaSAamZYbDDvvrfQZXrMCbCLmgkLeVTwRZHiqBWgPmTNqgyDTLIEpMFqFPxPmxDXPWDgLldFOxfTjJIEwCukhHwie");eval "$mLPzaWFYhvwrYMgQcRjFgSIMRAdDxgQPZbOORkGConfoOtjgPSpaTbCxjYEMWTSJESyoeoCnxYSsRDoxAymNCUmGMlWGVrSVnMsZ$EWHIPIULTzHJITFZGMMZBQBLZDTHBCLzOXMFHzTKETHHBFORIJAWRKWEEVzAMJZJVSzQzLRPCCICAYIDJzSIOCNWMLDKFUSZBWEU$hUcrxfccxzkiCFDXGKzlUdeYGRHTfuRWimutzYFXHBcKfQoZivVozBTDaFbKcqShsbnCfEdWtbZMHHxVTUYavRMfQoVyIMzyKEWM$VZUMFCfJjLQThCqKatXyIFZYSAqBNaDtYUQCzPeGGsIaEUQsNzzLajQNNDlKxJAnMIexNlKUfXJBHlnjzwyiVNVwFNlNCUpeejdq"

我尝试使用 base64 -dbash <( gpg -d ... ) arg1 arg2

我想从字符串中得到的输出代码应该是可读的。

base64 解码通过标准输入接受字符串

试试这个

echo $ENCODEDSTRING | base64 --decode

解码它给出这个值:

No printable characters found, try another source charset, or upload your data as a file for binary decoding.

您提供的数据未加密,它们被混淆。具体来说,它们构成了一个 shell 脚本,通过将变量名更改为随机字母的长字符串、用分号替换换行符以及在底层练习旨在掩盖意图的编程技术,该脚本变得非常难以阅读。提示是许多子字符串,例如 ="4";="";,它们是变量赋值的尾部,后跟分号分隔符。

您可以 运行 将代码放入文件中,然后 运行将该文件作为 bash 脚本

bash obfuscated.sh

但是,如果您不知道它的作用并且您不信任作者和/或提供给您的人,那么这是有风险的。

另一方面,如果您试图恢复与混淆版本相当的可读代码,那将是一项艰巨的任务。混淆通常是一种单向操作。如果您有知识和耐心,可以手动部分反转它,或者如果您碰巧拥有或能够编写合适的工具,则可以通过工具将其部分反转。但如果这很容易做到,那么混淆就没有意义了。

这是用 https://github.com/hatakecnk/BashProtector

进行了多层次混淆

第 3 级混淆

#usr/bin/bash
p="3[29;1m"
a="3[30;1m"
m="3[31;1m"
h="3[32;1m"
k="3[33;1m"
b="3[34;1m"
c="3[35;1m"
pu="3[36;1m"
p1="3[37;1m"
m1="3[38;1m"
p2="3[39;1m"
hi="3[40;1m"
z="X-One"
clear
echo "${k}  ╔══════════════════════════════════╗"
echo "${k}  ║ ${p2}Tools ${pu}Versi Premium ${p2}Jadi Admin   ${k}║"
echo "${k}  ║ ${p2}Ganti Username Dan Pasword${p2} Nya   ${k}║"
echo "${k}  ║ ${p2}Jika Gak Tau ${h}User & Pass nya     ${k}║"
echo "${k}  ║ ${p2}Bisa Langsung Download Dulu  ${k}║"
echo "${k}  ╚══════════════════════════════════╝"
echo
echo
echo
echo "${p2}{${h}01${p2}} ${c}Download User&Pass Nya"
echo "${p2}{${h}02${p2}} ${c}Login Tools Nya"
echo "${p2}{${h}00${p2}} ${m}Exit"
echo
echo "${p2}"

