노현종

secure aes string xml aws mysql

1 +using System;
2 +using System.Collections.Generic;
3 +using System.Text;
4 +using System.IO;
5 +using System.Threading;
6 +using System.Security.Cryptography;
7 +
8 +namespace AESENC
9 +{
10 + public class AES
11 + {
12 + //AES_256 암호화
13 + public String AESEncrypt256(String Input, String key) {
14 + RijndaelManaged aes = new RijndaelManaged();
15 + aes.Padding = PaddingMode.PKCS7;
16 + aes.KeySize = 256;
17 + aes.BlockSize = 128;
18 + aes.Mode = CipherMode.CBC;
19 + aes.Padding = PaddingMode.PKCS7;
20 + aes.Key = Encoding.UTF8.GetBytes(key);
21 + aes.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
22 +
23 + var encrypt = aes.CreateEncryptor(aes.Key, aes.IV);
24 + byte[] xBuff = null;
25 + using (var ms = new MemoryStream()) {
26 + using (var cs = new CryptoStream(ms, encrypt, CryptoStreamMode.Write)) {
27 + byte[] xXml = Encoding.UTF8.GetBytes(Input);
28 + cs.Write(xXml, 0, xXml.Length);
29 + }
30 +
31 + xBuff = ms.ToArray();
32 + }
33 +
34 + String Output = Convert.ToBase64String(xBuff);
35 + return Output;
36 + }
37 +
38 +
39 + //AES_256 복호화
40 + public String AESDecrypt256(String Input, String key) {
41 + RijndaelManaged aes = new RijndaelManaged();
42 + aes.KeySize = 256;
43 + aes.BlockSize = 128;
44 + aes.Mode = CipherMode.CBC;
45 + aes.Padding = PaddingMode.PKCS7;
46 + aes.Key = Encoding.UTF8.GetBytes(key);
47 + aes.IV = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
48 +
49 + var decrypt = aes.CreateDecryptor();
50 + byte[] xBuff = null;
51 + using (var ms = new MemoryStream()) {
52 + using (var cs = new CryptoStream(ms, decrypt, CryptoStreamMode.Write)) {
53 + byte[] xXml = Convert.FromBase64String(Input);
54 + cs.Write(xXml, 0, xXml.Length);
55 + }
56 +
57 + xBuff = ms.ToArray();
58 + }
59 +
60 + String Output = Encoding.UTF8.GetString(xBuff);
61 + return Output;
62 + }
63 +
64 +
65 + //AES_128 암호화
66 + public String AESEncrypt128(String Input, String key) {
67 +
68 + RijndaelManaged RijndaelCipher = new RijndaelManaged();
69 +
70 + byte[] PlainText = System.Text.Encoding.Unicode.GetBytes(Input);
71 + byte[] Salt = Encoding.ASCII.GetBytes(key.Length.ToString());
72 +
73 + PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(key, Salt);
74 + ICryptoTransform Encryptor = RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
75 +
76 + MemoryStream memoryStream = new MemoryStream();
77 + CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
78 +
79 + cryptoStream.Write(PlainText, 0, PlainText.Length);
80 + cryptoStream.FlushFinalBlock();
81 +
82 + byte[] CipherBytes = memoryStream.ToArray();
83 +
84 + memoryStream.Close();
85 + cryptoStream.Close();
86 +
87 + string EncryptedData = Convert.ToBase64String(CipherBytes);
88 +
89 + return EncryptedData;
90 + }
91 +
92 + //AE_S128 복호화
93 + public String AESDecrypt128(String Input, String key) {
94 + RijndaelManaged RijndaelCipher = new RijndaelManaged();
95 +
96 + byte[] EncryptedData = Convert.FromBase64String(Input);
97 + byte[] Salt = Encoding.ASCII.GetBytes(key.Length.ToString());
98 +
99 + PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(key, Salt);
100 + ICryptoTransform Decryptor = RijndaelCipher.CreateDecryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
101 + MemoryStream memoryStream = new MemoryStream(EncryptedData);
102 + CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);
103 +
104 + byte[] PlainText = new byte[EncryptedData.Length];
105 +
106 + int DecryptedCount = cryptoStream.Read(PlainText, 0, PlainText.Length);
107 +
108 + memoryStream.Close();
109 + cryptoStream.Close();
110 +
111 + string DecryptedData = Encoding.Unicode.GetString(PlainText, 0, DecryptedCount);
112 +
113 + return DecryptedData;
114 + }
115 + }
116 +}
117 +
...@@ -14,31 +14,20 @@ namespace VulnCrawler ...@@ -14,31 +14,20 @@ namespace VulnCrawler
14 [XmlRoot("MySqlAccountInfo")] 14 [XmlRoot("MySqlAccountInfo")]
15 public class Account 15 public class Account
16 { 16 {
17 - public static string FilePath => @"D:\Account.xml"; 17 + public static string FilePath => @"Account.xml";
18 [XmlAttribute("EndPoint")] 18 [XmlAttribute("EndPoint")]
19 - public string Endpoint { get; set; } 19 + public string Endpoint { get; set; } = "127.0.0.1";
20 [XmlAttribute("ID")] 20 [XmlAttribute("ID")]
21 - public string Id { get; set; } 21 + public string Id { get; set; } = "root";
22 [XmlAttribute("PW")] 22 [XmlAttribute("PW")]
23 - public string Pw { get; set; } 23 + public string Pw { get; set; } = "123";
24 -
25 } 24 }
26 - 25 + public static Account account { get; private set; }
27 - private static Account account;
28 -
29 static AWS() { 26 static AWS() {
30 // account = LoadAccount(); 27 // account = LoadAccount();
31 - account = new Account() {
32 - Endpoint = "aaa",
33 - Id = "bbb",
34 - Pw = "1231",
35 28
36 - };
37 - Console.WriteLine(account.Endpoint);
38 } 29 }
39 -
40 private static Account LoadAccount() { 30 private static Account LoadAccount() {
41 -
42 if (!File.Exists(Account.FilePath)) { 31 if (!File.Exists(Account.FilePath)) {
43 return null; 32 return null;
44 } 33 }
...@@ -47,18 +36,24 @@ namespace VulnCrawler ...@@ -47,18 +36,24 @@ namespace VulnCrawler
47 using (var reader = new StreamReader(Account.FilePath)) { 36 using (var reader = new StreamReader(Account.FilePath)) {
48 XmlSerializer xs = new XmlSerializer(typeof(Account)); 37 XmlSerializer xs = new XmlSerializer(typeof(Account));
49 acc = (Account)xs.Deserialize(reader); 38 acc = (Account)xs.Deserialize(reader);
50 -
51 -
52 } 39 }
53 -
54 return acc; 40 return acc;
55 } 41 }
56 42
57 - public static void SaveAccount() { 43 + public static void LoadAccount(string txt) {
44 + Account acc = null;
45 + // Deserialization
46 + using (TextReader reader = new StringReader(txt)) {
47 + XmlSerializer xs = new XmlSerializer(typeof(Account));
48 + acc = (Account)xs.Deserialize(reader);
49 + }
50 +
51 + account = acc;
58 52
59 53
60 - //File.SetAttributes(Account.FilePath, FileAttributes.Normal);
61 54
55 + }
56 + public static void SaveAccount() {
62 // Serialization 57 // Serialization
63 using (StreamWriter wr = new StreamWriter(Account.FilePath)) { 58 using (StreamWriter wr = new StreamWriter(Account.FilePath)) {
64 XmlSerializer xs = new XmlSerializer(typeof(Account)); 59 XmlSerializer xs = new XmlSerializer(typeof(Account));
...@@ -67,6 +62,8 @@ namespace VulnCrawler ...@@ -67,6 +62,8 @@ namespace VulnCrawler
67 62
68 } 63 }
69 64
65 +
66 +
70 } 67 }
71 68
72 69
......
