user@linuxtrack:~ $ python -c 'print("Soyez les bienvenus !")'

Vous n'êtes pas identifié(e).

#1 12-07-2019 19:00:20

Viperr
Modérateur

Tools for CTF : Brute force encrypted file with cipher and pass

Slat-pepper

ce script permet de faire un brut de force de cipher quand on a le salted_file , et le pass mais pas le cipher.

il se trouve ici :
https://github.com/penthium2/salt_pepper

et je vous donne le code source de la version 3.4 pour que vous l'analisez directement ici :

#!/bin/bash
#=================================================================
# Tool Name: salt-pepper
# Description: Brute force encrypted file with cipher and pass
# Args: [-f SOURCE FILE] [-k PASSPHRASE]
# More options : -t 	test results to find Unicode text file
#		 -h	display help
#		 -v	display version
# Author: penthium2, Julien BRIAULT
# Creation date: 07/12/2019
# Last update:
# Print the name file match when "-t" option used
#=================================================================

# Colors var
red="\e[91m"
green="\e[92m"
yellow="\e[93m"
resetcolor="\e[0m"

# Vars 
version="3.4"
authors="penthium2, Julien BRIAULT"

f_main() {
cat << EOF
Usage: ${0##*/} [-f SOURCE FILE] [-p PASS ] [-t]

Brute force encrypted file with cipher and pass
Arguments  : 
	-f	encrypted source file 
	-p	passphrase 
More options :
	-t 	test results to find Unicode text file	
	-h	display help
	-v	display version

EOF
exit 0
}

# Random error
f_err() {
cat << EOF
Try '${0##*/} -h' for more informations.
EOF
exit 1
}

# Syntax error
f_syn_err() {
echo -e "${red}Syntax error${resetcolor}"
}

# Test salt
f_cipher() {
declare -i nb=1  

dir=FLAGS

if [[ -d "${dir}" ]]; then 
	echo -e "${yellow}Folder already exist${resetcolor}"
else
	mkdir ${dir}
fi
                                                                             
for cipher in $(openssl list -cipher-commands) ; do                                           
	if openssl  "$cipher" -d -in "${sfile}" -out FLAG  -pass pass:"${pass}" > /dev/null 2>&1 ; then                  		
		mv FLAG ${dir}/FLAG_$cipher
		match[$nb]=$cipher                                                            
		nb+=1                                                                         
	else                                                                                  
	 	printf "%-50s%s\n" "$cipher~" "~[NOT MATCH]" | tr ' ~' '- '
	fi                                                                                    
done                                                                                          
for result in $(seq ${#match[*]}) ; do
	printf "%-50s%s\n" "${match[$result]}~" "~[MATCH]" | tr ' ~' '- '
done
echo -e "${yellow}All results saved in $dir directory.${resetcolor}"
}

# Test if is a UTF-8/Unicode file
f_test_results() {
comres="$(file ${dir}/* | grep Unicode | wc -l)"
if [[ -d "${dir}" ]]; then 
	if [[ "$comrs" = 0 ]]; then 
		echo -e "\n ${red}No results found for test.${resetcolor}"
		exit 7
	else 
		echo -e "\nTest match: ${green}$(file ${dir}/* | grep -n Unicode | awk -F":" '{print $2 }' )${resetcolor}"
		for results in $(file ${dfolder}/* | grep Unicode | sed "s#/##; s#:##" | awk '{print $1}') ; do 
			echo -e "File: ${green}$results${resetcolor}"
		done
	fi
else
	f_err
fi
}
# if no argument
if [[ -z "$1" ]]; then 
	f_err
else
	OPTIND=1

	while getopts "hvtf:p:" opt; do 
		case $opt in 
			v) 
				if [[ -z "$2" ]]; then 
					echo -e "${0##*/} version ${yellow}$version${resetcolor}"
					echo "Authors: $authors"
				elif [[ "$2" = "-h" ]];then 
					f_syn_err && f_err
				fi
				;;
			h)
				if [[ -z "$2" ]]; then 
					f_main
				elif [[ "$2" = "-v" ]]; then 
					f_syn_err && f_err
				fi
				;;
			f)
				sfile=${OPTARG}
				if [[ -n "${pass}" ]]; then 
					if [[ -f "${sfile}" ]]; then 
						if [[ -r "${sfile}" ]]; then 
							f_cipher
						else
							echo -e "${red}You do not have read access to this file.${resetcolor}"
							exit 5
						fi
					else
						echo -e "${red}The specified value is not a file.${resetcolor}"
						exit 4
					fi
				fi
				;;
			p)
				pass=${OPTARG}
				if [[ -n "${sfile}" ]]; then 
					f_cipher
				fi
				;;
			t)
				f_test_results	
				;;
				
		esac
	done
	shift "$((OPTIND-1))"	
fi

Enjoy !  Cthulhu  Cthulhu

Dernière modification par Viperr (12-07-2019 19:05:42)


vi est mon ami pour la vie
Viperr
Ph'nglui nglw-nafh Cthulhu R'lyeh wgah-nagl fhtagn

Hors ligne

Pied de page des forums