Rapid7.com
image from rapid7 .com

Ransomware with Python

Hello Medium Hackers,
Hope You all doing well.
Lets try something dangerous today.

📢 This blog is for education purpose only.

Ever wanted to tease your friends or do a prank on your enemies; if answer is yes then is blog is simply for you.
In this blog we will be learning how to create a simple ransomware program which can really destroys systems using python. This blog will not be focusing on theory too much but I will provide my readers with terms and learning material just in case you guys are curious.
Tighten Your seatbelt 🤘

What is a Ransomware ?
Ransomware is a Malware that blocks a user or organization access to files in their system by encrypting these files and demands a ransom payment for decryption.

Hmmm this sounds interesting. But the definition left you with a lot of jargons. Lets get the basic definition of encryption and decryption.

Encryption: Process of concealing the information/data into random data.
Decryption: (opposite to encryption) Converting encrypted information to original data.

Popular Ransomware Attacks : RYUK and WannaCry. (More here)
We are not going deep in them but yes You have to be careful while playing with these files since they may cause damage to your system as well as victims system.

So lets look at some important files for our ransomware.

Important Files
ransomware.py : code for ransomware which needs to be executed.
genKey.py : set of public-private key generator.
public_key.pem : public key for our encryption.
private_key.pem: private key provided after ransom to victim.

Soo this was enough with the TALKS. SHOW ME THE CODE >
Note:-
For making this article short and concise I am just briefing the code snippets. In case you are interested in deeper knowledge you can refer to documentation or contact me 😁.

Coding

You will be able to find complete code at the end of this article in form of a github repository.

Libraries

pip install cryptography

genKey.py

We will be using RSA algorithm for generating public and private key. (More)

Only point of focus in above code is key_size in line 8. If you think that the size of files that your program is going to encrypt is large then you will have to increase the key size.

Why do we need a key generator ? Why can’t one public private pair work.
There may be cases when you have more than one victim and they may try sharing keys so at cost of one private key all systems may get private key. So to avoid this we can create different public private key pairs for all the victims.

Ransomware.py

Working

Encryption

Above code is implementing the above diagram. The line marked with red can be used for changing type of file you want to destroy.

Decryption

If you are changing file type in encryption don’t forget to change in decryption too.

How to use

1. Run genKey.py : generate the public and private keys.
2. Send ransomware.py and public_key.pem file to victim.
3. As soon as victim runs the ransomware.py file your work is done
4. All the txt files in his current folder will by encrypted.
5. When you send the victim with private_key.pem he will be able to recover the data back

In Depth Tutorial

1. Run genKey.py on your system

You will be able to see 2 files created:
1. private_key.pem
2. public_key.pem
and a success message below
>> Successfully created Public and Private Key

Snapshot for my Target or Victim Folder

Target Folder contains :
1. Ransomware.py
2. public_key.pem that you created in above step
3. Files that will be encrypted.

2. You need to send only ransomware.py and public_key to victim

Question why will someone run a file sent by you ? 🤨
Off course they will not so how can you fool them this is upto you.
(Hint for advance readers: hardcode ransomware with publickey and create a service for ransomware.py. Victim will run it unknowingly)

3. When victim runs the ransomware.py

Remember
If victim closes the command prompt / program or
If he types “NO” or
If he types “Yes” and did not add private_key.pem
he will not be able to recover the data.

Snapshots of data in files of my target folder

Snapshot of data in files of target folder after running ransomware script

5. Adding private_key.pem to folder and pressing “YES” on Command prompt.

All the data in txt files will get to original state.

Conclusion

Woahhhh…. so you were able to complete the blog.
And we have successfully created a simple ransomware script with python. Why I am calling it simple is because it is really a naive way to do this since a real ransomware would completely kill the system of victim so it is a good idea to openly distribute the code but yes if you got the idea right you will be able to create a proper one with advanced features.
In case you were facing any problem or want to learn more about ransomware feel free to contact me. Would love to connect. 🤟

Also please press that clap button as hard as you can 🙏🙏

So this marks the end of this article. Lets meet in other one. Any suggestion on topics you want an article on ?.

THANK YOU !!! 😁

IMPORTANT LINKS

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store