• Stars
    star
    672
  • Rank 67,180 (Top 2 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 7 years ago
  • Updated 7 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A Linux Ransomware

GonnaCry Rasomware

Original Repository of the GonnaCry Ransomware.

GonnaCry is a linux ransomware that encrypts all the user files with a strong encryption scheme.

This project is OpenSource, feel free to use, study and/or send pull request.

Travis branch Travis branch Travis branch Travis branch


Ransomware Impact on industry

https://medium.com/@tarcisioma/how-can-a-malware-encrypt-a-company-existence-c7ed584f66b3

How this ransomware encryption scheme works:

https://medium.com/@tarcisioma/ransomware-encryption-techniques-696531d07bb9

How this ransomware works:

https://0x00sec.org/t/how-ransomware-works-and-gonnacry-linux-ransomware/4594

https://medium.com/@tarcisioma/how-ransomware-works-and-gonnacry-linux-ransomware-17f77a549114

Mentions:

https://www.sentinelone.com/blog/sentinelone-detects-prevents-wsl-abuse/

https://hackingvision.com/2017/07/18/gonnacry-linux-ransomware/

https://www.youtube.com/watch?v=gSfa2L158Uw


Disclaimer

This Ransomware mustn't be used to harm/threat/hurt other person's computer.

Its purpose is only to share knowledge and awareness about Malware/Cryptography/Operating Systems/Programming.

GonnaCry is an academic ransomware made for learning and awareness about security/cryptography.

Be aware running C/bin/GonnaCry or Python/GonnaCry/main.py Python/GonnaCry/bin/gonnacry in your computer, it may harm.


What's a Ransomware?

A ransomware is a type of malware that prevents legitimate users from accessing their device or data and asks for a payment in exchange for the stolen functionality. They have been used for mass extortion in various forms, but the most successful one seems to be encrypting ransomware: most of the user data are encrypted and the key can be obtained paying the attacker. To be widely successful a ransomware must fulfill three properties:

Property 1: The hostile binary code must not contain any secret (e.g. deciphering keys). At least not in an easily retrievable form, indeed white box cryptography can be applied to ransomware.

Property 2: Only the author of the attack should be able to decrypt the infected device.

Property 3: Decrypting one device can not provide any useful information for other infected devices, in particular the key must not be shared among them.


Objectives:

  • encrypts all user files with AES-256-CBC.
  • Random AES key and IV for each file.
  • Works even without internet connection.
  • Communication with the server to decrypt Client-private-key.
  • encrypts AES key with client-public-key RSA-2048.
  • encrypts client-private-key with RSA-2048 server-public-key.
  • Changes computer wallpaper -> Gnome, LXDE, KDE, XFCE.
  • Decryptor that communicate to server to send keys.
  • python webserver
  • Daemon
  • Dropper
  • Kills databases

More Repositories

1

RSB-Framework

Windows/Linux - ReverseShellBackdoor Framework
Python
47
star
2

cryptomining

A Linux Cyptomining malware
C++
34
star
3

RSA

Simple RSA cryptographyc algorithm implementation
Python
27
star
4

sorting-algorithms

Sorting algorithms Python implementation
Python
19
star
5

A-Deep-Learning-Approach-to-Web-Application-Firewall

Avoid malicious payloads in your webapp with machine learning!
Jupyter Notebook
17
star
6

Eliza

Assistente pessoal para Linux
Python
12
star
7

Music-Generation

Piano music generation with RNN with Tensorflow
Python
9
star
8

ML

Machine Learning Algorithms
Python
8
star
9

Music-Downloader

Baixe músicas de um jeito simples
Python
6
star
10

KeepSecret

KeepSecret crypto Tool
Python
5
star
11

bitbox

Diceware password generator
TypeScript
4
star
12

NeuralNetFromScratch

Neural network from scratch with C++ and Python
C++
3
star
13

acidentes-de-transito

Acidentes de trânsito no Recife em 2016
Python
3
star
14

coronga

Corongão malware
C#
3
star
15

Compiler

UNICAP compiler
C++
2
star
16

GuitarNotesRecognition

Recognizing guitar notes using Keras and RNN
Jupyter Notebook
2
star
17

syd

Linux utils
C++
2
star
18

olx-bot

Python
2
star
19

BitcoinBot

Check FOXBIT for bitcoin price
Python
2
star
20

dotfiles

My dotfiles
Shell
2
star
21

graph

Graph implementation and algorithms
C
2
star
22

KeyLord

Windows/Linux Keylogger
Python
2
star
23

SFS

Safe File Storage
Go
1
star
24

my-ownwebsite

My own website
CSS
1
star
25

Go-Clean-Architecture

Golang Clean Architecture implementation
Go
1
star
26

Python-Data-Science

Talk sobre data science com Python durante a semana da computação UNICAP 2019
Jupyter Notebook
1
star
27

malware-dev

HandsOn desenvolvimento de malware
Python
1
star
28

tarcisio-marinho.github.io

SCSS
1
star
29

poc-ransomware

Exemplo de Ransomware desenvolvido para palestra na PUG-PE
Python
1
star
30

Secure-Web-Dev

Desenvolvimento de aplicações web seguras
Python
1
star
31

logg-em

win/linux keylogger
C++
1
star
32

Block_pendrive

Block all pendrives on a linux machine
C++
1
star
33

Crypto.Dotnet

Cryptography library for .NET core 3.0
C#
1
star