Lava lamp encryption

Lately there have been some articles on that 10% of the internet I protected by lava lamp encryption. Cloudflare have a wall of lava lamps that theire encryption take photos of to compute a more random password. Even though their encryption algorithms is most likely never going to run out of randomnes, they added a layer with total randomnes that is absolutley unpossible to predict. They take photos of a huge wall of lavalamps. Even if there is static/noise in the picture , thats bether. It helps to add even more randomnes.

lavalampwall.jpg

I thought as a fun little weekend project i would look at how i could create a simplified proof of conecpt in PowerShell to generate a more random password that Get-Random is capable of.

First i needed something that could read picturefiles. Some time ago i came over a cool function/script from Prateek Singh called Write-Pixel. You can find it over at his awesome blog here. Its limited to 16 collors, but within that frame it finds the closest collor to each pixel in a picture. So what i did was instead of naming the colors likes this:

colors

I used a random string generator to generate a random string with 200 characters for each of the collors. So it ended up like this:

colors2.png

After this i edited the script som i instead of outputting a blank space with background collor, it outputted the “collor” name/text to a variable. After the script is done analyzing the whole picture and have created a huge text/string. Ecspecialy if its a high res photo like 3000*2000 pixels. Thats 3 million pixels! I then run a command that selects 20 random characters from that 3 million * 200 character long string.

Now you have a bit more random password than what Get-Random can produce alone.

I dont say that this is extremely secure. Probbaly would have been better if the string/name of each collor was generated by some sort of algorithm or used Get-Random to select the text that was goign to be set for each collor.

I would sugest to test with a verry small picture, or else it will take a great deal of time to analyze the picture. I have added so the script outputs each collorcode so we can see some sort of progress. Probbaly would have run faster without the output.

$script:passwordstring = "1"
Function Write-Pixel
{
    param(

                $Path = 'C:\webcamphotos\WIN_20180106_19_42_31_Pro.jpg'
                    )
    Begin
    {
        [void] [System.Reflection.Assembly]::LoadWithPartialName("System.drawing")