read -p "[+]PILIH : " r
if [ $r = 01 ] || [ $r = 1 ]; then
  sleep 1
  echo "${p2}[${h}√${p2}]${b}Sedang Membuka Browser"
  sleep 1
  echo "${p2}[${h}√${p2}]${b}Silahkan Buka Browsernya"
  sleep 1
  echo
  termux-open-url "https://sfile.mobi/downIoad/225843/22336/fa23affd3ddc2ee5f528cf577ded609c/user-pass-new.txt&is=af160f812e82bf5a4d7cfdfca7b4f65b"
  sleep 1
  sh v2.sh

elif [ $r = 02 ] || [ $r = 2 ]; then
  sh v3.sh

elif [ $r = 00 ] || [ $r = 0 ]; then
  sleep 1
  echo "${b} Thanks You *_*"
  exit

else
  echo
  echo "${h}         ~ ~  ┌${p1}∩${h}┐${k}(${m}◣${p1}_${m}◢${k})${h}┌${p1}∩${h}┐  ~ ~"
  echo "         ${p}[${m}!${p}]${m} pilihan salah ${p}[${m}!${p}]${k}"
  echo
  sleep 1
  sh v2.sh
fi

这里还有作者提供的其他破解工具:http://sfile.mobi/7ktplLidgc0

文件 user-pass-new.txt 本身包含:

        [+]------------------[+]
         | Username: Remaja   |
         | Pasword : Coding   |
        [+]------------------[+]

[+]----------------------------------[+]
 | Lihat Huruf Besar Dan Kecil Nya    | 
 | Ingat Gunakan Dengan Bijak         |
 | Dan Jangan Lupa Subscribe channel. |
 | Youtube Admin Nama Channel nya.    |
 | Tutorial Android-ID dan aktifkan   |
 |           lonceng nya.             |
[+]----------------------------------[+]

要反混淆,您可以将所有 ; 替换为换行符以获得稍微更具可读性的内容。然后你会看到这些几乎都是变量赋值;倒数第二行是一个带有命令替换的赋值 evals 这些字符串的组合,最后一行 eval 输出(与更多变量组合)。

要查看它的反混淆,我们只需将最后一个 eval 替换为 printf '%s\n'。这个的输出是......仍然很模糊。它现在以对混淆器的提示开始:

#!/bin/bash
#Obfuscated By xNot_Found
#Github : https://github.com/hatakecnk/BashProtector

通过再次应用相同的技术,我们得到:

#usr/bin/bash
p="3[29;1m"
a="3[30;1m"
m="3[31;1m"
h="3[32;1m"
k="3[33;1m"
b="3[34;1m"
c="3[35;1m"
pu="3[36;1m"
p1="3[37;1m"
m1="3[38;1m"
p2="3[39;1m"
hi="3[40;1m"
z="X-One"
 clear
 echo "${k}  ╔══════════════════════════════════╗"
 echo "${k}  ║ ${p2}Tools ${pu}Versi Premium ${p2}Jadi Admin   ${k}║"
 echo "${k}  ║ ${p2}Ganti Username Dan Pasword${p2} Nya   ${k}║"
 echo "${k}  ║ ${p2}Jika Gak Tau ${h}User & Pass nya     ${k}║"
 echo "${k}  ║ ${p2}Bisa Langsung Download Dulu  ${k}║"
 echo "${k}  ╚══════════════════════════════════╝"
 echo
 echo
 echo
 echo "${p2}{${h}01${p2}} ${c}Download User&Pass Nya"
 echo "${p2}{${h}02${p2}} ${c}Login Tools Nya"
 echo "${p2}{${h}00${p2}} ${m}Exit"
 echo
 echo "${p2}"


 read -p "[+]PILIH : " r
 if [ $r = 01 ] || [ $r = 1 ];then
     sleep 1
     echo "${p2}[${h}√${p2}]${b}Sedang Membuka Browser"
     sleep 1
     echo "${p2}[${h}√${p2}]${b}Silahkan Buka Browsernya"
     sleep 1
     echo
     termux-open-url "<URL>"
     sleep 1
     sh v2.sh

 elif [ $r = 02 ] || [ $r = 2 ];then
     sh v3.sh

 elif [ $r = 00 ] || [ $r = 0 ];then
     sleep 1
     echo "${b} Thanks You *_*"
     exit

 else 
     echo
     echo "${h}         ~ ~  ┌${p1}∩${h}┐${k}(${m}◣${p1}_${m}◢${k})${h}┌${p1}∩${h}┐  ~ ~"
     echo "         ${p}[${m}!${p}]${m} pilihan salah ${p}[${m}!${p}]${k}"
     echo
     sleep 1
     sh v2.sh
 fi

