-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathcryptoscan
executable file
·82 lines (73 loc) · 3.04 KB
/
cryptoscan
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#!/bin/bash
#
# Copyright (c) 2022 Tobias Heider <me@tobhe.de>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
aes_p="\x63\x7c\x77\x7b|\x52\x09\x6a\xd5" # S-BOX
blowfish_p="\xd1\x31\x0b\xa6|\xa6\x0b\x31\xd1"
chacha_p="expand 32-byte k"
curve25519_p="\x1A\xD5\x25\x8F\x60\x2D\x56\xC9\xB2\xA7\x25\x95\x60\xC7\x2C\x69\x5C\xDC\xD6\xFD\x31\xE2\xA4\xC0\xFE\x53\x6E\xCD\xD3\x36\x69\x21"
des_p="\x80\x10\x80\x20|\x20\x80\x10\x80" # S-BOX
md5_p="\xd7\x6a\xa4\x78|\x78\xa4\x6a\xd7"
ripemd_p="\xE9\x76\x6d\x7a|\x7a\x6d\x76\xe9"
sha1_p="\x5a\x82\x79\x99|\x99\x79\x82\x5a"
sha256_p="\xd8\x9e\x05\xc1"
sha512_p="\xa2\x4d\x54\x19\xc8\x37\x3d\x8c"
sha3_p="\x89\x80\x00\x00\x00\x00\x00\x80|\x00\x00\x00\x00\x08\x00\x08\x90"
siphash_p="uespemos"
whirlpool_p="\x18\x18\x60\x18\xc0\x78\x30\xd8|\xd8\x30\x78\xc0\x18\x60\x18\x18"
usage() {
echo "Usage: cryptscan FILES..."
}
check_regex() {
local _file=$1 _pattern=$2
LC_ALL=C grep -qaobUP "$_pattern" "$_file"
}
run_checks() {
local _file=$1
local _found=
# check if any pattern matches
if check_regex "$_file" "$aes_p|$blowfish_p|$chacha_p|$curve25519_p|$des_p|$md5_p|$ripemd_p|$sha1_p|$sha256_p|$sha512_p|$sha3_p|$siphash_p|$whirlpool_p"; then
_found=1;
fi;
if [[ -n "$_found" ]]; then
printf "%-50s\t" "$_file"
if check_regex "$_file" "$aes_p"; then echo -n "AES "; fi
if check_regex "$_file" "$blowfish_p"; then echo -n "BLOWFISH "; fi
if check_regex "$_file" "$chacha_p"; then echo -n "ChaCha20 "; fi
if check_regex "$_file" "$curve25519_p"; then echo -n "curve25519 "; fi
if check_regex "$_file" "$des_p"; then echo -n "DES "; fi
if check_regex "$_file" "$md5_p"; then echo -n "MD5 "; fi
if check_regex "$_file" "$ripemd_p"; then echo -n "RIPEMD "; fi
if check_regex "$_file" "$sha1_p"; then echo -n "SHA1 "; fi
if check_regex "$_file" "$sha256_p"; then echo -n "SHA256 "; fi
if check_regex "$_file" "$sha512_p"; then echo -n "SHA512 "; fi
if check_regex "$_file" "$sha3_p"; then echo -n "SHA3 "; fi
if check_regex "$_file" "$siphash_p"; then echo -n "SIPHASH "; fi
if check_regex "$_file" "$whirlpool_p"; then echo -n "WHIRLPOOL "; fi
echo ""
fi
}
if [[ "$#" -eq 0 ]]; then
usage
exit 1
fi
printf "%-50s\t%s\n" "File" "Primitives"
printf "==== \t==========\n"
for arg in "$@"; do
find -H "$arg" -print0 | while IFS= read -r -d '' file; do
if [[ -f "$file" ]]; then
run_checks "$file"
fi
done
done