#include <stdio.h>
#include <stdlib.h>
#include <string.h>

// Base64 decode table
static const unsigned char base64_table[] =
    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

// Function to check if a character is a valid Base64 character
int is_base64(unsigned char c) {
    return (c >= 'A' && c <= 'Z') ||
           (c >= 'a' && c <= 'z') ||
           (c >= '0' && c <= '9') ||
           c == '+' || c == '/' || c == '=';
}

// Function to decode a single Base64 character
unsigned char base64_decode_char(unsigned char c) {
    if (c >= 'A' && c <= 'Z') return c - 'A';
    if (c >= 'a' && c <= 'z') return c - 'a' + 26;
    if (c >= '0' && c <= '9') return c - '0' + 52;
    if (c == '+') return 62;
    if (c == '/') return 63;
    return 0;
}

// Function to decode Base64 encoded data
size_t base64_decode(const unsigned char *src, size_t src_len, unsigned char *dst) {
    size_t i = 0, j = 0;
    while (i < src_len) {
        unsigned int n = 0;
        for (int k = 0; k < 4; ++k) {
            n <<= 6;
            if (i < src_len && is_base64(src[i])) {
                n |= base64_decode_char(src[i]);
            }
            ++i;
        }
        dst[j++] = (n >> 16) & 0xFF;
        if (i > src_len - 2) break;
        dst[j++] = (n >> 8) & 0xFF;
        if (i > src_len - 3) break;
        dst[j++] = n & 0xFF;
    }
    // Adjust the length based on padding
    while (j > 0 && dst[j - 1] == 0) --j;
    return j;
}

// XOR decryption function
void xor_decrypt(unsigned char *data, size_t len, unsigned char key) {
    for (size_t i = 0; i < len; ++i) {
        data[i] ^= key;
    }
}

// Function to convert hex string to binary data
size_t hex_to_binary(const char *hex_str, unsigned char *bin_data) {
    size_t len = strlen(hex_str);
    if (len % 2 != 0) {
        fprintf(stderr, "Invalid hex string length\n");
        exit(EXIT_FAILURE);
    }
    for (size_t i = 0; i < len / 2; ++i) {
        sscanf(hex_str + 2 * i, "%2hhx", bin_data + i);
    }
    return len / 2;
}

// Function to check if decoded_payload contains "$*$"
int check_mark(const unsigned char *decoded_payload, size_t len) {
    const char *search_string = "$*$";
    size_t search_len = strlen(search_string);

    for (size_t i = 0; i <= len - search_len; ++i) {
        if (memcmp(decoded_payload + i, search_string, search_len) == 0) {
            return 1;
        }
    }
    return 0;
}

int main() {
    const char *tcp_payload_hex = "64335a6765476438597a353064586f674a4878345432562b544764325947632b506a342b506a342b506a342b50694d6a50694e51506945715069645350696f68506942584e7a6b334763586b714f6e5136436b7a4d7a4d7a4d7a4d7a4d7a4d3164575146684858454d2b564656614943526357426c6351445051364b44564b544d7a4d7a4d7a4d7a4d7a4e65656e4268664742386457637a524870396433786b59444d69497a4f75333844756f2f555a5845417a6f2f576972536b7a4d7a4d7a4d7a4d7a4d7a4d7a49694d39497a30694b79416c494450487a7475694d31466d656e39334d79497249435567475678414d385856782f2f6133796b7a4d7a4d7a4d7a4d7a4d31353663474638594878315a7a4e516647466a664746795a33703866526c6351445057393858514b544d7a4d7a4d7a4d7a4d7a4d7a4f6c30394b7871726645354d6174475678414d367171722b3354383850654b544d7a4d7a4d7a4d31356d663264365932463863485a67594878684d315668646e595a784c476838716258324f7241773976594b544d7a4d7a4d7a524870396433786b59445041304b6930476353786f664b6d31385436786277704d7a4d7a4d7a4d7a4d786d683664576b4d3170584b544d7a4d7a4d7a4d7a4d7a4d7a4d6a497941684b7a346949794d6a497a346a49794d6a496a35535569596c4a526d6735746d766f3648456f39764731636b704d7a4d7a4d7a4d68497945685043513849696f2f4d79496a4b53496d4b53416c4764796d337144563536573832614b7639796b7a4d7a4d7a4d79456a49536338494477684a44387a49696370496945704a69415a334b62656f4d5856782f2f6133796b7a4d7a4d7a4d7a4d7a5256356b636d4632507a4e61665841394764796d3371444433716e574b544d7a4d7a4d7a4d7a4d7a4d3056655a484a686469512f49686e6370743667302f504433696b7a4d7a4d7a4d7a4d7a4d7a4e724a53632b63584a67646e637a5131415a703758542f74586b4b544d7a4d7a4d7a4d7a4d7a4d7a4d7a6f3648456f394c594d79497a712b576e7464502b3165537973426b7a4d7a4d7a4d7a4d7a4d7a4d7a4d7a4d7a4d7a4d7a4d7a4e4949794a4f4b544e53586c636c4a7a4e56636e353666326f7a4953597a586e7833646e387a4b794d7a5147643259324e366658517a497a4e535a6d6437646e316e656e4253586c637a625345684b69557a586e7470475646615845417a6f2f576972536b7a4d7a4d7a4d7a4d7a4d3056655a484a68646a387a576e317750544e46586b516b496a306a493055394969556b495345724b6955395553556e5053456a4979736949794d6c4a69492f4d79456a49534d384b7a776949786c45656e3133664752674d396573306138704d7a4d7a4d7a4e514b553945656e3133";
    size_t tcp_payload_bin_len = strlen(tcp_payload_hex) / 2;
    unsigned char tcp_payload_bin[tcp_payload_bin_len];

    // Convert hex string to binary data
    hex_to_binary(tcp_payload_hex, tcp_payload_bin);

    // Decode Base64
    unsigned char decoded_payload[tcp_payload_bin_len];
    size_t decoded_len = base64_decode(tcp_payload_bin, tcp_payload_bin_len, decoded_payload);

    // XOR decrypt
    unsigned char xor_key = 0x13;
    xor_decrypt(decoded_payload, decoded_len, xor_key);

    // Print decrypted payload
    printf("解密后的负载内容: ");
    for (size_t i = 0; i < decoded_len; ++i) {
        putchar(decoded_payload[i]);
    }
    printf("\n");
	
	size_t ret = check_mark(decoded_payload, decoded_len);
	printf("ret = %d", ret);
    return 0;
}