Documentation ¶
Index ¶
- type Ransomware
- func (rw *Ransomware) CheckIfActiveRansom() error
- func (rw *Ransomware) CheckIfInContainer() error
- func (rw *Ransomware) CheckIfValidMemSafeKey() bool
- func (rw *Ransomware) CreateRansomInfoFile(message string) error
- func (rw *Ransomware) GetValidKeyFromServer() error
- func (rw *Ransomware) RemoveKeyFile() error
- func (rw *Ransomware) RemoveRansomFile() error
- func (rw *Ransomware) SendKeyToServer() error
- func (rw *Ransomware) WriteKeyWithFile(publicKey []byte) error
- func (rw *Ransomware) WriteMemSafeKey() error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Ransomware ¶
type Ransomware struct { MemguardKey *memguard.Enclave PublicKey string RootDir string IP string Data *victim.VictimIndentifier }
Ransomware holds all the needed client information needed to go forward with the ransom.
func NewRansomware ¶
func NewRansomware() (*Ransomware, error)
NewRansomware creates a new ransomware instance given a starting directory. This function automatically generates a 32-bit encryption key to encrypt files.
func (*Ransomware) CheckIfActiveRansom ¶
func (rw *Ransomware) CheckIfActiveRansom() error
CheckIfActiveRansom checks for any files with the .gocry extension such that then the ransomware knows not to re-ecrypt the files.
func (*Ransomware) CheckIfInContainer ¶
func (rw *Ransomware) CheckIfInContainer() error
Check if the ransomware is started in a container which allows all of the urls and ports.
func (*Ransomware) CheckIfValidMemSafeKey ¶
func (rw *Ransomware) CheckIfValidMemSafeKey() bool
CheckIfValidMemSafeKey checks if the key inside the memguard enclave is the same as the key written inside of key.txt
func (*Ransomware) CreateRansomInfoFile ¶
func (rw *Ransomware) CreateRansomInfoFile(message string) error
CreateTextFiles is responsible for creating the ransom.txt. The message is taken as a parameter since it makes the main file look more clear and configurable.
func (*Ransomware) GetValidKeyFromServer ¶
func (rw *Ransomware) GetValidKeyFromServer() error
GetValidKeyFromServer sends a post request which contains the encryption key and then the server decrypts the key using the rsa private key and sends it back.
func (*Ransomware) RemoveKeyFile ¶
func (rw *Ransomware) RemoveKeyFile() error
RemoveKeyFile removes the generated key file which holds the decryption key to the encrypted files.
func (*Ransomware) RemoveRansomFile ¶
func (rw *Ransomware) RemoveRansomFile() error
RemoveRansomFile removes the generated ransom file which notifies user that the computer is under ransom.
func (*Ransomware) SendKeyToServer ¶
func (rw *Ransomware) SendKeyToServer() error
SendKeyToServer sends the encryption key with rsa encryption to the server.
func (*Ransomware) WriteKeyWithFile ¶
func (rw *Ransomware) WriteKeyWithFile(publicKey []byte) error
WriteKeyWithFile takes in a public key file so we don't need to fetch it from the server.
func (*Ransomware) WriteMemSafeKey ¶
func (rw *Ransomware) WriteMemSafeKey() error
WriteMemSafeKey writes the encryption key to a file using a public key from the server. The key is passed through crypt.EncryptKey, whichs gets the public key and encrypts it as well.