[-] Trapped javax.crypto.BadPaddingException during RSA decrypt [HTTP session handler]: Decryption error
javax.crypto.BadPaddingException: Decryption error
at sun.security.rsa.RSAPadding.unpadV15(RSAPadding.java:383)
at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:294)
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:363)
at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:389)
at javax.crypto.Cipher.doFinal(Cipher.java:2164)
at dns.AsymmetricCrypto.decrypt(Unknown Source)
at beacon.BeaconC2.process_beacon_metadata(Unknown Source)
at beacon.BeaconHTTP$GetHandler.serve(Unknown Source)
at c2profile.MalleableHook.serve(Unknown Source)
at cloudstrike.WebServer._serve(WebServer.java:232)
at cloudstrike.WebServer.serve(WebServer.java:213)
at cloudstrike.NanoHTTPD$HTTPSession.run(NanoHTTPD.java:372)
at java.lang.Thread.run(Thread.java:748)
[-] decrypt of metadata failed
[-] A Malleable C2 attempt to recover data from a '.http-get.client.metadata' transaction failed. This could be due to a bug in the profile, a change made to the profile after this Beacon was run, or a change made to the transaction by some device between your target and your Cobalt Strike controller. The following information will (hopefully) help narrow down what happened.
可以上线,但是看到日志报这个错,不知道怎么解决呢?
[-] Trapped javax.crypto.BadPaddingException during RSA decrypt [HTTP session handler]: Decryption error javax.crypto.BadPaddingException: Decryption error at sun.security.rsa.RSAPadding.unpadV15(RSAPadding.java:383) at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:294) at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:363) at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:389) at javax.crypto.Cipher.doFinal(Cipher.java:2164) at dns.AsymmetricCrypto.decrypt(Unknown Source) at beacon.BeaconC2.process_beacon_metadata(Unknown Source) at beacon.BeaconHTTP$GetHandler.serve(Unknown Source) at c2profile.MalleableHook.serve(Unknown Source) at cloudstrike.WebServer._serve(WebServer.java:232) at cloudstrike.WebServer.serve(WebServer.java:213) at cloudstrike.NanoHTTPD$HTTPSession.run(NanoHTTPD.java:372) at java.lang.Thread.run(Thread.java:748) [-] decrypt of metadata failed [-] A Malleable C2 attempt to recover data from a '.http-get.client.metadata' transaction failed. This could be due to a bug in the profile, a change made to the profile after this Beacon was run, or a change made to the transaction by some device between your target and your Cobalt Strike controller. The following information will (hopefully) help narrow down what happened.