New updates
This commit is contained in:
52
decrypt.py
52
decrypt.py
@@ -7,7 +7,7 @@
|
||||
##################################################
|
||||
## Project: Elysium ##
|
||||
## File: decrypt.py ##
|
||||
## Version: 1.0.0 ##
|
||||
## Version: 1.1.0 ##
|
||||
## Support: support@cqre.net ##
|
||||
##################################################
|
||||
|
||||
@@ -15,12 +15,13 @@
|
||||
# Install PyCryptodome with "pip install pycryptodome". Must be run with python3.
|
||||
|
||||
from Crypto.Cipher import AES
|
||||
from Crypto.Protocol.KDF import PBKDF2
|
||||
import hashlib
|
||||
import os
|
||||
|
||||
# Ask for the encrypted file's name
|
||||
encrypted_file_name = input("Enter the name of the encrypted file (with .enc extension): ")
|
||||
encrypted_file_path = f'path/to/your/encrypted/{encrypted_file_name}'
|
||||
encrypted_file_path = encrypted_file_name if os.path.isabs(encrypted_file_name) else os.path.join(os.getcwd(), encrypted_file_name)
|
||||
decrypted_file_path = encrypted_file_path.replace('.enc', '.zip')
|
||||
|
||||
# Try to retrieve the passphrase from the environment variable
|
||||
@@ -30,22 +31,47 @@ if passphrase is None:
|
||||
passphrase = input("Passphrase not found in environment. Please enter the passphrase: ")
|
||||
# Here, you might save the passphrase to a temporary session or file, but be cautious with security.
|
||||
|
||||
# Derive the AES key from the passphrase
|
||||
key = hashlib.sha256(passphrase.encode()).digest()
|
||||
def decrypt_legacy(data: bytes, key_bytes: bytes) -> bytes:
|
||||
if len(data) < 16:
|
||||
raise ValueError("Encrypted data too short for legacy format")
|
||||
iv = data[:16]
|
||||
encrypted = data[16:]
|
||||
cipher = AES.new(key_bytes, AES.MODE_CBC, iv)
|
||||
plaintext = cipher.decrypt(encrypted)
|
||||
pad_len = plaintext[-1]
|
||||
if not (1 <= pad_len <= 16):
|
||||
raise ValueError("Invalid padding length in legacy data")
|
||||
return plaintext[:-pad_len]
|
||||
|
||||
def decrypt_pbkdf2(data: bytes, passphrase: str) -> bytes:
|
||||
if len(data) < 4 + 16 + 16:
|
||||
raise ValueError("Encrypted data too short for PBKDF2 format")
|
||||
magic = data[:4]
|
||||
if magic != b"ELY1":
|
||||
raise ValueError("Invalid magic header for PBKDF2 format")
|
||||
salt = data[4:20]
|
||||
iv = data[20:36]
|
||||
encrypted = data[36:]
|
||||
key = PBKDF2(passphrase, salt, dkLen=32, count=100000)
|
||||
cipher = AES.new(key, AES.MODE_CBC, iv)
|
||||
plaintext = cipher.decrypt(encrypted)
|
||||
pad_len = plaintext[-1]
|
||||
if not (1 <= pad_len <= 16):
|
||||
raise ValueError("Invalid padding length in PBKDF2 data")
|
||||
return plaintext[:-pad_len]
|
||||
|
||||
try:
|
||||
# Read the encrypted file
|
||||
with open(encrypted_file_path, 'rb') as encrypted_file:
|
||||
iv = encrypted_file.read(16) # The first 16 bytes are the IV
|
||||
encrypted_data = encrypted_file.read()
|
||||
blob = encrypted_file.read()
|
||||
|
||||
# Decrypt the data
|
||||
cipher = AES.new(key, AES.MODE_CBC, iv)
|
||||
decrypted_data = cipher.decrypt(encrypted_data)
|
||||
|
||||
# Remove potential PKCS#7 padding
|
||||
pad_len = decrypted_data[-1]
|
||||
decrypted_data = decrypted_data[:-pad_len]
|
||||
# Try PBKDF2 format first (ELY1 header), then legacy fallback
|
||||
if blob.startswith(b"ELY1"):
|
||||
decrypted_data = decrypt_pbkdf2(blob, passphrase)
|
||||
else:
|
||||
# Legacy key derivation: SHA-256(passphrase), IV is first 16 bytes
|
||||
legacy_key = hashlib.sha256(passphrase.encode()).digest()
|
||||
decrypted_data = decrypt_legacy(blob, legacy_key)
|
||||
|
||||
# Write the decrypted data to a file
|
||||
with open(decrypted_file_path, 'wb') as decrypted_file:
|
||||
|
||||
Reference in New Issue
Block a user