This project is meant for instructional and experimental purposes only. Use of this program without understanding how to use it could lead to permanant loss of important files. This is malware, it does encrypt your files, and unless you decrypt it properly, data will be lost.
- Summary /TLDR
- Background
- Running and Compiling
- Screenshots
This is a demonstration of ransomware, built with python. The python code(available here) was also compiled into exicutable files which are available for testing here. Please be careful as this will encrypt any files where the file is run and any files adjacent or sub-folders.
I was watching Network Chuck's intro to malware making with python: i created malware with Python (it's SCARY easy!!)
I based my original code off of what I saw in the video and then modified it so it would encrypt all the files in the subdirectory as well. The code uses the python library Fernet which is an extension of the python cryptography library. Both together allow for AES 128-bit encryption and decryption. After that I turned the two files into fully contained exicutable files using pyinstaller, which packages python files along with dependant libraries into a single exicutable file.
I have only tested this code on Windows 10 and I do not know whether the python files would run on other operating systems.
The cryptography library must be instally with: "pip install cryptography". After which, insert "my_ransomware.py" and "decrypt.py" in the same file with the file you wish to encrypt. Run "python my_ransomware.py" first, check that the contents of the other files are encrypted. You will see that "thekey.key" was created, you must keep this in the same folder otherwise, the files will not be able to be decrypted. To decrypt the files, run "python decrypt.py" in the same folder as the created key file. To compile the the python files in the compile_this_python_to_exe, you must download pyinstaller with "pip install pyinstaller". You then must add it to your path. You must find the path where the pyinstaller exicutable is. Afterwards you need to add the path to the exicutable to your path.You will then package this version of my_ransomware.py and decrypt.py(which are different to the previous versions of the python code by a few lines) with the commands "pyinstaller --onefile .\my_ransomware.py" and "pyinstaller --onefile .\my_ransomware.py" respectively. After which you can run the two exicutable in the the folder you wish to encrypt.