GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects β†’ PushpenderIndia β†’ nekros

PushpenderIndia / nekros

Licence: BSD-3-Clause license
NekRos is an Open-Source Ransomeware, with advanced Features, Which Looks Like Wannacry and Has C&C Server which can be Used to Retrive KEY

Programming Languages

python
139335 projects - #7 most used programming language
PHP
23972 projects - #3 most used programming language
CSS
56736 projects

Labels

windowsfastopen-sourceguiserverkali-linuxdatabase-managercommand-and-controlwannacryransomewaretechnowlogypushpenderpushpender-singhnekrosparratsecransomeware-generatoruncrackable-key

Projects that are alternatives of or similar to nekros

brute-md5
Advanced, Light Weight & Extremely Fast MD5 Cracker/Decoder/Decryptor written in Python 3
Stars: ✭ 16 (-80.95%)
Mutual labels:  fast, technowlogy, pushpender, pushpender-singh
ark.db
Small and fast JSON database for Node and browser. πŸ˜‹
Stars: ✭ 65 (-22.62%)
Mutual labels:  fast
docker-swoole-webapp
Simple Docker-image to build your applications based on Async PHP extensions.
Stars: ✭ 26 (-69.05%)
Mutual labels:  fast
Andspoilt
Run interactive android exploits in linux.
Stars: ✭ 101 (+20.24%)
Mutual labels:  kali-linux
muparsersse
muparsersse a math parser for windows using just in time compilations of the expression
Stars: ✭ 14 (-83.33%)
Mutual labels:  fast
Owlyshield
Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (+234.52%)
Mutual labels:  command-and-control
Signals.jl
Multi-Paradigm Dynamic Fast Functional Reactive Programming in Julia
Stars: ✭ 37 (-55.95%)
Mutual labels:  fast
PyIris
PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Stars: ✭ 296 (+252.38%)
Mutual labels:  kali-linux
chconn
Low-level ClickHouse database driver for Golang
Stars: ✭ 152 (+80.95%)
Mutual labels:  fast
jazzle
An Innovative, Fast Transpiler for ECMAScript 2015 and later
Stars: ✭ 65 (-22.62%)
Mutual labels:  fast
DFPlayerMini Fast
Fast and easy to understand Arduino library to use the DFPlayer Mini MP3 module from DFRobot.com. This is a huge improvement (both in terms of execution speed and simplicity) to the standard library provided by DFRobot.com.
Stars: ✭ 164 (+95.24%)
Mutual labels:  fast
MashaRoBot
MashaRoBot : πŸ“‘Editor's choice
Stars: ✭ 39 (-53.57%)
Mutual labels:  fast
fast-speedtest-api
fast.com API / CLI tool
Stars: ✭ 138 (+64.29%)
Mutual labels:  fast
iso8601
A fast ISO8601 date parser for Go
Stars: ✭ 122 (+45.24%)
Mutual labels:  fast
fastT5
⚑ boost inference speed of T5 models by 5x & reduce the model size by 3x.
Stars: ✭ 421 (+401.19%)
Mutual labels:  fast
PyGLM
Fast OpenGL Mathematics (GLM) for Python
Stars: ✭ 167 (+98.81%)
Mutual labels:  fast
aurum
Fast and concise declarative DOM rendering library for javascript
Stars: ✭ 17 (-79.76%)
Mutual labels:  fast
Black-Tool
Install the tools and start Attacking , black-tool v5.0 ! ⬛
Stars: ✭ 239 (+184.52%)
Mutual labels:  kali-linux
termux-wifi
Bash script which installs and runs the Fluxion tool inside Termux, a wireless security auditing tool used to perform attacks such as WPA/WPA2 cracking and MITM attacks.
Stars: ✭ 406 (+383.33%)
Mutual labels:  kali-linux
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+1771.43%)
Mutual labels:  kali-linux
View All Similar Projects βž”

NekRos Logo

NekRos - Ransomeware

                    This Awesome Project will Just Blow Your Mind, The Most Scarest Ransomeware.

NekRos is a Ransomeware Generator for Windows, which is written in Python 3, NekRos means DEAD in Greek, now you can imagine that why I named it NekRos.

