Pastebin launched a little side project called HostCabi.net, check it out ;-)Don't like ads? PRO users don't see any ads ;-)
Guest

terror email cron job

By: a guest on Oct 11th, 2013  |  syntax: Bash  |  size: 4.81 KB  |  hits: 178  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #!/bin/sh
  2. # mikethegoat from Bruce Schneier blog (schneier.com) 20131110
  3. # public domain. chicken is tasty.
  4.  
  5. # very quick and very dirty hacky script to send dodgy looking encrypted
  6. # mail to a friend of mine - and he can run it too and send really scary
  7. # stuff back. As discussed on schneierforms you'll probably want to make
  8. # a key with a size that isn't prohibitively large so that they don't just
  9. # give up. No - we want them to think they can crack it and waste their
  10. # resources on it. So I would pick a 1024 bit RSA key. 512R may be too
  11. # easy on their clusters. Once they decrypt it and figure out it is junk
  12. # this approach will cease to be useful.
  13. #
  14. # This script hasn't been fully tested. Actually it hasn't been tested at
  15. # all (I wrote this in ten minutes on a flight). So the code is very messy
  16. # and unnecessarily complex as I was/am pretty tired. Anyway, here goes:
  17. #
  18. # Given there are laws in some jurisdictions that can compell key disclosure
  19. # and even imprison those who can't comply I decided against just using
  20. # random junk. By using the front page of Google News and by keeping a copy
  21. # of your private key (see below re dummy key) and perhaps a second copy
  22. # with your lawyer if you ever do get a court order to release the key, you
  23. # can comply an demonstrate it was just crap to annoy the NSA.
  24. #
  25. # I suggest you don't expose your normal GNUPG keyring to this script.
  26. # If you're going to run this from a crontab then perhaps run it as an
  27. # unprivileged user and generate them a 1024 key. Ensure you keep a copy.
  28. #
  29. # One last warning - this script has no sanity checking. It has not been
  30. # authored as a user oriented tool nor is it something you would give
  31. # third parties access to. It is simple - just plug in your friend's email
  32. # address, put it in your crontab to run a few times a day and get your
  33. # friend to reciprocate. Yeah, few things are escaped and it is just
  34. # a PoC. It is not meant to be secure, reliable or fault tolerant. It
  35. # is a fucking shell script. Deal with it.
  36.  
  37. # Variables
  38. MYKEY=F0D1E2B1          # the ID of your dummy key
  39. RECKEY=A0B1D1E1         # the ID of your buddy's dummy key
  40. RECADDR=john@john.com   # the e-mail address of your buddy
  41.  
  42. # Prepare your eyes for the most ugly bit of shell hacking around.
  43. # It is scary. Really scary. And yes - I know that you can do this in
  44. # about 1/10th of the space. But I don't care. Love my convoluted script.
  45. # I know deep down in your hacker heart you feel it too.
  46. generatesubject()
  47. {
  48. chunk=$(head /dev/urandom|md5sum|tr -d [:alpha:]|cut -c1-4) # <<-- EVIL
  49. sub()
  50. {
  51. tc=$(echo "$chunk" | cut -c$1)
  52. [ $tc = 0 ] || [ $tc = 9 ] && echo -n "$2";[ $tc = 2 ] || [ $tc = 7 ] && echo -n "$3"
  53. [ $tc = 4 ] || [ $tc = 1 ] && echo -n "$4";[ $tc = 6 ] || [ $tc = 3 ] && echo -n "$5";[ $tc = 8 ] || [ $tc = 5 ] && echo -n "$6"
  54. return
  55. }
  56. case "$(echo "$chunk" | cut -c4)" in
  57. 0|9)
  58. echo -n "Re: "
  59. sub 1 "our " "great encouragement for the " "organizing the " "Prophet's grand plan for the " "the big "
  60. sub 2 "car-bombing " "anthrax attack " "propane truck hijack " "assault " "suicide bombing "
  61. echo -n "at the "
  62. sub 3 "White House" "Capitol Hill" "Pentagon" "CIA HQ" "gov't target"
  63. echo
  64. ;;
  65.  
  66. 1|8)
  67. echo -n "Re: pickup of our "
  68. sub 1 "coke " "meth " "heroin " "oxycodone " "ephedrine "
  69. echo -n "from "
  70. sub 2 "Biminy " "Florida " "Amsterdam " "Afghanistan " "the diplomat "
  71. sub 3 "was delayed" "rescheduled" "organized" "happening tomorrow" "went well"
  72. echo
  73. ;;
  74. 2|7)
  75. echo -n "Re: can you "
  76. sub 1 "source " "acquire me " "give estimate cost of " "quietly acqurie " "obtain "
  77. sub 2 "65x soviet RPG-7" "VR CW agent, weaponized" "fragmentation mines" "Soviet CS" "500+ SKS with ammo"
  78. echo "?"
  79. ;;
  80. 3|6)
  81. echo -n "Re: "
  82. sub 1 "Al Qaeda" "Hamas" "Hezbollah" "Al-Shebaab" "Tehriki-Taliban"
  83. sub 2 ": members NOTE NEW ORDERS" " needs your help old friend" " Leadership Meeting in Yemen" " recruitment procedures" " does great work - plans to destroy Israel"
  84. echo
  85. ;;
  86. 4|5)
  87. echo -n "Re: intel on "
  88. sub 1 "W.H. access control system" "president Obama security detail" "vulnerabilities in US financial clearance software" "voting machine exploits" "Washington D.C. potable water supply"
  89. echo
  90. ;;
  91. esac
  92. }
  93.  
  94. # You could do what you want here - substitute lynx with links or use wget
  95. # or curl and just dump the raw HTML. Use a different site. Perhaps just
  96. # seed a counter with the current timestamp and do 10,000 lines of just the
  97. # counter iterating upwards. I'm not your mother. I don't care.
  98. # I would use mutt's command line mailing feature if you have it - simply
  99. # because you can specify From: headers and what not - and you might be
  100. # able to even spoof your UA so it looks like, say Outlook Express or Moz.
  101. #
  102. lynx -dump http://news.google.com|gpg -u $MYKEY -a --encrypt -r $RECKEY|mail -s "`generatesubject`" $RECADDR
  103.  
  104. # That's it. I hope you enjoy this piece of crap.