Ransomware with a web panel
In the client change the user ID to whoever it is. I will make a stub generator when I next update it!
- This was going to be the source for a "Ransomware As A Service" which I got bored of developing. I am sure someone who see's this can salvage it.
- The client doesn't look amazing.
- This was made for fun, I am not fond of github so tell me if I publishd this wrong.
- The client was made in C#. (so it's not native)
- The client was made in Visual Studio 2017.
- A lot of the functions are ahem stolen from stackoverflow and some other sites (don't have links, may be in comments on code)
- There is no SQL Injection exploits, challenge you to find one.
- There is XSS however I am fully aware of this and know how to fix it.
- The decryption key is generated server side and then given to the client via a GET request. If the client makes the GET request again the server will tell them to piss off basically.
- The decryption key is deleted from the users memeory as soon as the client has encrypted the file(/s) to be safe.
- The encryption is done with AES256 and a random salt to prevent precracking. (EXTREMELY UNLIKELY)
- Generate Stub
- Encrypt whole system (rather than putty.exe)
- Fix XSS (easy, just check the username post string: fixed in other panels I have made)
- Add a payment gateway (AUTOBUY DECRYPTION KEY)