노현종 / 2018-1-Capstone1-VulnNotti

Go to a project
Toggle navigation Toggle navigation pinning
노현종
a6e87601 1 parent f0bd3a61

secure aes string xml aws mysql

Inline Side-by-side
Showing 4 changed files with 181 additions and 25 deletions
using System;
using System.Collections.Generic;
using System.Text;
using System.IO;
using System.Threading;
using System.Security.Cryptography;
namespace AESENC
{
public class AES
{
//AES_256 암호화
public String AESEncrypt256(String Input, String key) {
RijndaelManaged aes = new RijndaelManaged();
aes.Padding = PaddingMode.PKCS7;
aes.KeySize = 256;
aes.BlockSize = 128;
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;
aes.Key = Encoding.UTF8.GetBytes(key);
aes.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
var encrypt = aes.CreateEncryptor(aes.Key, aes.IV);
byte[] xBuff = null;
using (var ms = new MemoryStream()) {
using (var cs = new CryptoStream(ms, encrypt, CryptoStreamMode.Write)) {
byte[] xXml = Encoding.UTF8.GetBytes(Input);
cs.Write(xXml, 0, xXml.Length);
}
xBuff = ms.ToArray();
}
String Output = Convert.ToBase64String(xBuff);
return Output;
}
//AES_256 복호화
public String AESDecrypt256(String Input, String key) {
RijndaelManaged aes = new RijndaelManaged();
aes.KeySize = 256;
aes.BlockSize = 128;
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;
aes.Key = Encoding.UTF8.GetBytes(key);
aes.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
var decrypt = aes.CreateDecryptor();
byte[] xBuff = null;
using (var ms = new MemoryStream()) {
using (var cs = new CryptoStream(ms, decrypt, CryptoStreamMode.Write)) {
byte[] xXml = Convert.FromBase64String(Input);
cs.Write(xXml, 0, xXml.Length);
}
xBuff = ms.ToArray();
}
String Output = Encoding.UTF8.GetString(xBuff);
return Output;
}
//AES_128 암호화
public String AESEncrypt128(String Input, String key) {
RijndaelManaged RijndaelCipher = new RijndaelManaged();
byte[] PlainText = System.Text.Encoding.Unicode.GetBytes(Input);
byte[] Salt = Encoding.ASCII.GetBytes(key.Length.ToString());
PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(key, Salt);
ICryptoTransform Encryptor = RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
cryptoStream.Write(PlainText, 0, PlainText.Length);
cryptoStream.FlushFinalBlock();
byte[] CipherBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string EncryptedData = Convert.ToBase64String(CipherBytes);
return EncryptedData;
}
//AE_S128 복호화
public String AESDecrypt128(String Input, String key) {
RijndaelManaged RijndaelCipher = new RijndaelManaged();
byte[] EncryptedData = Convert.FromBase64String(Input);
byte[] Salt = Encoding.ASCII.GetBytes(key.Length.ToString());
PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(key, Salt);
ICryptoTransform Decryptor = RijndaelCipher.CreateDecryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
MemoryStream memoryStream = new MemoryStream(EncryptedData);
CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);
byte[] PlainText = new byte[EncryptedData.Length];
int DecryptedCount = cryptoStream.Read(PlainText, 0, PlainText.Length);
memoryStream.Close();
cryptoStream.Close();
string DecryptedData = Encoding.Unicode.GetString(PlainText, 0, DecryptedCount);
return DecryptedData;
}
}
}
......@@ -14,31 +14,20 @@ namespace VulnCrawler
[XmlRoot("MySqlAccountInfo")]
public class Account
{
public static string FilePath => @"D:\Account.xml";
public static string FilePath => @"Account.xml";
[XmlAttribute("EndPoint")]
public string Endpoint { get; set; }
public string Endpoint { get; set; } = "127.0.0.1";
[XmlAttribute("ID")]
public string Id { get; set; }
public string Id { get; set; } = "root";
[XmlAttribute("PW")]
public string Pw { get; set; }
public string Pw { get; set; } = "123";
}
private static Account account;
public static Account account { get; private set; }
static AWS() {
// account = LoadAccount();
account = new Account() {
Endpoint = "aaa",
Id = "bbb",
Pw = "1231",
};
Console.WriteLine(account.Endpoint);
// account = LoadAccount();
}
private static Account LoadAccount() {
if (!File.Exists(Account.FilePath)) {
return null;
}
......@@ -47,18 +36,24 @@ namespace VulnCrawler
using (var reader = new StreamReader(Account.FilePath)) {
XmlSerializer xs = new XmlSerializer(typeof(Account));
acc = (Account)xs.Deserialize(reader);
}
return acc;
}
public static void SaveAccount() {
public static void LoadAccount(string txt) {
Account acc = null;
// Deserialization
using (TextReader reader = new StringReader(txt)) {
XmlSerializer xs = new XmlSerializer(typeof(Account));
acc = (Account)xs.Deserialize(reader);
}
//File.SetAttributes(Account.FilePath, FileAttributes.Normal);
account = acc;
}
public static void SaveAccount() {
// Serialization
using (StreamWriter wr = new StreamWriter(Account.FilePath)) {
XmlSerializer xs = new XmlSerializer(typeof(Account));
......@@ -67,6 +62,8 @@ namespace VulnCrawler
}
}
......
......@@ -9,15 +9,30 @@ using System.Text.RegularExpressions;
using System.Threading.Tasks;
using MySql.Data.MySqlClient;
using AESENC;
using System.Security;
using System.Runtime.InteropServices;
namespace VulnCrawler
{
class Program
{
static void Main(string[] args) {
AWS.SaveAccount();
SecureString s_key = GetConsoleSecurePassword();
Console.Clear();
string key = SecureStringToString(s_key);
//AWS.SaveAccount();
AES aes = new AES();
string txt = File.ReadAllText(@"Account.xml");
string xml = aes.AESDecrypt128(txt, key);
AWS.LoadAccount(xml);
AWS.Account account = AWS.account;
Console.WriteLine($"Endpoint: {account.Endpoint}, ID: {account.Id}, PW: {account.Pw}");
//MySqlConnectionStringBuilder builder = new MySqlConnectionStringBuilder {
// Server = "",
// UserID = id,
......@@ -48,7 +63,33 @@ namespace VulnCrawler
// Run();
}
static String SecureStringToString(SecureString value) {
IntPtr valuePtr = IntPtr.Zero;
try {
valuePtr = Marshal.SecureStringToGlobalAllocUnicode(value);
return Marshal.PtrToStringUni(valuePtr);
} finally {
Marshal.ZeroFreeGlobalAllocUnicode(valuePtr);
}
}
private static SecureString GetConsoleSecurePassword() {
SecureString pwd = new SecureString();
while (true) {
ConsoleKeyInfo i = Console.ReadKey(true);
if (i.Key == ConsoleKey.Enter) {
break;
} else if (i.Key == ConsoleKey.Backspace) {
pwd.RemoveAt(pwd.Length - 1);
Console.Write("\b \b");
} else {
pwd.AppendChar(i.KeyChar);
Console.Write("*");
}
}
return pwd;
}
public static void Run() {
// Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록)
var directorys = Directory.GetDirectories(@"c:\VulnPy");
......
......@@ -53,6 +53,7 @@
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
<Compile Include="AES.cs" />
<Compile Include="AWS.cs" />
<Compile Include="Program.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
......