from base64 import b64decode

phrases = [
    "assert|eval(base64_decode('".encode(),
    b'<?\n@error_reporting(0);\n\nfunctio',
    b'<?\nfunction main($action, $remot',
    b'<?\n@error_reporting(0);\nset_time',
    b'\nerror_reporting(0);\n\nfunction m',
    b'<?\n@error_reporting(0);\n\n\nfuncti',
    b'<?\nerror_reporting(0);\nfunction ',
    b'@error_reporting(0);\nfunction ma',
    b'<?php\n\n$taskResult = array();\n$p',
    b"<?\nerror_reporting(0);\nheader('C",
    b'@error_reporting(0);\n\nfunction g',
    b'<?\n@error_reporting(0);\n@set_tim',
]


def xor(l0, l1):
    ret = [chr(ord(chr(a)) ^ ord(chr(b))) for a, b in zip(l0, l1)]
    return "".join(ret)


def check(cipher):
    cipher = b64decode(cipher)
    for phrase in phrases:
        p0 = phrase[0:16]
        p1 = phrase[16:]
        c0 = cipher[0:16]
        c1 = cipher[16:16 + len(p1)]
        # 16 bits
        k0 = xor(p0, c0)
        k1 = xor(p1, c1)
        if (k1 in k0) and k1:
            return k0
    return None


def force_check(cipher):
    key = check(cipher)
    if key:
        print("[+]", cipher[:32], "is XOR Behinder Request! ")
        print("[+] The Key of Behinder is ", key)
        return True
    else:
        print("[-]", cipher[:32], "not Behinder Request..")
        return False


cipher_content = "加密报文"
for i in range(16, len(cipher_content), 4):     # 从第16个字节开始，每4个字节为一组
    cipher_content_slice = cipher_content[0:i]  # 从第0个字节开始，截取i个字节
    result = force_check(cipher_content_slice)  # 检查截取的字节是否符合规则
    if result:
        print(f'i:{i}')
        break
    print("behind XOR is not found")