An opportunity to play with practical cryptography and see how easy it is to encrypt all of a user’s files.

Preparation | Procedure

Preparation

  1. Bring a USB stick to the lab to save your work

Procedure

  1. Log into Kali using the username l33t and the password opposable thumbs.

  2. Copy files into your home directory:

    • the frank user’s Music directory

    • the sentimental users’s Photos directory

  3. Write a Python function that uses the secrets module to generate a secret $n$-bit key. Show the output of this function for several key sizes — you may find binascii.hexlify helpful for this purpose.

  4. Write a Python function that will encrypt the contents of a given file with a given key, using a cipher of your own choosing. You may find the Cryptodome module helpful; on our Python installation you may need to refer to this module as Cryptodome.Cipher rather than Crypto.Cipher. This function should return the ciphertext as bytes. Show this function’s output when applied to several (small) files.

  5. Use the Python os.walk function to inspect every file within a directory (searching recursively), outputting for each:

    1. the path used to reach the file

    2. the first 16 B of the file (in hex format)

    3. the first 16 B of the ciphertext of the file (in hex format), using a key passed into your function

  6. Write a Python script that will generate a random key, saving it in a specified file path, then walk through a specified directory recursively, encrypting all files it finds in place (i.e., overwriting the originals). Demonstrate that this script works when executed against the l33t user’s home directory.

  7. Extra fun: take the symmetric key that you used to encrypt the user’s data and encrypt it under a public key of your own generation. Now, if you were connected to the Internet, you could send that encrypted key to a Command & Control server and display a ransomware message (which could be extra, extra fun?).