Ransomware Using Python

1 minute read

Ransomware Using PythonPermalink

Ransomware is a type of malicious software or malware that is intended to block users from accessing files and data on their computer until a ransom is paid. It encrypts your data.

here in my project (Ransomware) there are two parts :

  1. Server (Attacker)
  2. Client (Victim)

Server (Attacker)Permalink

First, I connect by a port and an IP addPermalink



Then, Assigning a key for encrtypting Data but if I left the key like this it will be catched using Wireshare or any sniffing network tools, so i encrypted the key by RSAPermalink



Then, opening a socket to connect with the victim and send to it some command like (encrypt , decrypt, ..)Permalink



Client (Victim)Permalink

First, It sniffs and checks whick OS you use (Windows or Linux)Permalink



Then, it lists the partitions on your device to encrypt Data in themPermalink

After That, it opens connction with the attacker through socket and recieves the key to encrypt DataPermalink

Then, It reads all files with thier extensions to encrypt themPermalink

Then, It encrypts Data. Here, I reley on CTR mode for AES Algorithm, I read the file with block-size = 16 byte then encrypt it and change the extension with it by “.huss”Permalink

For decrypting data we call decryption_function. Here is the same as encryption_function- it releys on CTR mode for AES Algorithm and read the encrypted file as block-size = 16 byte then it decrypts it to the original filePermalink

To decrypt and encrypt the attacker send a command to the victim through socket to do that (encrypt, decrypt, exit)Permalink

From Runnig RansomwarePermalink

How to run this RansomwarePermalink

Install pythonPermalink

Download the latest version of python python

install libriries that we needPermalink

pip install pycryptodome
pip install crypto
pip install cryptography

See it on GitHub(Code)Permalink

Code