[암호 프로그래밍] 사전파일을 이용한 공격 프로그램 - gpg

 

☞ 공격할 암호화된 파일 생성 - /test/file1.txt.gpg

# cd /test

# cp /etc/hosts file1.txt

# gpg -c file1.txt

암호 : soldesk1.

 

 

☞ 사전파일 생성 - /python/dict/dict.txt

- https://laustudy.tistory.com/99

# mkdir -p /python/dict

# chmod -R 777 /python

# tree -C /python

# cd /python/dict

# cat << EOF > dict.txt

user01

user02

admin

soldesk1.

administration

EOF

 

☞ 공격 프로그램

(shell)

# vi /python/attack_gpg.sh  (# chmod +x /python/attack_gpg.sh; ./python/attack_gpg.sh)

#!/bin/bash

DictFile=/python/dict/dict.txt
EncFile=/test/file1.txt.gpg

crack() {
    echo 
    echo "====== Decrypted File Contents ======"
    gpg -d --batch --passphrase $i $EncFile
}

for i in $(cat $DictFile)
do
    gpg -d --batch --passphrase $i $EncFile >/dev/null 2>&1
    if [ $? -eq 0 ] ; then
        echo "[  OK  ] Key found. ==> $i" 
        crack
        break
    else
        echo "[ FAIL ] Key not found. ==> $i" 
    fi  
    sleep 1
done

(python)

#!/usr/bin/python3
import os


def main():
    dict = open('/python/dict/dict.txt')
    encfile = '/test/file1.txt.gpg'
    decfile = 'tmpDecfile.txt'

    for word in dict.read().split('\n'):
        cmd = 'gpg -d --batch --passphrase ' + word + " " + encfile + ' > ' + decfile + " 2>/dev/null"
        if os.system(cmd) == 0:
            # success
            print("[  OK  ] Key found => " + word)
            print("===== Decrypted File Contents =====")
            decfileOp = open(decfile)
            print(decfileOp.read())
            decfileOp.close()
            break
        else:
            # fail
            print("[ FAIL ] Key not found => " + word)
    CMD = "rm -rf " + decfile
    os.system(CMD)
    dict.close()
    pass


if __name__ == '__main__':
    main()