[암호 프로그래밍] 사전파일을 이용한 공격 프로그램 - ccrypt

 

☞ 공격할 암호화된 파일 생성 - /test/file1.txt.cpt

# cd /test

# cp /etc/hosts file1.txt

# ccrpyt -e file1.txt

암호 : soldesk1.

 

☞ 사전파일 생성 - /python/dict/dict.txt

- https://laustudy.tistory.com/99

# mkdir -p /python/dict

# chmod -R 777 /python

# tree -C /python

# cd /python/dict

# cat << EOF > dict.txt

user01

user02

admin

soldesk1.

administration

EOF

 

☞ 공격 프로그램

(shell)

# vi /python/attack_ccrpyt.sh  (# chmod +x /python/attack_ccrpyt.sh; ./python/attack_ccrypt.sh)

#!/bin/bash

DictionaryFile='/python/dict/dict.txt'
EncFile='/test/file1.txt.cpt'
DecFile=$(basename $EncFile | sed 's/.cpt$//')

crack() {
    ccrypt -c -K $i $EncFile > $DecFile
    echo "===== Decrypted File Contents ====="
    cat $DecFile
}

for i in $(cat $DictionaryFile)
do
    ccrypt -c -K $i $EncFile >/dev/null 2>&1
    if [ $? -eq 0 ] ; then
        echo "[  OK  ] Key found => $i" 
        echo
        crack
        break
    else
        echo "[ FAIL ] Key not found => $i" 
    fi
    sleep 1
done

(python)

#!/usr/bin/python3
import os


def main():
    dict = open('/python/dict/dict.txt')
    encfile = '/test/file1.txt.cpt'
    decfile = 'tmpDecfile.txt'

    for word in dict.read().split('\n'):
        cmd = 'ccrypt -c -K ' + word + " " + encfile + ' > ' + decfile + " 2>/dev/null"
        if os.system(cmd) == 0:
            # success
            print("[  OK  ] Key found => " + word)
            print("===== Decrypted File Contents =====")
            decfileOp = open(decfile)
            print(decfileOp.read())
            decfileOp.close()
            break
        else:
            # fail
            print("[ FAIL ] Key not found => " + word)
    CMD = "rm -rf " + decfile
    os.system(CMD)
    dict.close()
    pass


if __name__ == '__main__':
    main()