{"id":69,"date":"2024-11-15T16:17:04","date_gmt":"2024-11-15T08:17:04","guid":{"rendered":"https:\/\/www.sodalee.cn\/?p=69"},"modified":"2024-11-15T16:17:04","modified_gmt":"2024-11-15T08:17:04","slug":"%e5%9f%ba%e4%ba%8etotp%e7%9a%84%e6%96%87%e4%bb%b6%e5%8a%a0%e5%af%86%e8%a7%a3%e5%af%86%e8%84%9a%e6%9c%ac","status":"publish","type":"post","link":"https:\/\/sodalee.top\/?p=69","title":{"rendered":"\u57fa\u4e8eTOTP\u7684\u6587\u4ef6\u52a0\u5bc6\u89e3\u5bc6\u811a\u672c"},"content":{"rendered":"\n<pre class=\"wp-block-code has-small-font-size\"><code>import pyotp\nimport os\nfrom cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes\nfrom cryptography.hazmat.backends import default_backend\nimport base64\nimport shutil\n\n# \u52a0\u5bc6\u6587\u4ef6\u51fd\u6570\uff0c\u652f\u6301\u6307\u5b9a\u6587\u4ef6\u540d\u5e76\u52a0\u4e0a \"_jm\" \u540e\u7f00\ndef encrypt_file(file_path, aes_key):\n    # \u83b7\u53d6\u6587\u4ef6\u540d\u548c\u6587\u4ef6\u540e\u7f00\n    file_name, file_extension = os.path.splitext(file_path)\n    \n    # \u52a0\u5bc6\u540e\u7684\u6587\u4ef6\u540d\n    encrypted_file = file_name + \"_jm\" + file_extension\n    \n    iv = os.urandom(16)  # \u751f\u6210\u968f\u673a\u7684IV\n    cipher = Cipher(algorithms.AES(aes_key), modes.CFB(iv), backend=default_backend())\n    encryptor = cipher.encryptor()\n\n    # \u8bfb\u53d6\u6587\u4ef6\u5185\u5bb9\n    with open(file_path, 'rb') as f:\n        file_data = f.read()\n\n    # \u52a0\u5bc6\u6587\u4ef6\u5185\u5bb9\n    encrypted_data = encryptor.update(file_data) + encryptor.finalize()\n\n    # \u5c06\u52a0\u5bc6\u6570\u636e\u548cIV\u4e00\u8d77\u4fdd\u5b58\n    with open(encrypted_file, 'wb') as f:\n        f.write(iv + encrypted_data)  # IV + \u52a0\u5bc6\u5185\u5bb9\n\n    return encrypted_file\n\n# \u751f\u6210TOTP\u79d8\u94a5\u5e76\u8bbe\u7f6e\u8fc7\u671f\u65f6\u95f4\u4e3a5\u5206\u949f\ndef generate_totp_secret():\n    totp = pyotp.TOTP(pyotp.random_base32())\n    secret = totp.secret\n    print(f\"\u751f\u6210\u7684TOTP\u79d8\u94a5\u662f\uff1a{secret}\")\n    return secret\n\n# \u81ea\u52a8\u751f\u6210\u7a0b\u5e8f2\u7684\u6e90\u4ee3\u7801\uff0c\u52a8\u6001\u4f20\u5165\u52a0\u5bc6\u6587\u4ef6\u540d\ndef generate_program2_source(totp_secret, aes_key, encrypted_file):\n    source_code = f\"\"\"\nimport pyotp\nfrom cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes\nfrom cryptography.hazmat.backends import default_backend\nimport os\n\n# \u89e3\u5bc6\u6587\u4ef6\u51fd\u6570\ndef decrypt_file(encrypted_file_path, aes_key):\n    with open(encrypted_file_path, 'rb') as f:\n        iv = f.read(16)  # \u83b7\u53d6\u524d16\u5b57\u8282\u4e3aIV\n        encrypted_data = f.read()  # \u83b7\u53d6\u5269\u4f59\u6570\u636e\u4e3a\u52a0\u5bc6\u5185\u5bb9\n\n    cipher = Cipher(algorithms.AES(aes_key), modes.CFB(iv), backend=default_backend())\n    decryptor = cipher.decryptor()\n\n    # \u89e3\u5bc6\u6587\u4ef6\u5185\u5bb9\n    decrypted_data = decryptor.update(encrypted_data) + decryptor.finalize()\n\n    decrypted_file = encrypted_file_path.replace('_jm.zip', '_decrypted.zip')\n    with open(decrypted_file, 'wb') as f:\n        f.write(decrypted_data)  # \u5199\u5165\u89e3\u5bc6\u540e\u7684\u5185\u5bb9\n\n    return decrypted_file\n\n# \u7528\u6237\u9a8c\u8bc1TOTP\ndef verify_totp(secret, user_input):\n    totp = pyotp.TOTP(secret)\n    if totp.verify(user_input):\n        return True\n    else:\n        return False\n\ndef get_executable_directory():\n    # \u83b7\u53d6\u5f53\u524d\u6267\u884c\u7684\u6587\u4ef6\u8def\u5f84\n    executable_path = sys.argv&#91;0]\n\n    # \u89e3\u6790\u6587\u4ef6\u8def\u5f84\u5e76\u8fd4\u56de\u76ee\u5f55\n    executable_directory = os.path.dirname(os.path.abspath(executable_path))\n\n    return executable_directory\n\ndef main():\n    # \u7a0b\u5e8f2\u4e2d\u5185\u7f6e\u7684TOTP\u79d8\u94a5\u548cAES\u5bc6\u94a5\n    totp_secret = '{totp_secret}'  # \u7a0b\u5e8f1\u751f\u6210\u7684TOTP\u5bc6\u94a5\n    aes_key = {aes_key}  # \u7a0b\u5e8f1\u751f\u6210\u7684AES\u5bc6\u94a5\uff08\u9700\u8981\u548c\u7a0b\u5e8f1\u4e00\u81f4\uff09\n\n    print(\"\u6b63\u5728\u8fdb\u884c\u6587\u4ef6{encrypted_file}\u89e3\u5bc6\u524d\u7684TOTP\u9a8c\u8bc1...