Coder Social home page Coder Social logo

gocry's Introduction

gocry

gocry is a simple ransomware implementation using golang. It hasn't been tested on Windows, but it does work on Linux.

Disclamer

This project is purely academic, use at your own risk. I do not encourage in any way the use of this software illegally or to attack targets without their permission

gocry is an academic ransomware made for learning about cryptography and security.

Running with server

Firstly you need to create an environment variable file .env in the server folder. The file should contain:

# .env
db_name=name of the database
db_port=port of the database
db_user=user that owns the postgres database
db_host=host where the user is in.

Then you can run the server by running:

go run server.go

Then running the actual ransomware that encrypts everything is ran by:

go run main.go

The values of the ransomware can be configured in the main.go file. The ransom message, root directory to encrypt and the address of the server.

Running without server

NOTE This is still feature is still work in progress. In the server folder there are some simple programs to make the ransomware manageable. Currently though the client will not work if a server connection cannot be established.

How it works.

  1. The program checks if any files are already encrypted, by checking for the .gocry extension. If files are already encrypted, check the <root_dir>/key.txt file for a valid decryption key. If not, continue the encryption process.
  2. The program creates a random 32-bit array using the crypto package's rand.Reader. Then the key from that is placed into a memguard key enclave.
  3. The key is passed into the crypt.EncryptRoot function which finds all the files in a given root directory, and encrypts them, using AES-GCM 256-bit encryption.
  4. Once encryption is done, the victim information is sent to the server, and establishing a unique id, with which the server can identify the client.

Todo:

These are issues or ideas I think should be added.

  • Fix filepaths such that they work for both windows and linux.
  • Make it fully optional to use a server.

Dependencies

  • memguard We want to use memguard as it tries to protect the key in memory, such that person cannot just find the key too easily.
  • gorm

Contributing

The development has been seized and any contributions will be accepted.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.