        # Console Colors and their Hexadecimal values
        $Colors = @{
            'FF000000' =   'So5s@38Diy1tuEmOW!UbuUmzK9qN2TY5K7pZPXKvhkqNmk7AeSQgL@yDOeX5lQAm!cigrI5lxPTeK!vZdLmKyin0msSF$qm86!UVVMkz6xTGQkCRYy4ULBqD8va9ZeNcb3ceJsU7z4oSoQmZVZwhNcieIEe1gPHNp!JU9lw2jNw$FBlcCb!$GuGMpBDg8UrcKk3NoJ@S'
            'FF000080' =   'Pg8JNbhgx@K5szzf1BDjI1i3nndhhLXQejvvM7HJ$cHNre!eJH3VHFDAk20uLhhBg@ARA4U9GBzgketbIYmnAlOHENCsylGxLxaV3vjVSWc8Cxa4NtFacVX!EiI33kbGEw4FxQo$MJ0SevoBBflkjy4qV!9ClkcEKkpE7WQe@RMQsEAn1k@Qn2c02MphxN4$e$PFNMSm'
            'FF008000' =   'CeKDBi!N$X8E763k3PcCFMnMZnUEpI3LHPRwcLHrra47GgIhi6tPJfKYtSjD$F02wQ1@c7qcNAtQGJ@1mDLy462c44OHu8QmAHMnB$o3jgot@s6Tf2UzUukk7brVT3JPyB!MDwYiuia61J9rbr!wj01pi0luSxF6iMTopyuaG8WFkgY7rzxnrtOu$mbzw8rgbBVuBUuO'
            'FF008080' =   '5KrB$kq@IBayb13jY4uPjB7D3wJPk9F2@wvWQRgX6pmsCreKcUJ2k3MNB9$!KoR7Xu8dT$d3wHztXvAaX@d8eRNtBl6zutLnTszVE!aiS8CHElh2Kz5W8yzPDP2uEZOETeIxJwfKmMyKLWba2o2nJmLEsWg9b1BUn@b3Sl@FLvZEpZjwiw0v36if55LiQYD34pL4J$GI'
            'FF800000' =   '0fFtGyhr63uX1LOBDuX49bgRq1mbXVB4cll4nWYvyY!VDSC0EfNLkMgfUCZN3fpnByY6vzUEbMzVunqFMxGph8ZjRm5DOxO9SzOjYSA4VemyYgDqXfZjOzt@BMzbDmaihpXXI!DDRxq4g5WtRx14RftFnzmn6xZWe8WbryjlToo@44pNq4Du3YzEYEt$9n78PhlKWxkH'
            'FF800080' =   'W3cV$iPWJhwKNI8lUnet1!r0SnjUGC$zd1T5Uh4Oy6lojDn0dszYCD1tlXprzBZktXw3qaPFBNV6WYh@fdKQvyV0YfLE!UnUu1SFqYApe!3Jw17xqkwlly!GVtvS5RcF7yG3GPgm@VjOw0JqbSAZ93BU!UoqPS@bDp2utXFXTSvURVsENkZ2kM60H70LmqwQEhe2O6WS'
            'FF808000' =   'Nh6GLrZbSqbNir3WM4GZiwsU3lupPJhO$RG1x9YL0SQ6VEj$YKUy5HETo0JsoCVZjEukDTUuQX1ufo!DP!aQQtF!jSw9HRvZMrJW8gICIXDOVZN8KCl6u1LEltG!8EULi@lJH0JoFCTOkE6C2A@bbQF5D7A3jysNjwroFVLPDWQ5Yb9P5Yq$KE8@z7sJCMeITM1EizK$'
            'FFC0C0C0' =   'ax$1Md0v5buwvzspjctSFDqQFlWPBQh08egQdbOug18NZqJQ$KkVTHG41$QlIxJ9k1nGx4uYs5ueARr!3erX!hl56!gF1vzPU!Tfcje4LZ1TTGuwBSS@chAw2pWHpl$C27OPwdE4idkHniyE6gdeO8MFBA!bb@Z@7Q5ehYsRAaEc!q4jt8BfSqJkDgi0jkAIoyFJsFt@'
            'FF808080' =   'Tv1szp5wbq9WUJhSgaw6wmRqqMzouN$!p2OeB4tyd8RdXq1wvGPUQNVmwj4NXW23XVFejOL2Ii4eqRAn0sv0FkC6zjz$CE9pQntPpZuAA4@5Bco6U64ARSZw2Il9v59ntIoA85AYhvMQA9e8l3sqIBIDnTcxs7cu9pqRDi@pM8g@P9Ydru!OQtFETKsQ9CcBo$XsOo4V'
            'FF0000FF' =   'zqLMWjHXHTcBq!T6LEBYuo8fifqkhRFQ79llps94tyui9uceEKUm3FyMz1HsBoorcJYZFy$ABeKdN!3Kvxj85sRJ0vkR7vMMH!c1se3FEmfUjwxUMJ3b9vzxBEXkiE3Wg2eaNPQ44ETPtW4Bv78Ik$rBFE0F9ysQXT7L!dhBk4bKDwNo5cg4i6e8oB0a7TPUkmOmyMny'
            'FF00FF00' =   'R0M6FfUlX8bSsTsjbV3blrym$WpKvCWcromBlRfKUfEFdN0Gds25XFTpNqEunHFnp$HS4wau!@el9L86fNL8ZqTkDmhrVmrtwVsSGbws9lSxC!c5sKYNuYcigwMQBV4k$byA6IMhJ3URHYwR92qMb4JmN1oQEnFM3koK0O6R09$Zcl7RopUnWKAnKBcbczMM@8DCm87U'
            'FF00FFFF' =   'jl@jn!RqymlAj9icNwSrBlX7ENnvLKJ8Bi3cXq8Kte$2z2AvCQrRne7kVl77LPW0anpzZGwSHO$NgUEIbuna5FmRUDNI@$$8x@caTAITrWnFGzeeeZvIYc833SMJO@xnSmic4HMVE5hj91xW9UdZC4ncOEQEfTYksbx6nURDdSgNTDlCwKsKqpaKllXnf6!ZWl6!ZYu@'
            'FFFF0000' =   'aJxzT6RzYx!FPc3hXK9K55@B9p$HVLLaJZTlHDlCcdcz0InPdgipisKG@XiZEJ!hiZXEqL8sQ@id0euX3i5lcWN6Cfav38KHsUWeGa!ji!VpNO46feSx6JnRbKvHWbZpjRELUFv3VHzGuX32EUEF1bx@Eox1eOzPTV1ocYdn9zYMro9@esESIKFBJ9lQVqW8VRm3W1z5'
            'FFFF00FF' =   'd0!iua4AYoaJ4wuYLZIg42Gu@BhhbCy6aAsZxtaL$HFxlHQvNP8b2u3Y8tPfBPlszhjLHEjVmgMAGitL9AJzrP92QaQgyxPOOXYk6Te6urb0NeP9aBM9GG4Ap7nY29kZP5rjE8EsN2bMJ1N@62MCZ9b48$oW82u3O62lJeCv$9wC7YRquPkOZBnm8YStb@Wr!@r6aBWh'
            'FFFFFF00' =   'FyYur1cxuaw3qW1CbEz5HrDNz$EGVsPf@2xHpeTEn3GmaV$4dgq1js4!o2dTybaY4RncxIKYrL0VIt2NOqaC6aYDjPpiqfsnt3gE00@muDIwk011tRPMxWHnntSnGNn0X3WMuMSJKDbDE8LbA7YSJVsCasrkILYmsvsdHypsEiRG!5zNcxxU3afAHg9qnwu9ewiRzAvw'
            'FFFFFFFF' =   'caD889pAPVdR!WZwJzt3zOeFmlL72RD2mR2zNtBo@5sDoXbxfGuaO!NEqWTCtkgZUMHqnfc@F3eOOLp3UNBkDxI6zaLgIlCctq4@oCmioBZesbV42GwZZewfVl@qrAN5ths7VjHMLE@nEGwbYpUrbfsPy1NT3l!@I044QWcbjMsXXQBTLyE8Xtw3h4$xPQQ0rmU6tzp4'
        }

