SelfCrypText v2.2

Antivirus, forensics, intrusion detection, cryptography, etc.
Message
Author
User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

SelfCrypText v2.2

#1 Post by SFR »

Once upon a time I've seen an interesting text encryption tool under Windoze.
That tool had ability to put the encrypted text in the application itself, and then to save it.
Thanks to it, it was possible to have encrypted text and the tool in one file.

I still feel weak in Bash and Gtkdialog, but I wrote something similar.
The code is a bit overbloated - I'm sure it's possible to optimize/improve it (and it is welcomed).
Also, it would be more secure to use variables instead files to keep temporary data,
but I couldn't find a way to do it in Gtkdialog...

SelfCrypText can be used in two ways:
1. As standard text encryption tool, eg.: input_some_text -> encrypt/decrypt -> copy_somewhere_else;
2. As portable, executable container for encrypted text, eg.: input_some_text -> encrypt/decrypt -> save_as;

The second option creates a new copy of application, but the file contains encrypted text also.
When it's launched, the text is displayed instantly and can be decrypted, and the application itself can be reused.

SelfCrypText uses 'openssl' and AES-256 + base64 encryption.
Written on Lupu-528.004.

EDIT:
The latest single-note version (v1.4) is attached HERE.
The latest multi-note version (v2.2) is attached HERE.

Greetings!
Attachments
SelfCrypText.jpg
SelfCrypText screenshots
(60.67 KiB) Downloaded 1736 times
SelfCrypText.tar.gz
SelfCrypText - unpack and launch by clicking on it.
(1.04 KiB) Downloaded 939 times
Last edited by SFR on Tue 25 Jun 2013, 14:48, edited 8 times in total.
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#2 Post by Lobster »

ipsa scientia potestas est

Well done.
I may use this to encrypt the location of my time machine. At the moment it is stashed in the future and to the right a bit.
For some this will be invaluable :)

The Growl program in Puppy 5.3.1 (Menu/network)
has the option to encrypt and decrypt a file
using click and drag by and calling the program
/usr/sbin/bcrypt_gui

I believe micko wrote that for Slacko
. . . might be of interest
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

User avatar
Dave_G
Posts: 453
Joined: Thu 21 Jul 2011, 13:53

#3 Post by Dave_G »

Nice one SFR.
Don't be concerned with it being bloated, it's not.
I have no doubt that it can be minimized but what advantage would be
gained from it?
It's not like a short GTKdialog is going to bring your CPU to it's knees
and by optimizing it, you may make it less unreadable and more difficult for others
to adapt and modify to their specific needs.

The only change I would make is like you say try and use variables instead
of files for your temp storage.
I don't know enough about GTKdialog to help but try posting here:
http://www.murga-linux.com/puppy/viewtopic.php?t=38608
There will be more then a few users that might be able to help out.

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#4 Post by SFR »

Quo semel est imbuta recens, servabit odorem testa diu.
Optimalization...it's my old habit inherited from the c64, to be concerned about every single bit of free mem and every single cycle of CPU.
And yes, it was a challenge to analyze such code later. :lol:

I'll post this problem at Gtkdialog Tips thread and meanwhile I'll try to find a way to encrypt/decrypt string instead file using openssl - had problem with this too.

Thanks & Greetings!
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#5 Post by SFR »

I did a small security upgrade:

- the temporary file is wiped out instantly after every use in code;
- the temporary file is wiped out using 'shred' instead simple 'rm'.

Greetings!
Attachments
SelfCrypText_v1.1.tar.gz
SelfCrypText_v1.1 - unpack and launch by clicking on it.
(1.08 KiB) Downloaded 878 times
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#6 Post by SFR »

Update: SelfCrypText_v1.2

Another small improvements:
- prevention of encrypting an empty message (such message couldn't be decrypted);
- added file-selector to 'Save As' dialog;
- added opportunity to overwrite an existing file;
- few aesthetic corrections in code.

I think it's the goal I had wish to achieve...
...for now.

Greetings!
Attachments
SelfCrypText_v1.2.tar.gz
Unpack & click to launch.
(1.21 KiB) Downloaded 877 times
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

User avatar
technosaurus
Posts: 4853
Joined: Mon 19 May 2008, 01:24
Location: Blue Springs, MO
Contact:

#7 Post by technosaurus »

I haven't taken a look at the code but I often use

Code: Select all

VAR=`command`

#and to get the data
command <<< $VAR
#or
echo "$VAR" |command
I wrote a little poor man's steganography tool a while back that would embed any file onto any file... it used a temp file too, but now that I think about it if I used a VAR, I could probably? use ${#VAR} and some integer math instead of stat -c %s to get the size

its here:
http://www.murga-linux.com/puppy/viewtopic.php?t=72807
Check out my [url=https://github.com/technosaurus]github repositories[/url]. I may eventually get around to updating my [url=http://bashismal.blogspot.com]blogspot[/url].

