Monday, November 7, 2016

Linux Ransomware Tutorial - How to Do it

This post is strictly for educational purpose, we are not responsible for any action or reaction.

We Already know that world is being annoyed and blackmailed by ransomwares these days by the cyber criminals so here is a quick how to ransomware for those who don't know what it is and how it works .

Get You Arsenals


for the demo purpose we are going to use a public project that is available on github at this URL.
just get the encrypt.c & decrypt.c, then compile it using below command.
gcc -o enrypter encrypt.c -lssl -lcrypto

ransomware encrypt
encrypt.c


Encrypt

next step is to execute the compiled binary i.e encrypt, see below the screen shot.

./encrypt

after executing the ransom encrypter this is what happened with my files.

infected all file with .enc extention

also see this one.

linux infected by ransomware
Cannot read my files

so what to do now, well by the good luck this is open source and we have decrypter here aswell so let's go ahead and decrypt the files now.

Decrypt


simple download and compile the decrypter same as in case of encrypter we did.

decrypter linux ransomware
decrypter

let's execute the binary of decrypter.

decrypted ransomeware
Decrypted
see the files now.

decrypted ransomeware
decrypted file
but still we have a little file left in our system that indicates that we were attacked, i.e RANSOMWARE_INFO so below is my little contribution to the decryption which'll result in removing this file also.


I hope you've enjoyed the reading, suggest us more we can share for you.

Video :


No comments:

Post a Comment