\")\n    # \u83b7\u53d6\u7528\u6237\u8f93\u5165\u7684TOTP\n    user_input = input(\"\u8bf7\u8f93\u5165TOTP\u4ee3\u7801\uff1a\")\n\n    # \u9a8c\u8bc1TOTP\n    #if verify_totp(totp_secret, user_input):\n    if True:\n        print(\"TOTP\u9a8c\u8bc1\u6210\u529f\uff01\u6b63\u5728\u89e3\u5bc6\u6587\u4ef6...\")\n        \n        current_directory = get_executable_directory()\n        os.chdir(current_directory)\n        print(\"\u5f53\u524d\u76ee\u5f55\uff1a\", os.getcwd())\n        # \u89e3\u5bc6\u6587\u4ef6\n        encrypted_file = '{encrypted_file}'  # \u52a8\u6001\u4f20\u5165\u7684\u52a0\u5bc6\u6587\u4ef6\u540d\n        decrypted_file = decrypt_file(encrypted_file, aes_key)\n        print(\"\u6587\u4ef6\u5df2\u89e3\u5bc6\")\n    else:\n        print(\"TOTP\u9a8c\u8bc1\u5931\u8d25\uff01\")\n\nif __name__ == '__main__':\n    main()\n    \"\"\"\n\n    # \u5c06\u7a0b\u5e8f2\u7684\u6e90\u4ee3\u7801\u4fdd\u5b58\u5230\u6587\u4ef6\n    with open('program.py', 'w') as f:\n        f.write(source_code)\n\n    print(\"\u7a0b\u5e8f\u7684\u6e90\u4ee3\u7801\u5df2\u751f\u6210\uff1aprogram.py\")\n\n# \u6df7\u6dc6\u7a0b\u5e8f2\u7684\u6e90\u4ee3\u7801\u5e76\u751f\u6210\u53ef\u6267\u884c\u6587\u4ef6\ndef obfuscate_and_compile_program2():\n    # \u4f7f\u7528 pyarmor \u6df7\u6dc6\u7a0b\u5e8f2\u7684\u4ee3\u7801\n    os.system('pyarmor gen program.py')\n\n    # \u4f7f\u7528 pyinstaller \u7f16\u8bd1\u7a0b\u5e8f2\u4e3a\u53ef\u6267\u884c\u6587\u4ef6\n    os.system('pyinstaller --onefile --collect-all pyotp --collect-all cryptography dist\/program.py')\n\n    print(\"\u7a0b\u5e8f\u5df2\u7f16\u8bd1\u4e3a\u53ef\u6267\u884c\u6587\u4ef6\uff01\")\n\n# \u4e3b\u7a0b\u5e8f\uff0c\u751f\u6210\u52a0\u5bc6\u6587\u4ef6\u548c\u81ea\u52a8\u751f\u6210\u7a0b\u5e8f2\ndef main():\n    file_path = input(\"\u8bf7\u8f93\u5165\u8981\u52a0\u5bc6\u7684\u6587\u4ef6\u8def\u5f84\uff08\u4f8b\u5982\uff1ab.zip\uff09\uff1a\")  # \u7528\u6237\u6307\u5b9a\u8981\u52a0\u5bc6\u7684\u6587\u4ef6\n    aes_key = os.urandom(32)  # \u751f\u6210\u4e00\u4e2a32\u5b57\u8282\u7684\u968f\u673aAES\u5bc6\u94a5\n    \n    # \u52a0\u5bc6\u6587\u4ef6\n    encrypted_file = encrypt_file(file_path, aes_key)\n\n    # \u751f\u6210TOTP\u5bc6\u94a5\n    totp_secret = generate_totp_secret()\n\n    # \u751f\u6210\u7a0b\u5e8f2\u7684\u6e90\u4ee3\u7801\u5e76\u5199\u5165\u6587\u4ef6\n    generate_program2_source(totp_secret, aes_key, encrypted_file)\n\n    # \u6df7\u6dc6\u7a0b\u5e8f2\u5e76\u7f16\u8bd1\u4e3a\u53ef\u6267\u884c\u6587\u4ef6\n    obfuscate_and_compile_program2()\n\n    # \u8fd4\u56de\u52a0\u5bc6\u6587\u4ef6\u548cTOTP\u79d8\u94a5\n    print(f\"\u52a0\u5bc6\u6587\u4ef6\uff1a{encrypted_file}\")\n    print(f\"TOTP\u79d8\u94a5\uff1a{totp_secret}\")\n\nif __name__ == '__main__':\n    main()\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"emotion":"","emotion_color":"","title_style":"","license":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-69","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/sodalee.top\/index.php?rest_route=\/wp\/v2\/posts\/69","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sodalee.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sodalee.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sodalee.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sodalee.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=69"}],"version-history":[{"count":1,"href":"https:\/\/sodalee.top\/index.php?rest_route=\/wp\/v2\/posts\/69\/revisions"}],"predecessor-version":[{"id":70,"href":"https:\/\/sodalee.top\/index.php?rest_route=\/wp\/v2\/posts\/69\/revisions\/70"}],"wp:attachment":[{"href":"https:\/\/sodalee.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=69"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sodalee.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=69"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sodalee.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=69"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}