Time Lock Safe Machine (I made it!!)

If it doesn't relate to Debian, but you still want to share it, please do it here

Time Lock Safe Machine (I made it!!)

Postby bester69 » 2019-10-06 11:54

Ive developed a time lock software machine (Its Stable, well tested :!: ), by using john-the-ripper decrypting strong force times.
Ivent find any application or kind of software solution for this purpose, so I decided to developed it by myself.

Image

Purpose:
Being able to lock for a minimum approximate time (time to decrypting module with force brute> minits /hours or days in an approximate time) any information (mainly a password) so none can acces it, not even yourself (not backguards/recovery passwords).. So its usefull if you have some kind of uncontrolled tentations issues. :D

Requirements.:
-john-the-ripper (https://snapcraft.io/john-the-ripper)
- Nc, Np : Nc=Digits of pass word for decoding; Np: Number of parts to chop the file, to increase accuracy of time decrypting estimation,Depending on you cpu power, You will need to adjust times of decrypting by increasing/decreasing variables:
>> Im using Nc=10 and Np=4 (for a 2 to 5 hour decrypting estimation time)
>> with Nc=9 , I get time minits period decrypting with Nc=11, I get aroung one/two days period decrypting
- NJhon_$Nc.txt: File to fix/preset number of digits for word to decrypt, if doesnt exist It creates with Nc=10
- split : Split keepassx file in "Np" parts, so the more parts you split the file the more increase the accuracy of time decrypting estimation by using force brute with john-the-ripper.
- keepassx: Used to store the passwords (It has been extension renamed with .xwd for obscured reasons)
- gcolor2: Used like an OK/Cacelled operation button.
----------------

rip.sh (encrypts module keepass)
Code: Select all
#!/bin/sh
#
APATH=/home/myuser/LINUXDEBS/rip

#Llamada desde ripname.sh
if [ -z "$1"  ]
  then
    INI=`date +%Y-%m-%d_%H:%M:%S` 
    else
    INI="$1"
  fi
# Partes dividido de encriptado
Np=4
#Caracteres de encriptado
Nc=10
#**************************
#****Para conseguir una estimación mas precisa limitar al Maxlenght and Minlenght al Nc
#**** Limitar al Numero máximo NC:  john-the-ripper --max-length=6 *****<<<<<<<<<
#**************************
WALL=$APATH
A=1  && cat $WALL/NJhon*.txt && A=0
if [ $A -eq 1  ]
  then
    echo $Nc > $WALL/NJhon_$Nc.txt
    else
      Nc=$(cat $WALL/NJhon*.txt)   
      mv $WALL/NJhon*.txt $WALL/NJhon_$Nc.txt
  fi
 
#**************************

FICH="$1"
#Añadido*****
sudo chattr +i $APATH/done/sal*
#********************
cd $APATH && rm -rf done/
rm -rf undone/
mkdir done

A=1
# Split en N partes para aumentar el tiempo de cifrado---------------------
rm -rf .zzSplit/
# Desbloquea con rip/ Bloquea con unrip/ Elimina con ripdel
sudo chattr +i *.xwd
mkdir .zzSplit && cp *.xwd .zzSplit/ && A=0 && cd .zzSplit/
split -n$Np *.xwd split_
if [ $A -eq 1  ]
  then
  clear
  echo "No hay ningún fichero .xwd"
    exit
  fi

#Fija los dos primeros carácteres @ 1a rango bajo de búsqueda para q tarde menos en decodificar
## El secuencial Da toda la vuelta, por lo q este trucoc solo se puede aplicar con un split: Np=1
#Nc=$(echo $(($Nc -3))) && VFIX="111"
for f in split_*
do
VRAN="$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w $Nc | head -n 1)"
#VRAN="$VFIX$VRAN"
VRAN="$(cat /dev/urandom | tr -dc '0-9' | fold -w $Nc | head -n 1)"


  mv $f $f.part.xwd
  zip -P "$VRAN" $f$INI.zip $f.part.xwd
  echo $VRAN > $f$INI.zip.txt
done

nc_used="sal$INI(Nc_$Nc).txt"
echo "$Nc" > $nc_used
mkdir sal$INI && mv *.zip *.txt sal$INI && mv sal$INI ../done/
#sudo chattr +i ../done/sal$INI/*.zip
 cd ../. && rm -rf .zzSplit/
# Split en N partes para aumentar el tiempo de cifrado---------------------
rm -rf undone/ && mkdir undone
ln -sf ../done/sal$INI/ ./undone/ &&  cd undone && rm sal
mv  sal$INI sal