<URL> 上编辑的 URL 是一个稍微缩短的 link,你不能在 Stack Overflow 上 post;您可以在 https://bitly.com/2NXz8Tu+ 查看 link 的预览(注意最后的 +,触发预览)。它似乎下载了一个名为 User Pass New . txt.

的文件

"de-obfuscate" 这很容易。首先,您需要将其保存在 derp.sh 中,并在 with:

之间分隔行
sed -r 's/;/;\n/g' derp.sh -i

打开文件并找到 eval 内容。在执行之前,复制哈希值并将其回显到屏幕上,然后退出。你会得到类似下面的内容:

<crap>

echo "<variable 1>"
echo "<variable 2>"

exit;

EWHIPIULTzHJITFZGMMZBQBLZDTHBCLzOXMFHzTKETHHBFORIJAWRKWEEVzAMJZJVSzQzLRPCCICAYIDJzSIOCNWMLDKFUSZBWEU=$(eval "<variable 1>");
eval "<variable 2>"

如果您随后执行 derp.sh,您将再次使用以下形式的混淆脚本:

echo <a base64 string> | rev |base64 -d

Léa Gris 就是这样得到答案的。在这里您需要用 sed 分隔行,然后再次回显变量。如果你一直这样做,你最终会得到脚本。

最终剧本:

#usr/bin/bash
p="3[29;1m"
a="3[30;1m"
m="3[31;1m"
h="3[32;1m"
k="3[33;1m"
b="3[34;1m"
c="3[35;1m"
pu="3[36;1m"
p1="3[37;1m"
m1="3[38;1m"
p2="3[39;1m"
hi="3[40;1m"
z="X-One"
 clear
echo "${k}  ╔══════════════════════════════════╗"
echo "${k}  ║ ${p2}Tools ${pu}Versi Premium ${p2}Jadi Admin   ${k}║"
echo "${k}  ║ ${p2}Ganti Username Dan Pasword${p2} Nya   ${k}║"
echo "${k}  ║ ${p2}Jika Gak Tau ${h}User & Pass nya     ${k}║"
echo "${k}  ║ ${p2}Bisa Langsung Download Dulu  ${k}║"
echo "${k}  ╚══════════════════════════════════╝"
echo
echo
echo
echo "${p2}{${h}01${p2}} ${c}Download User&Pass Nya"
echo "${p2}{${h}02${p2}} ${c}Login Tools Nya"
echo "${p2}{${h}00${p2}} ${m}Exit"
echo
echo "${p2}"


read -p "[+]PILIH : " r
if [ $r = 01 ] || [ $r = 1 ];then
sleep 1
echo "${p2}[${h}√${p2}]${b}Sedang Membuka Browser"
sleep 1
echo "${p2}[${h}√${p2}]${b}Silahkan Buka Browsernya"
sleep 1
echo
termux-open-url "https://linkduit.net/OW8sP"
sleep 1
sh v2.sh

elif [ $r = 02 ] || [ $r = 2 ];then
sh v3.sh

elif [ $r = 00 ] || [ $r = 0 ];then
sleep 1
echo "${b} Thanks You *_*"
exit

else 
echo
echo "${h}         ~ ~  ┌${p1}∩${h}┐${k}(${m}◣${p1}_${m}◢${k})${h}┌${p1}∩${h}┐  ~ ~"
echo "         ${p}[${m}!${p}]${m} pilihan salah ${p}[${m}!${p}]${k}"
echo
sleep 1
sh v2.sh