Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- # mikethegoat from Bruce Schneier blog (schneier.com) 20131110
- # public domain. chicken is tasty.
- # very quick and very dirty hacky script to send dodgy looking encrypted
- # mail to a friend of mine - and he can run it too and send really scary
- # stuff back. As discussed on schneierforms you'll probably want to make
- # a key with a size that isn't prohibitively large so that they don't just
- # give up. No - we want them to think they can crack it and waste their
- # resources on it. So I would pick a 1024 bit RSA key. 512R may be too
- # easy on their clusters. Once they decrypt it and figure out it is junk
- # this approach will cease to be useful.
- #
- # This script hasn't been fully tested. Actually it hasn't been tested at
- # all (I wrote this in ten minutes on a flight). So the code is very messy
- # and unnecessarily complex as I was/am pretty tired. Anyway, here goes:
- #
- # Given there are laws in some jurisdictions that can compell key disclosure
- # and even imprison those who can't comply I decided against just using
- # random junk. By using the front page of Google News and by keeping a copy
- # of your private key (see below re dummy key) and perhaps a second copy
- # with your lawyer if you ever do get a court order to release the key, you
- # can comply an demonstrate it was just crap to annoy the NSA.
- #
- # I suggest you don't expose your normal GNUPG keyring to this script.
- # If you're going to run this from a crontab then perhaps run it as an
- # unprivileged user and generate them a 1024 key. Ensure you keep a copy.
- #
- # One last warning - this script has no sanity checking. It has not been
- # authored as a user oriented tool nor is it something you would give
- # third parties access to. It is simple - just plug in your friend's email
- # address, put it in your crontab to run a few times a day and get your
- # friend to reciprocate. Yeah, few things are escaped and it is just
- # a PoC. It is not meant to be secure, reliable or fault tolerant. It
- # is a fucking shell script. Deal with it.
- # Variables
- MYKEY=F0D1E2B1 # the ID of your dummy key
- RECKEY=A0B1D1E1 # the ID of your buddy's dummy key
- RECADDR=john@john.com # the e-mail address of your buddy
- # Prepare your eyes for the most ugly bit of shell hacking around.
- # It is scary. Really scary. And yes - I know that you can do this in
- # about 1/10th of the space. But I don't care. Love my convoluted script.
- # I know deep down in your hacker heart you feel it too.
- generatesubject()
- {
- chunk=$(head /dev/urandom|md5sum|tr -d [:alpha:]|cut -c1-4) # <<-- EVIL
- sub()
- {
- tc=$(echo "$chunk" | cut -c$1)
- [ $tc = 0 ] || [ $tc = 9 ] && echo -n "$2";[ $tc = 2 ] || [ $tc = 7 ] && echo -n "$3"
- [ $tc = 4 ] || [ $tc = 1 ] && echo -n "$4";[ $tc = 6 ] || [ $tc = 3 ] && echo -n "$5";[ $tc = 8 ] || [ $tc = 5 ] && echo -n "$6"
- return
- }
- case "$(echo "$chunk" | cut -c4)" in
- 0|9)
- echo -n "Re: "
- sub 1 "our " "great encouragement for the " "organizing the " "Prophet's grand plan for the " "the big "
- sub 2 "car-bombing " "anthrax attack " "propane truck hijack " "assault " "suicide bombing "
- echo -n "at the "
- sub 3 "White House" "Capitol Hill" "Pentagon" "CIA HQ" "gov't target"
- echo
- ;;
- 1|8)
- echo -n "Re: pickup of our "
- sub 1 "coke " "meth " "heroin " "oxycodone " "ephedrine "
- echo -n "from "
- sub 2 "Biminy " "Florida " "Amsterdam " "Afghanistan " "the diplomat "
- sub 3 "was delayed" "rescheduled" "organized" "happening tomorrow" "went well"
- echo
- ;;
- 2|7)
- echo -n "Re: can you "
- sub 1 "source " "acquire me " "give estimate cost of " "quietly acqurie " "obtain "
- sub 2 "65x soviet RPG-7" "VR CW agent, weaponized" "fragmentation mines" "Soviet CS" "500+ SKS with ammo"
- echo "?"
- ;;
- 3|6)
- echo -n "Re: "
- sub 1 "Al Qaeda" "Hamas" "Hezbollah" "Al-Shebaab" "Tehriki-Taliban"
- sub 2 ": members NOTE NEW ORDERS" " needs your help old friend" " Leadership Meeting in Yemen" " recruitment procedures" " does great work - plans to destroy Israel"
- echo
- ;;
- 4|5)
- echo -n "Re: intel on "
- sub 1 "W.H. access control system" "president Obama security detail" "vulnerabilities in US financial clearance software" "voting machine exploits" "Washington D.C. potable water supply"
- echo
- ;;
- esac
- }
- # You could do what you want here - substitute lynx with links or use wget
- # or curl and just dump the raw HTML. Use a different site. Perhaps just
- # seed a counter with the current timestamp and do 10,000 lines of just the
- # counter iterating upwards. I'm not your mother. I don't care.
- # I would use mutt's command line mailing feature if you have it - simply
- # because you can specify From: headers and what not - and you might be
- # able to even spoof your UA so it looks like, say Outlook Express or Moz.
- #
- lynx -dump http://news.google.com|gpg -u $MYKEY -a --encrypt -r $RECKEY|mail -s "`generatesubject`" $RECADDR
- # That's it. I hope you enjoy this piece of crap.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement