Ransomware Using Python
Ransomware Using Python
Ransomware is a type of malicious software or malware that is intended to block users from accessing files and data on their computer until a ransom is paid. It encrypts your data.
here in my project (Ransomware) there are two parts :
- Server (Attacker)
- Client (Victim)
Server (Attacker)
First, I connect by a port and an IP add
Then, Assigning a key for encrtypting Data but if I left the key like this it will be catched using Wireshare or any sniffing network tools, so i encrypted the key by RSA
Then, opening a socket to connect with the victim and send to it some command like (encrypt , decrypt, ..)
Client (Victim)
First, It sniffs and checks whick OS you use (Windows or Linux)
Then, it lists the partitions on your device to encrypt Data in them
After That, it opens connction with the attacker through socket and recieves the key to encrypt Data
Then, It reads all files with thier extensions to encrypt them
Then, It encrypts Data. Here, I reley on CTR mode for AES Algorithm, I read the file with block-size = 16 byte then encrypt it and change the extension with it by “.huss”
For decrypting data we call decryption_function. Here is the same as encryption_function- it releys on CTR mode for AES Algorithm and read the encrypted file as block-size = 16 byte then it decrypts it to the original file
To decrypt and encrypt the attacker send a command to the victim through socket to do that (encrypt, decrypt, exit)
From Runnig Ransomware
How to run this Ransomware
Install python
Download the latest version of python python
install libriries that we need
pip install pycryptodome
pip install crypto
pip install cryptography