Project is made for good purpose, unethical use is prohibited, misuse of this project can lead you behind the Bar/Jail, Porject is made to give Practical and Deep Knowledge of Ransomeware and their side effects.

It is the responsibility of end user to use this Software ethically and for testing purpose only : )

NekRos - THE MOST Scariest Ransomeware

Disclaimer

πŸ’» This project was created only for good purposes and personal use.

THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. YOU MAY USE THIS SOFTWARE AT YOUR OWN RISK. THE USE IS COMPLETE RESPONSIBILITY OF THE END-USER. THE DEVELOPERS ASSUME NO LIABILITY AND ARE NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY THIS PROGRAM.

What is Ransomeware ?

Ransomeware Scenario

Ransomware is a type of malware which encrypts the Data of Victim's PC making Data un-usable, they are mainly published to Encrypt victim's data which perpetually block the access to data unless a ransom is paid to Attacker/Hacker so that Decryption/Recovery of Data could be done.

Warning : PAY ATTENTION

Warning Image

If you are using this software then it means you agrees our T&C i.e Any misuse of this software, YOU - THE END USER is responsile and not the author.

Our aim of building this software is to give the Practical Knowledge of Ransomeware so that we can Build a Better Cyber Army Which can fight against the Cyber Crimes.

The primary (and original) goal of this project was to provide a proof-of-concept which demonstrated Python's capabilities as a language for real-world malware development as Traditionally C, C++ is used to Create Stuff like this.

Note : Project Under Development

TODO

  • Making GUI Ransomeware Generator
  • Implement Change language Function
  • Improve C&C Server/Website, put some checks that if payment == True, then only Retrive Key from Database.
  • Add New Features

By Default, Ransomeware Targets .lol, .mrrobot extension files

Even thought not suggested, But You Can test it even on your main system, as by default it targets .lol and .mrrobot extensions file, for testing purpose make your own files with these entensions and then run main.py

Features

  • Works on Windows.
  • Generates Unique Machine ID for Victim System's Identification.
  • Generates Purely Random Encryption/Decryption KEY (MD5 hash), thus no chance of Making Keygen of This Ransomeware.
  • Decryption/Recovery of Data is only Possible with Valid Key only.
  • Changes Wallpaper after Given Interval of Time (In seconds).
  • Server (Website) Integrated with Ransomeware which can be used to Retrive KEY.
  • Searches for Sensitive Files on Default target location.
  • Only Encrypt Target Specified Extension files (Customizable)
  • Export KEY to Server before Encryption Process takes place.
  • Stylish and Scariest GUI Which looks like WannaCry Ransomeware
  • Shows Encryped Files Log in GUI Window
  • Timer Integrated With GUI Window
  • Extremely Fast and easy to use
  • GUI DATABASE MANAGER which can be used by hackers to automate database interactions.
  • C&C Website/Server With Database, to Stored Decryption Key, Date, Payment [Boolean Type] & Unique ID
  • Function to Prohibit Encryption of Particular Directorys (Directory Exclusion)
  • Function to Change Language of GUI Window to Different Available langauges (Coming Soon)
  • Function to Disable Decryptor When Payment not made in Given Time (Coming Soon)
  • Creates Executable Binary With Zero Dependencies (Coming Soon)
  • Create less size ~ 5mb payload with advance functionality (Coming Soon)
  • Ofusticate the Payload before Generating it, hence Bypassing few more antivirus (Coming Soon)
  • Generated Payload is Encryted with base64, hence makes extremely difficult to reverse engineer the payload (Coming Soon)
  • Function to Kill Antivirus on Victim PC and tries to disable the security (Coming Soon)

Prerequisite

  • Python 3.X , Recommended 3.7
  • Few External Modules like pycryptodome, configparser, mysql-connector-python etc.

Tested On

Windows) Windows 8.1 - Pro

Order of Processes Which are taken

MAIN.py is the Main File Which Do All Hard Work for You In Series main.py starts THREE stages i.e. stage1, stage2, stage3, and then atlast, starts the GUI Window which shows warning message.

GUI Window is capable to Call Reverse_Attack stager which takes KEY as argument.

GUI Window of Ransomeware is also capable to Show Encrypted Files Log In GUI Window.

