|
|
from Crypto.Cipher import AES
|
|
|
from Crypto.Protocol.KDF import PBKDF2
|
|
|
import os
|
|
|
import tempfile
|
|
|
from dotenv import load_dotenv
|
|
|
|
|
|
load_dotenv()
|
|
|
|
|
|
def unpad(data):
|
|
|
return data[:-data[-1]]
|
|
|
|
|
|
def decrypt_and_run():
|
|
|
|
|
|
password = os.getenv("PASSWORD")
|
|
|
if not password:
|
|
|
raise ValueError("PASSWORD secret not found in environment variables")
|
|
|
|
|
|
password = password.encode()
|
|
|
|
|
|
with open("code.enc", "rb") as f:
|
|
|
encrypted = f.read()
|
|
|
|
|
|
salt = encrypted[:16]
|
|
|
iv = encrypted[16:32]
|
|
|
ciphertext = encrypted[32:]
|
|
|
|
|
|
key = PBKDF2(password, salt, dkLen=32, count=1000000)
|
|
|
cipher = AES.new(key, AES.MODE_CBC, iv)
|
|
|
|
|
|
plaintext = unpad(cipher.decrypt(ciphertext))
|
|
|
|
|
|
with tempfile.NamedTemporaryFile(suffix=".py", delete=False, mode='wb') as tmp:
|
|
|
tmp.write(plaintext)
|
|
|
tmp.flush()
|
|
|
print(f"[INFO] Running decrypted code from {tmp.name}")
|
|
|
os.system(f"python {tmp.name}")
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
decrypt_and_run()
|
|
|
|
|
|
|
|
|
|