...@@ -9,14 +9,29 @@ using System.Text.RegularExpressions; ...@@ -9,14 +9,29 @@ using System.Text.RegularExpressions;
9 using System.Threading.Tasks; 9 using System.Threading.Tasks;
10 10
11 using MySql.Data.MySqlClient; 11 using MySql.Data.MySqlClient;
12 +using AESENC;
13 +using System.Security;
14 +using System.Runtime.InteropServices;
15 +
12 namespace VulnCrawler 16 namespace VulnCrawler
13 { 17 {
14 class Program 18 class Program
15 { 19 {
16 static void Main(string[] args) { 20 static void Main(string[] args) {
17 21
18 - AWS.SaveAccount(); 22 + SecureString s_key = GetConsoleSecurePassword();
23 + Console.Clear();
24 + string key = SecureStringToString(s_key);
25 + //AWS.SaveAccount();
26 + AES aes = new AES();
27 + string txt = File.ReadAllText(@"Account.xml");
28 + string xml = aes.AESDecrypt128(txt, key);
29 +
30 + AWS.LoadAccount(xml);
31 +
32 + AWS.Account account = AWS.account;
19 33
34 + Console.WriteLine($"Endpoint: {account.Endpoint}, ID: {account.Id}, PW: {account.Pw}");
20 35
21 //MySqlConnectionStringBuilder builder = new MySqlConnectionStringBuilder { 36 //MySqlConnectionStringBuilder builder = new MySqlConnectionStringBuilder {
22 // Server = "", 37 // Server = "",
...@@ -48,7 +63,33 @@ namespace VulnCrawler ...@@ -48,7 +63,33 @@ namespace VulnCrawler
48 // Run(); 63 // Run();
49 64
50 } 65 }
66 + static String SecureStringToString(SecureString value) {
67 + IntPtr valuePtr = IntPtr.Zero;
68 + try {
69 + valuePtr = Marshal.SecureStringToGlobalAllocUnicode(value);
70 + return Marshal.PtrToStringUni(valuePtr);
71 + } finally {
72 + Marshal.ZeroFreeGlobalAllocUnicode(valuePtr);
73 + }
74 + }
51 75
76 +
77 + private static SecureString GetConsoleSecurePassword() {
78 + SecureString pwd = new SecureString();
79 + while (true) {
80 + ConsoleKeyInfo i = Console.ReadKey(true);
81 + if (i.Key == ConsoleKey.Enter) {
82 + break;
83 + } else if (i.Key == ConsoleKey.Backspace) {
84 + pwd.RemoveAt(pwd.Length - 1);
85 + Console.Write("\b \b");
86 + } else {
87 + pwd.AppendChar(i.KeyChar);
88 + Console.Write("*");
89 + }
90 + }
91 + return pwd;
92 + }
52 public static void Run() { 93 public static void Run() {
53 // Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록) 94 // Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록)
54 var directorys = Directory.GetDirectories(@"c:\VulnPy"); 95 var directorys = Directory.GetDirectories(@"c:\VulnPy");
......
...@@ -53,6 +53,7 @@ ...@@ -53,6 +53,7 @@
53 <Reference Include="System.Xml" /> 53 <Reference Include="System.Xml" />
54 </ItemGroup> 54 </ItemGroup>
55 <ItemGroup> 55 <ItemGroup>
56 + <Compile Include="AES.cs" />
56 <Compile Include="AWS.cs" /> 57 <Compile Include="AWS.cs" />
57 <Compile Include="Program.cs" /> 58 <Compile Include="Program.cs" />
58 <Compile Include="Properties\AssemblyInfo.cs" /> 59 <Compile Include="Properties\AssemblyInfo.cs" />
......