TREE to Show Role of Different Files

+====================+
+ Ransomeware_Files  +
+====================+
	+
	+===========+
	+  Main.py  +
	+===========+
	+	|____Run Stage1
	+	|____Run Stage2
	+	|____Run Stage3
	+	|____Change Wallpaer After Given IntervL
	+	|____Start GUI 
	+		|____Starts Timer
	+		|____Can Initiate Decrypt Function [Takes KEY As Argument]
	+		|____Can Show Encrypted Files Log
	+	
	+===========+
	+ Stage1.py +
	+===========+
	+	|____*****TAKES 4 Arguments, i.e. [server, username, password, db_name]*****
	+	|____Generates Unique Machine ID
	+	|____Generates Random Encryption Key With Fixed Length
	+	|____Export KEY to Command & Control Server
	+	|____*****RETURN : Encryption/Decryption KEY*****
	+
	+===========+
	+ Stage2.py +
	+===========+
	+	|____*****TAKES NO ARGUMENTS*****
	+	|____Searches for Target Extension Files on Different Thread
	+	|____*****RETURN : List of TARGET Files*****
	+
	+===========+
	+ Stage3.py +
	+===========+
	+	|____*****TAKES 2 ARGUMENTS, i.e. KEY & LIST of Sensitive Files*****
	+	|____Initiate Encryption Process
	+
	+===================+
	+ Reverse_Attack.py +
	+===================+
	+	|____*****TAKES 1 ARGUMENTS, i.e. KEY *****
	+	|____Initiate Decryption Process
	+	
	+=======================+
	+ After_Stage1 (Folder) +
	+=======================+
	+	|
	+	|    +====================+
	+	|____+ changeWallpaper.py +
	+	|    +====================+
	+	|____Images [Wallpaper] 
	+	
	+=======================+
	+ After_Stage2 (Folder) +
	+=======================+
		|
		|    +====================+
		|____+ check_log_gui.py +
		|    +====================+
		|
		|    +====================+
		|____+ decryptor_gui.py +
		|    +====================+
		|
		|    +========+
		|____+ GUI.py +
		|    +========+
		|
		|    +========================================+
		|____+ img [Folder Containing Resource Image] +
		     +========================================+

Attack/Stage Breakdown

Attack is Divided Into 3 Stages, Stages are Completed By Main Program (main.py)

  • In Stage1, (Unique MachineID & KEY) are generated and were exported to Remote Server.
  • In Stage2, Locates Target Extension Files in Default Target Directory.
  • In Stage3, KEY & List of TargetFiles (obtained from Stage1 & Stage2) are then used to launch Encryption.
  • In Finale Stage, Main Program launches Ransomeware GUI demanding for Ransome.

Default Target Directory

+==========================+
+ Default Target Directory +
+==========================+
	|____C:\Users\USERNAME\Pictures
	|____C:\Users\USERNAME\Music
	|____C:\Users\USERNAME\Downloads
	|____C:\Users\USERNAME\Documents
	|____C:\Users\USERNAME\Desktop

ScreenShots

Main GUI Window of NekRos Ransomeware

Check Encryped Files Log ~ GUI Window

Decryptor ~ GUI Window

Database Manager ~ For Attacker

Website Asking for Machine ID

Website showing Result

Usage

  • Upload Website Folder's Content to your server and update get_decrypt_code.php with right creds. present in website/php/
  • Create Database and Import nekros.sql in it.
  • Update config.txt present in Ransomeware folder.
  • Update config.txt present in db_manager folder to Manage database using GUI Window.
  • Install python and then install required modules using this command :
$ python -m pip install requirements.txt
  • Run main.py like this
$ python main.py

Decryption of Files

  • Key is Exported to Server/Website before encryption process starts
  • Simply Acquire that key from Database throught website by Typing the Machine ID in website page OR Directly look for key in database.
  • Paste that Key in GUI Window OR Direclty Run reverse_attack.py and paste the KEY in script
#Run reverse_attack.py like this
$ python reverse_attack.py

Contribute

Currently this repo is maintained by me (Pushpender Singh).

Please Contribute this Project, and make this Project THE BEST, All pull request will be accepted if they were worthy fro this project : )

Contact

[email protected]

More Features Coming Soon...

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].