An opportunity to play with practical cryptography and see how easy it is to encrypt all of a user’s files.
Preparation
-
Bring a USB stick to the lab to save your work
Procedure
-
Log into Kali using the username
l33t
and the passwordopposable thumbs
. -
Copy files into your home directory:
-
the
frank
user’sMusic
directory -
the
sentimental
users’sPhotos
directory
-
-
Write a Python function that uses the
secrets
module to generate a secret $n$-bit key. Show the output of this function for several key sizes — you may findbinascii.hexlify
helpful for this purpose. -
Write a Python function that will encrypt the contents of a given file with a given key, using a cipher of your own choosing. You may find the
Cryptodome
module helpful; on our Python installation you may need to refer to this module asCryptodome.Cipher
rather thanCrypto.Cipher
. This function should return the ciphertext as bytes. Show this function’s output when applied to several (small) files. -
Use the Python
os.walk
function to inspect every file within a directory (searching recursively), outputting for each:-
the path used to reach the file
-
the first 16 B of the file (in hex format)
-
the first 16 B of the ciphertext of the file (in hex format), using a key passed into your function
-
-
Write a Python script that will generate a random key, saving it in a specified file path, then walk through a specified directory recursively, encrypting all files it finds in place (i.e., overwriting the originals). Demonstrate that this script works when executed against the
l33t
user’s home directory. -
Extra fun: take the symmetric key that you used to encrypt the user’s data and encrypt it under a public key of your own generation. Now, if you were connected to the Internet, you could send that encrypted key to a Command & Control server and display a ransomware message (which could be extra, extra fun?).