#Verifica q esta correctamente añadido
   cd $APATH/done/sal$INI/
   for f in split_*.zip
   do
   VRAN=$(cat $f.txt)
   unzip -P "$VRAN" $f
   done
 cat split*.xwd > out.xwd
#
#  #Control@@@@@@@
 #dolphin out.xwd &
 keepassx ./out.xwd 2> /dev/null &
 sleep 5
 gcolor2 2> /dev/null
 killall keepassx
# #Control@@@@@@@
#
 rm split*.txt *.xwd && sudo chattr +i ./
 
#


unrip.sh (decrypts module keepass)
Code: Select all
#!/bin/sh
#
APATH=/home/myuser/LINUXDEBS/rip
VARL=/tmp/xxYaS
CONT=""
INI=`date +%Y-%m-%d_%H:%M:%S`
FICH="$1"
#NH es numero de horas de decodificación para q sea válida
NH=3

rm -rf /home/myuser/snap/john-the-ripper/

clear
cd $APATH && mkdir undone
cd $APATH/undone

rsync -aAXv --delete $APATH/undone/sal/ $APATH/undone/ --exclude=sal
rm  *.txt *.hash

cd $APATH/undone
Nc=$(cat $APATH/undone/sal/sal*.txt)
if [ -z $Nc ]
then
echo "Falta: Nc_Num_(sal_fecha)"
exit
fi

for f in split_*
do
# Cálcula riempo-----------------------------
killall timerout.sh -9
killall timerout -9
/home/myuser/scripts/timerout.sh
# Cálcula riempo-----------------------------

cp -f $f part.zip
snap run john-the-ripper.zip2john part.zip > johnpass.hash
snap run john-the-ripper --min-length=$Nc --max-length=$Nc --incremental:Digits johnpass.hash

CONT=$(cat $VARL/contador.txt)
killall timerout.sh -9

snap run john-the-ripper --show johnpass.hash > clave_$f.txt

echo "Tiempo Procesado $f: $CONT" >> clave_$f.txt
echo "Tiempo Procesado $f: $CONT" >> logTiempo$INI.txt
done


FIN=`date +%Y-%m-%d_%H:%M:%S`
echo "$FICH Comenzo a $INI y termino a $FIN" >> logTiempo$INI.txt

clear
##Calcula si es válida por condición de tiempo Mayor > @ NH horas
#NH es numero de horas de decodificación para q sea válida
UPT="$(echo $CONT | awk -F: '{print $1}')"
UPT=$(echo $(($UPT + 0)))
UPT=99
if [ $UPT -gt $NH ]
    then
#echo "Cumple condición:  $UPT horas, es Mayor de $NH"
echo "Terminada: Comenzo a $INI y termino a $FIN"
sudo chattr -i sal/ && cp logTiempo$INI.txt sal/ && cp clave*.txt sal/
sudo chattr +i sal/
else
echo "No! cumple condición:  $UPT horas, es menor de $NH"
    fi


timerout.sh (timer to keep track of times descrypting, not necessary)
Code: Select all
#!/bin/bash
#
VARL=/tmp/xxYaS
rm -rf $VARL
mkdir /tmp/xxYaS

for (( c=0; c>=0; c++ ))
do 
CONT=$(date -d@$c -u +%H:%M:%S)
# clear
#echo -ne "Welcome $CONT times"
  printf "\r%2d $CONT Welcome times"
  echo $CONT > $VARL/contador.txt
  sleep 1
  done &


Its very cool to be used like a parental control for yourself, I lock the dns with cleanbrowsing filter dns's and then put your root password in the time lock machine, so when you have the tentation .... :mrgreen:
bester69 wrote:You wont change my mind when I know Im right, Im not an ...
User avatar
bester69
 
Posts: 1498
Joined: 2015-04-02 13:15

Return to Offtopic

Who is online

Users browsing this forum: No registered users and 2 guests

fashionable