        # Algorithm to calculate closest Console color (Only 16) to a color of Pixel
        Function Get-ClosetConsoleColor($PixelColor)
        {
            $Differences = Foreach($item in $Colors.Keys)
            {
                ''|select @{n='Color';e={$Item}},@{n='Diff';e={[math]::abs([convert]::ToInt32($Item,16) - [convert]::ToInt32($PixelColor,16))}}
            }

            ($Differences |sort Diff)[0].color
        }
    }
    Process
    {
        Foreach($item in $Path)
        {
            #Convert Image to BitMap
            $BitMap = [System.Drawing.Bitmap]::FromFile((Get-Item $Item).fullname)

            Foreach($y in (1..($BitMap.Height-1)))
            {
                Foreach($x in (1..($BitMap.Width-1)))
                {
                    $Pixel = $BitMap.GetPixel($X,$Y)
                    $BackGround = $Colors.Item((Get-ClosetConsoleColor $Pixel.name))
                    $script:passwordstring += "$BackGround"
                    $pixel.name

                }

            }
        }        

    }
    end
    {

    }

}
Write-Pixel

for ($i = 0; $i -lt 20; $i++ ) {
    $newpassword += $script:passwordstring[(Get-Random -Minimum 0 -Maximum $passwordstring.Length)]
    }

$newpassword

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s