Ransomware Using Python
Ransomware Using PythonPermalink
Ransomware is a type of malicious software or malware that is intended to block users from accessing files and data on their computer until a ransom is paid. It encrypts your data.
here in my project (Ransomware) there are two parts :
- Server (Attacker)
- Client (Victim)
Server (Attacker)Permalink
First, I connect by a port and an IP addPermalink
Then, Assigning a key for encrtypting Data but if I left the key like this it will be catched using Wireshare or any sniffing network tools, so i encrypted the key by RSAPermalink
Then, opening a socket to connect with the victim and send to it some command like (encrypt , decrypt, ..)Permalink
Client (Victim)Permalink
First, It sniffs and checks whick OS you use (Windows or Linux)Permalink
Then, it lists the partitions on your device to encrypt Data in themPermalink
After That, it opens connction with the attacker through socket and recieves the key to encrypt DataPermalink
Then, It reads all files with thier extensions to encrypt themPermalink
Then, It encrypts Data. Here, I reley on CTR mode for AES Algorithm, I read the file with block-size = 16 byte then encrypt it and change the extension with it by “.huss”Permalink
For decrypting data we call decryption_function. Here is the same as encryption_function- it releys on CTR mode for AES Algorithm and read the encrypted file as block-size = 16 byte then it decrypts it to the original filePermalink
To decrypt and encrypt the attacker send a command to the victim through socket to do that (encrypt, decrypt, exit)Permalink
From Runnig RansomwarePermalink
How to run this RansomwarePermalink
Install pythonPermalink
Download the latest version of python python
install libriries that we needPermalink
pip install pycryptodome
pip install crypto
pip install cryptography