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#8 Post by SFR »

The main problem is the <edit><default> widget in my case.
It doesn't allow to be refreshed if I use a variable or command, the only way is to use <edit><input file> and temporary file.
http://www.murga-linux.com/puppy/viewto ... 937#598937
Such temp file is converted into a variable and shredded immediatly and then everything is done with that variable...until the next refresh (which is encrypt/decrypt action).
It's ok with eg. <entry><input>$VAR... (and the password is stored in that way), but this won't allow to use multiple lines...
Nice idea. It has a big advantage over the classic steganography = any kind of files allowed.
I just tried cat some_random_stuff_file >> abiword and dillo binaries, and they still work.
Tried with *.tar.gz also - after decompressing Xarchive shows "Wrapper exited with a error", but unpacked data is untouched!

Thanks & Greetings!
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

bruno
Posts: 139
Joined: Thu 08 Mar 2012, 12:09
Location: Belgium

how to install?

#9 Post by bruno »

How can i install this?
I just know how to install a .pet, but this is not a .pet
If i click on it, it just shows the code.
Thanks

bruno
Posts: 139
Joined: Thu 08 Mar 2012, 12:09
Location: Belgium

#10 Post by bruno »

I'm using dpup exprimo 3.2.14.2

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#11 Post by SFR »

Hey Bruno.

This app is designed to be portable; doesn't need to be installed.

I assume that you unpacked the downloaded file first..?
If so and still nothing I guess that permissions of the file aren't set properly...
In Rox-Filer right-click on the file -> File 'SelfCrypt...' -> Properties and select all boxes under "Exec".

If this won't help, open terminal window in a folder where the file resides, type:

Code: Select all

./SelfCrypText_v1.2
see if there are any errors and let me know how's it going.

HTH
Greetings!
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

bruno
Posts: 139
Joined: Thu 08 Mar 2012, 12:09
Location: Belgium

#12 Post by bruno »

Thanks SFR,
Now I see how it works.
Very nice little fast app!

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#13 Post by SFR »

Doh, I just found out that "shred" program isn't included in Slacko. :(

So, to preserve secure deletion of temporary file, I used this, instead of shred:

Code: Select all

SIZE=`du -b $TEMPFILE | cut -f1`
dd if=/dev/urandom of=$TEMPFILE bs=1 count=$SIZE
I hope dd behaves as I think it does: overwrites exactly the same sectors of a file on the disk..?

Additionaly I did few fixes, the most important was wrong handling of filenames with spaces.

Greetings!
Attachments
SelfCrypText_v1.3.tar.gz
Unpack &amp; click to launch.
(1.4 KiB) Downloaded 765 times
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#14 Post by SFR »

Using Pizzasgood's idea I've applied ramdisk as a storage for temp file.
I believe it's more reasonable way than dabbling with dd and shred.

Dynamic ramdisk has been set to max. 1 MB, but I think it's more than enough.
Additionally since now all data is being gzip'ed before encryption.

Greetings!
Attachments
SelfCrypText_v1.4.gz
Extract, make executable and click to launch.
(1.37 KiB) Downloaded 1152 times
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

disciple
Posts: 6984
Joined: Sun 21 May 2006, 01:46
Location: Auckland, New Zealand

#15 Post by disciple »

The second option creates a new copy of application, but the file contains encrypted text also.
When it's launched, the text is displayed instantly and can be decrypted, and the application itself can be reused.
Cool, a stand-alone secret diary :)
Do you know a good gtkdialog program? Please post a link here

Classic Puppy quotes

ROOT FOREVER
GTK2 FOREVER

User avatar
technosaurus
Posts: 4853
Joined: Mon 19 May 2008, 01:24
Location: Blue Springs, MO
Contact:

#16 Post by technosaurus »

There are other uses for this method. Ever heard of upx or sqeeze?
http://source.netsurf-browser.org/?p=sq ... ;a=summary
http://upx.sourceforge.net/
the only difference is that their "encryption" method is just compression.

Rather than a small frontend decompressor, you can have any program frontend and embed any data. Unfortunately criminal entities have given steganography a bad name, so we don't see much of this.

