Skip to content
encrypted screenshots using RSA and AES
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
binaries
cryptoshot
cryptoshot_cmd
cryptoshot_dll
libfiles
libheaderfiles
original_libfiles
python-code
.gitignore
README
cryptoshot.sln

README

cryptoshot - making and saving encrypted screenshots

==== GENERAL
This application will make a screenshot of the desktop. If the desktop consists of multiple monitors
it should still work fine. However it has only been tested with a dual monitor setup. 
The windows project has the added functionality of sending the screenshot to a server of your choosing.

cryptoshot uses public/private RSA keypairs to protect the AES 256bit session key.
Additionally a SHA512-HMAC is calculated over the encrypted data using a 256bit key.
All keys are random and you are encouraged to change the "personalization strings" in the code which are 
used as input for the random number generation. The PRNG does not depend on them, but it's recommended
to change them.

==== USAGE
To use cryptoshot you need to prepare the cryptoshot binary with a public key:

C:\test>cryptoshot_init.py binaries\cryptoshot.exe http://youthost:portnumber/
Generating RSA keypair of size: 2048
Generation done
Saving private key to: private.key
Adding public key to binaries\cryptoshot.exe

Then you run cryptoshot which will produce a screen.enc file. You can decrypt this as follow:

C:\test>cryptoshot_decrypt.py binaries\screen.enc
Importing private rsa key private.key
Parsing encrypted screenshot screen.enc
Decrypting aes key and iv
Decrypting hmac key
Verifying hmac
Decrypting & decompressing screenshot
Saving decrypted screenshot

Make sure you don't loose the private RSA key or you will not be able to decrypt screenshosts.

If you want to test the cryptoshot_dll.dll you need to initialise the public key in the same manner.
You can take a screenshot using this:

rundll32.exe Release\cryptoshot_dll.dll,getencryptedscreenshot

Which will produce the same output as cryptoshot.exe.

You can setup the server by doing:

sudo apt-get install flask

Then you can just ./cryptoshot_server

==== FILE FORMATS
The modified executable file containing the public key looks like this:

|--------------------------|
| executable               |
|--------------------------|
| public RSA key           |
|--------------------------|
| length of public RSA key |
|--------------------------|

The encrypted file format looks like this:

|---------------------------------|
| length encrypted session key    |
|---------------------------------|
| RSA-OAEP encrypted AES KEY + IV |
|---------------------------------|
| RSA-OAEP encrypted HMAC key     |
|---------------------------------|
| HMAC of the encrypted data      |
|---------------------------------|
| AES encrypted screenshot        |
|---------------------------------|

==== FILE OVERVIEW
The following files are part of cryptoshot, the one with a * are the minimum required to use:

binaries/cryptoshot.exe* 
    uses winmain, thus it does not popup on screen when run
binaries/cryptoshot_cmd.exe 
    traditional main, mainly intended for debugging purposes
binaries/cryptoshot_dll.dll
    Same as cryptoshot.exe but compiled as a DLL
python-code/cryptoshot_init.py*
    generates rsa public/private keypair and appends them to cryptoshot
	changes the post url
python-code/cryptoshot_decrypt.py*
    verifies hmac and decrypts the screenshot
python-code/cryptoshot_server.py
    
enjoy,

DiabloHorn http://diablohorn.wordpress.com
You can’t perform that action at this time.