DiabloHorn/cryptoshot
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
cryptoshot - making and saving encrypted screenshots ==== GENERAL This application will make a screenshot of the desktop. If the desktop consists of multiple monitors it should still work fine. However it has only been tested with a dual monitor setup. The windows project has the added functionality of sending the screenshot to a server of your choosing. cryptoshot uses public/private RSA keypairs to protect the AES 256bit session key. Additionally a SHA512-HMAC is calculated over the encrypted data using a 256bit key. All keys are random and you are encouraged to change the "personalization strings" in the code which are used as input for the random number generation. The PRNG does not depend on them, but it's recommended to change them. ==== USAGE To use cryptoshot you need to prepare the cryptoshot binary with a public key: C:\test>cryptoshot_init.py binaries\cryptoshot.exe http://youthost:portnumber/ Generating RSA keypair of size: 2048 Generation done Saving private key to: private.key Adding public key to binaries\cryptoshot.exe Then you run cryptoshot which will produce a screen.enc file. You can decrypt this as follow: C:\test>cryptoshot_decrypt.py binaries\screen.enc Importing private rsa key private.key Parsing encrypted screenshot screen.enc Decrypting aes key and iv Decrypting hmac key Verifying hmac Decrypting & decompressing screenshot Saving decrypted screenshot Make sure you don't loose the private RSA key or you will not be able to decrypt screenshosts. If you want to test the cryptoshot_dll.dll you need to initialise the public key in the same manner. You can take a screenshot using this: rundll32.exe Release\cryptoshot_dll.dll,getencryptedscreenshot Which will produce the same output as cryptoshot.exe. You can setup the server by doing: sudo apt-get install flask Then you can just ./cryptoshot_server ==== FILE FORMATS The modified executable file containing the public key looks like this: |--------------------------| | executable | |--------------------------| | public RSA key | |--------------------------| | length of public RSA key | |--------------------------| The encrypted file format looks like this: |---------------------------------| | length encrypted session key | |---------------------------------| | RSA-OAEP encrypted AES KEY + IV | |---------------------------------| | RSA-OAEP encrypted HMAC key | |---------------------------------| | HMAC of the encrypted data | |---------------------------------| | AES encrypted screenshot | |---------------------------------| ==== FILE OVERVIEW The following files are part of cryptoshot, the one with a * are the minimum required to use: binaries/cryptoshot.exe* uses winmain, thus it does not popup on screen when run binaries/cryptoshot_cmd.exe traditional main, mainly intended for debugging purposes binaries/cryptoshot_dll.dll Same as cryptoshot.exe but compiled as a DLL python-code/cryptoshot_init.py* generates rsa public/private keypair and appends them to cryptoshot changes the post url python-code/cryptoshot_decrypt.py* verifies hmac and decrypts the screenshot python-code/cryptoshot_server.py enjoy, DiabloHorn http://diablohorn.wordpress.com
About
encrypted screenshots using RSA and AES
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published