Custom Paths and Extensions

Question

Custom Paths and Extensions

justuandme opened this issue 8 years ago · 8 comments

where can i define custom extensions and custom paths ?
i have tried this in win 7 vm. it encrypts some csv files on c and pictures on c drive.
but it didn't create any html file on desktop.

Answer 1 · 2016-10-13T12:48:58.000Z

You can enable the console mode to see the log information. For that remove the -H windowsgui from te go build command on Makefile before build.

Note: Update the project with go get -u github.com/mauri870/ransomware at least once a day

Custom paths and extensions can be specified on this file

It can take a while depending on the amount of files that you have because are only 2 workers encrypting files in parallel by default

Please update the project and if not work again, enable the log and post it here.

Thanks for your report, cheers

Answer 2 · 2016-10-13T14:52:27.000Z

i just downloaded this today. let me configure and run another test from scratch.
i will post details here soon.

PS : how to make the ransomware.exe work on 32 bit windows ?

Answer 3 · 2016-10-13T15:40:00.000Z

how to make the ransomware.exe work on 32 bit windows ?
its showing error on running x86 32bit win7 VM.

Answer 4 · 2016-10-13T16:02:27.000Z

Oh, good question. I've missed that

I will open a PR to compile for x86 by default. For now you can use env GOOS=windows GOARCH=386 make

Answer 5 · 2016-10-13T16:21:11.000Z

ok now the files are encrypted on windows and on server side it sends these keys. in database.db file.

*3
$3
set
$32
98384e2dd004a01801ccec1fd11f2f11
$32
338acca6e104d8b52ac5886d34271c67

On desktop HTML.

YOUR IDENTIFICATION IS
98384e2dd004a01801ccec1fd11f2f11

on server side logs.

[negroni] Started POST /api/keys/add
[negroni] Completed 204 No Content in 14.478254ms

now which key is use to unlock the files ? after running unlocker.

Answer 6 · 2016-10-13T16:30:05.000Z

Alright i used this key to decrypt it : 338acca6e104d8b52ac5886d34271c67
and it works... contents are decrypted now.
nice program.... but one question.
what are these number ?

*3
$3
set
$32

Answer 7 · 2016-10-13T16:52:40.000Z

You can get your encryption key pointing to http://server-address/api/keys/:id, where :id is your identification key stored on the file on desktop

I use buntdb for store the keys, so this numbers must be referent to db indexes I guess

Answer 8 · 2016-10-13T17:33:53.000Z

Alright great ! thanks