I'll leave you with that thought to ponder the possibilities.

btw, I think my coolest idea yet, was to embed packages onto the end of its own screenshot - it even worked extremely well with thumb-nailer page generator programs for browsing, but then I figured we had enough different package systems already.
Check out my [url=https://github.com/technosaurus]github repositories[/url]. I may eventually get around to updating my [url=http://bashismal.blogspot.com]blogspot[/url].

User avatar
sc0ttman
Posts: 2812
Joined: Wed 16 Sep 2009, 05:44
Location: UK

#17 Post by sc0ttman »

technosaurus wrote:btw, I think my coolest idea yet, was to embed packages onto the end of its own screenshot - it even worked extremely well with thumb-nailer page generator programs for browsing, but then I figured we had enough different package systems already.
Agreed, that was cool. (at least, it's the coolest one I understand)
[b][url=https://bit.ly/2KjtxoD]Pkg[/url], [url=https://bit.ly/2U6dzxV]mdsh[/url], [url=https://bit.ly/2G49OE8]Woofy[/url], [url=http://goo.gl/bzBU1]Akita[/url], [url=http://goo.gl/SO5ug]VLC-GTK[/url], [url=https://tiny.cc/c2hnfz]Search[/url][/b]

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#18 Post by SFR »

@Techno:
I heard about UPX. Heard also about tools like PESpin (for Win), which provides encryption too (or is it just password protection??).

Once, I was started to code something, somehow related, but for regular files.
The idea was to embed files chosen by the user, pack & encrypt them into one, self-extracting container that can be reused later, like SelfCrypText.
In fact it was just a bit extended idea of self-extracting .exe archives under Windoze or those shell installers, like "amd-driver-installer.run".
But my vision was too fuzzy - I didn't know what I want to achieve actually, so current project status: abandoned. :wink:

I appreciate your tips, maybe something will grow out of them someday...
disciple wrote:Cool, a stand-alone secret diary :)
I'm glad you like it. :)
Unfortunately there's some kind of size limit of <edit> in Gtkdialog and when that limit (~128K in my tests) is exceeded strange things happen. :?
The workaround could be multiple, separate notes in a list; perhaps I'll try do to something like this in the future.

Thanks & Greetings!
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#19 Post by SFR »

SFR wrote:[...]multiple, separate notes in a list[...]
Initially I thought it'll be easier to implement, but finally here it is.

SelfCrypText-v2.2

The general idea remained unchanged, the only (visible) change is handling of multiple notes.

Requirements:
Gtkdialog >= 0.7.21, Xdialog, openssl + usual set of tools like: cut, grep, tr, sed, awk and so on...

Additional info:
1. Each note can be encrypted with its own unique passphrase.
2. Maximum size of single note: ~128K (in my tests).
3. Maximum size of all notes: ~64M (theoretically).
4. Maximum amount of notes: unknown.

Known issues:
- In "Notes List" if you click empty space (and not specific note), all disabled buttons and fields will become enabled, but even if you write some text, such non-assigned note won't be saved anywhere.
- Special characters like: * : | / \ $ ^ & as well as leading and trailing spaces are not allowed in titles; if used anyway - they will be trimmed out and replaced with _.

_________________

Written on Slacko-5.3.3

Have fun & Greetings!
Attachments
SelfCrypText-v2.0.jpg
Screenshot
(101.23 KiB) Downloaded 796 times
SelfCrypText-v2.2.gz
Extract and click to launch.
(3.69 KiB) Downloaded 903 times
Last edited by SFR on Tue 25 Jun 2013, 14:46, edited 3 times in total.
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

User avatar
SFR
Posts: 1800
Joined: Wed 26 Oct 2011, 21:52

#20 Post by SFR »

Update, version 2.1:

- Added progressbar during data extracting and saving (it's useful when there's a lot of notes)
- Program window is now a bit more flexible (better look when maximized/resized)
- One trivial modification and SelfCrypText is compatible with Gtkdialog 0.7.21 again, so there's also a big chance that it'll be more compatible with some other distros (tried in PCLinuxOS - seems to work fine); the only issue is that buttons aren't expanded to fill all available space (in 0.7.21 only).
- Lots of minor, internal improvements

New version has been attached to my previous post (see above).
___________

Update, version 2.2 (2013-06-25):
- bugfix: crashing in FatDog due to use of "\xa0" as a "hidden" character; changed to "\xe2\x81\xa3".

See previous post...

Greetings!
Last edited by SFR on Tue 25 Jun 2013, 14:45, edited 1 time in total.
[color=red][size=75][O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource[/size][/color]
[b][color=green]Omnia mea mecum porto.[/color][/b]

Post Reply