API tools faq
paste
Advertisement
Cyb3r_h4ck3r

Database Encryption Tool

Cyb3r_h4ck3r
Jun 25th, 2015
3,421
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.28 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/python
  2. # mehuldmaniax[At]hotmail.com
  3. # I use this to secure the AIDE database. When run with: -d <passphrase> /var/lib/aide.db.gz.enc
  4. # it will decrypt the database, run aide and then re-encrypt the DB.
  5. # for first setup do: -e <passphrase> <path to database>.
  6. # If you forget the passphrase there is no recovery option.
  7.  
  8. from Crypto.Cipher import AES
  9. from subprocess import call
  10. import base64
  11. import os, sys, random, struct, hashlib,md5
  12.  
  13. def usage():
  14.     print "
  15.   _____     __   ____       __   ____     __    ____
  16. / ___/_ __/ /  |_  /____  / /  / / /____/ /__ |_  /____
  17. / /__/ // / _ \_/_ </ __/ / _ \/_  _/ __/  '_/_/_ </ __/
  18. \___/\_, /_.__/____/_/   /_//_/ /_/ \__/_/\_\/____/_/
  19.    /___/ "
  20.     print ""
  21.     print "___________________________________"
  22.     print "|  Aide database encryption tool  |"
  23.     print "___________________________________"
  24.     print " Special thanks to H4ck3rH3r0 , R007 X F700d , N00b h4ck3r , Th3 L4z4ru$ "
  25.     print "\n Usage: " + sys.argv[0] + " <options> <passkey> <filename> \n"
  26.     print "Options:"
  27.     print "     -e: encrypt a file, output encrypted file as <filename>.enc "
  28.     print "     -d: decrypt a file. Takes a .enc file and decrypts it"
  29.  
  30. def run_aide():
  31.     try:
  32.         call(["aide"])
  33.         return
  34.     except:
  35.         print "Aide failed to run"
  36.         sys.exit(2)
  37.  
  38. def encrypt_file(key, in_filename, out_filename=None, chunksize=64*1024):
  39.     #key = sys.argv[2]
  40.     if not out_filename:
  41.         out_filename = in_filename + '.enc'
  42.     try:
  43.         iv = ''.join(chr(random.randint(0, 0xFF)) for i in range(16))
  44.         encryptor = AES.new(key, AES.MODE_CBC, iv)
  45.         filesize = os.path.getsize(in_filename)
  46.         with open(in_filename, 'rb') as infile:
  47.             with open(out_filename, 'wb') as outfile:
  48.                 outfile.write(struct.pack('<Q', filesize))
  49.                 outfile.write(iv)
  50.                 while True:
  51.                     chunk = infile.read(chunksize)
  52.                     if len(chunk) == 0:
  53.                         break
  54.                     elif len(chunk) % 16 != 0:
  55.                         chunk += ' ' * (16 - len(chunk) % 16)
  56.                     outfile.write(encryptor.encrypt(chunk))
  57.         os.remove(in_filename)
  58.     except:
  59.         print "File Encryption Failed"
  60.         sys.exit(2)
  61.    
  62.  
  63. def decrypt_file(key, in_filename, out_filename=None, chunksize=24*1024):
  64.     #key = sys.argv[2]
  65.     if not out_filename:
  66.         out_filename = os.path.splitext(in_filename)[0]
  67.  
  68.     with open(in_filename, 'rb') as infile:
  69.         origsize = struct.unpack('<Q', infile.read(struct.calcsize('Q')))[0]
  70.         iv = infile.read(16)
  71.         decryptor = AES.new(key, AES.MODE_CBC, iv)
  72.  
  73.         with open(out_filename, 'wb') as outfile:
  74.             while True:
  75.                 chunk = infile.read(chunksize)
  76.                 if len(chunk) == 0:
  77.                     break
  78.                 outfile.write(decryptor.decrypt(chunk))
  79.             outfile.truncate(origsize)
  80.     try:
  81.         call(["gzip", "-lq" , out_filename])
  82.         print out_filename
  83.     os.remove(in_filename)
  84.     run_aide()
  85.     encrypt_file(key, out_filename)
  86.         return
  87.     except:
  88.         print "incorrect passphrase"  
  89.         sys.exit(2)
  90.  
  91.  
  92. def check_user_input():
  93.     if len (sys.argv) == 1:
  94.         usage()
  95.         sys.exit(2)
  96.     else:
  97.         return
  98.  
  99. def check_infile():
  100.     input_file = sys.argv[3]
  101.     if os.path.isfile(input_file) == True:
  102.         return
  103.     else:
  104.         print "File does not exist"
  105.         sys.exit(2)
  106.  
  107. if __name__ == '__main__':
  108.    
  109.     decider = sys.argv[1]
  110.     if decider == "-e":
  111.         # md5 hases the passkey to ensure 16 byte length
  112.         keys = sys.argv[2]
  113.         m = md5.new()
  114.         m.update(keys)
  115.         key = m.hexdigest()
  116.         # end md5 conversion
  117.         check_user_input()
  118.         check_infile()
  119.         input_file = sys.argv[3]
  120.         #print "encrypting"
  121.         encrypt_file(key,input_file)
  122.     if decider == "-d":
  123.          # md5 hashes the passkey to ensure 16 byte length
  124.         keys = sys.argv[2]
  125.         m = md5.new()
  126.         m.update(keys)
  127.         key = m.hexdigest()
  128.         # end md5 conversion
  129.         check_user_input()
  130.         check_infile()
  131.         input_file = sys.argv[3]
  132.         #print "decrypting"
  133.         decrypt_file(key,input_file)
  134.     #run_aide()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!