AES256_Passwd_Store script securely encrypts or decrypts passwords on disk within a custom database file. It also features functionality to retrieve passwords from a previously generated database file.
This script takes a master password from stdin/from memory, then hashes the password using the specified hashing algorithm passed to the algorithm parameter/-a (scrypt, sha256) and finally AES-256 encrypts/decrypts the file’s data using the algorithm’s hash as the AES-256 key.
When providing the ‘scrypt’ argument to the algorithm parameter the script will generate a custom scrypt salt per each database file edit or creation. The uniquely generated salt is base64 encoded and prepended to each database file’s encrypted bytes separated by carriage return line feed bytes (for parsing) as meta-data.
When using the change password parameter/-cp the script will decrypt the database file’s data into memory, write random bytes*WIPE_PASSES to the database file, truncate the file and finally write the new data AES-256 encrypted with the new hashed master password to the database file. Effectively making data recovery/forensics difficult.
Example Usage Using Script As The Hashing Algorithm
Create a database file
python3 aespasswd_store.py -a scrypt -c
Change master password for a database file
python3 aespasswd_store.py -a scrypt -cp
Edit a database file
python3 aespasswd_store.py -a scrypt -e
Query data from within the database file
python3 aespasswd_store.py -a scrypt -q
Examples
# Add entry to the database/modify existing data:
pass_id1=password
pass_id2=password
pass_id3=password
# Delete existing data:
pass_id1=delete
pass_id2=delete
# -q parameter: Query data (entering nothing dumps all data):
pass_id1
pass_id3
# Press ctrl+D (linux) or ctrl+Z (windows) to save data from stardard input.
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…