User Controls

Crypto Routines.

  1. #1
    Sophie Pedophile Tech Support
    So i was going over some source code i have saved and i came across something i found interesting. The lang in question is C and the project was basically a more stealthy and secure NetCat in order to backdoor executables. What i thought was neat was that it had multi-platform support. Different flavors of Linux, Mac and Windows were all supported.

    Seeing as it's designed to be a backdoor it has a lot of networking related code. And since you don't want anyone finding out you're up to no good i figured comms would be encrypted to some degree or another. And sure enough there was a source file that delt with the encryption of incoming and outgoing packets. After staring at that file for a bit i decided to open the files that had all the stuff with regards to the actual crypto operations in them. Now mind you i'm not a C wizard by far, but it looks to me like it was basically written as a module. And it struck me that if that were the case, surely it wouldn't be too hard to adapt the file that normally would encrypt the packets into something that could encrypt files.


    Now i was hoping i could get you guys' opinion on the feasibility of this. And how to go about it. I think it would be a good excersize for me to get my C skills up.

    Here's the source code for the Packet Encryption Layer

    https://pastebin.com/susqy0kM pel.c
    https://pastebin.com/5dWyL79z pel.h

    And here is the source code for the crypto related operations.

    https://pastebin.com/QCrFwqqZ aes.c
    https://pastebin.com/tkpCtHd3 aes.h

    https://pastebin.com/88SepHVK sha1.c
    https://pastebin.com/CRJcx8eu sha1.h

    I know the crypto stuff is a bit dated, but i found it interesting nonetheless. And i'd be interested in hearing your thoughts.
  2. #2
    cigreting African Astronaut
    wat
  3. #3
    Sophie Pedophile Tech Support
    Originally posted by cigreting wat

    This is a big brain thread.
  4. #4
    cigreting African Astronaut
    whos dat
  5. #5
    Sophie Pedophile Tech Support
    Originally posted by cigreting whos dat

    Lanny, L0pht, L41n, Aldra, SBTlauien, Filtration, me, and maybe Cathy Coof, Gadzooks and i get the feeling Ajax does something IT related too, but doesn't like to talk about it.
  6. #6
    cigreting African Astronaut
    i do it too
  7. #7
    Sophie Pedophile Tech Support
    Originally posted by cigreting i do it too

    Would you be so kind as to answer my thread in a serious manner in that case?
  8. #8
    Bueno motherfucker
    Originally posted by Sophie Lanny, L0pht, L41n, Aldra, SBTlauien, Filtration, me, and maybe Cathy Coof, Gadzooks and i get the feeling Ajax does something IT related too, but doesn't like to talk about it.

    oh ok :^)
  9. #9
    aldra JIDF Controlled Opposition
    pretty standard stuff. you could easily adapt it but there are plenty of free AES implementations out there anyway
  10. #10
    Sophie Pedophile Tech Support
    Originally posted by Bueno oh ok :^)

    Still not entirely convinced you're not someone's alt.

    Originally posted by aldra pretty standard stuff. you could easily adapt it but there are plenty of free AES implementations out there anyway

    Could you point me in the direction of some resources that specifically discuss and/or go into this?
  11. #11
    Lanny victim of incest
    File only implements ECB mode, maybe ok for packet streams? But not good for large files. If you want to make it secure, first thing would be to implement CBC or something
Jump to Top