Create your Python Malware lab: ntck.co/linode (you get a $100 Credit good for 60 days as a new user!) We are going to write our very own malware in Python!! It’s actually scary easy to do and it will give you a peek behind the curtain of how bad actors create these malicious programs. NetworkChuck will walk you through every step of how to create a ransomware program in Python using the cryptography library in Python called Fernet. He’ll then show you how to download a malware playground, a malware showcase of malicious python scripts you can play with. 🧪🧪Links and Walkthrough: ntck.co/321 🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy 0:00 ⏩ Intro 0:45 ⏩ What do you need? 0:56 ⏩ Our sponsor is awesome 2:06 ⏩ STEP 1 - the setup 2:20 ⏩ What is Ransomware? 3:52 ⏩ STEP 2 - Creating our ransomware script 14:39 ⏩ STEP 3 - Writing the ransomware decryption script 21:37 ⏩ Downloading a malware playground **Sponsored by Linode
At 10:10 could you theoretically append the key to a encrypted file then just cut the key from said file after the fact when you need the key and are ready to decode? (Or put the key in the middle of they encrypted file or something) if so I think that would be a interesting way to hide it ***this is for educational purposes only***
Fun fact: the method used to encrypt files for ransomware is the same method used by laptop OEM’s to encrypt your entire hard drive and and protect the data in case of theft.
@@ponyride23 In terms of writing ransomware, I m pretty sure that pen testers just use samples instead of writing their own for business purposes. I m not an expert and I might be wrong but it sounds way more reasonable than spending time developing something that has already been done. To top it off , certain groups / malware types have their own different quirks and using them instead of self made stuff just makes the test more realistic. Not the best way to describe this but I hope it's enough
Please help me Please I'm passing through some stress, I recover my lost USDT account, the problem now is that the wallet address bind to that withdrawal text box, I don't have access to it again and I lost all the contacts I used in registering the USDT account. And now, I have tried changing the wallet address in the withdrawal text box, it's not responding. Please what will I do help me out Please
Theoretical a script that's add shutdown to autostart, is also in the category of malware. The 'hard' part of creating a malware is to find an exploit in a system to execute it with elevated permissions.
@@User-kq3od It depends on your OS / Distro. For example, in Windows you can't add stuff to global autostart as normal user, but you can add things to your shell:startup, or schedule a task at your logon.
@@buldozzer3456 Yeah, exactly, startup does not require elevated privileges. And if you wanted machine startup that badly just use a UAC exploit, they are all over the place in both linux and windows.
I never comment on youtube, but I have to say this... This video has served as an introduction to linux, virtual machines, python, ransomware and hacking all in one to me, I already had a very brief knowledge of the above but following along here has expanded my knowledge 10 fold. Thanks chuck, we genuinely appreciate it.
Chuck, you are one of the best RUclips channels I have ever crossed, I always love to learn the things you teach. The way you describe the commands is super simple and that is why I really enjoy your videos. Thank You so much!!! For the great work you do.
I would respectfully disagree with the code instruction being ransomware. To me it looks like a nice programmers script to keep the admin from looking at their private files. Very well done. Very good tool.
I can make a logic bomb out of a .bat file with 3 characters. Malware isn't hard to make, the hard part is bypassing all the protections/anti virus software people use.
13:50 That looks like good code, the way you explain it it is very straightforward and easy to understand for me. I have experience in programming but not a lot in python. I could totally edit this and use it for a non malicious purpose to just encrypte files I want to keep secret.
@@ansh6848 no, you cannot brute-force AES. It's literally a quantum-resistant encryption algorithm that has gone through intensive analysis to be selected for the USA encryption standard. Not something that can just be brute-forced.
"Don't be evil" used to be one of their values in their code of conduct but i'm pretty sure they quietly got rid a few years ago. I think I read somewhere that they changed it to something like "Do the right thing" and then got rid of it all together
They even admitted that "don't be evil" was impossible with their business model, and that what the slogan meant was "be less evil". They stopped with that, too.
I have experience with several languages but I've never used phyton and that's the first video I see about it. The fact that I could spot the mistake on putting the "wrong password" print in the for loop before he executed it is so cool, phyton looks really clean, easy and readable language than C or... MIPS. Good video, clear fast and kept my attention up the whole time.
Since you are using shebang, make the script file executable and just call the file. The shebang will tell the shell which interpreter to use. Also, should read in chunks and write to temp file in same with iteration in the same chunk. Not only saves memory to help stay under radar, but the encryption would be chunks of the file, making random decryption much more difficult. You could write a encrypted string as the first 8 bytes of the encrypted file and store the chunk size so each file can have a random chunk size making decryption much more difficult. Not specific for random ware but good for any encryption need.
There is a 99.9% that this tutorial inspired many people to create malware and use it for malicious purposes. I get its important for learning because people need to understand how malware works to fight against it, but surely this video did more harm that good.
A fancier way of doing that first file list without a for loop (kinda) files = [file for file in os.listdir() if file != self._filename] "file for file in os.listdir()" will step through all file names in the listdir list. "if file != self._filename" will ignore any file named the same as the current file you're in. This means you'll get a list of all files in the same directory as the file you're executing EXCEPT the file you're executing.
I've always told people that you wouldn't believe how easy it is. Sure, it can be more complicated, but im not out to make malware. Just educate my friends and family of what to watch out for. I love videos like these because they show the scary truth.
This is the first video I have came across your chanel and I can surely guarantee you, I'm going to start binge watching all your videos. You are great 👉😎👉
would be so sufficient since its storing the local key could be reverse engineered. Instead use xor with a y key by setting a variable to encryption_level = 128 // 8 and as an output make it where it doesn't only have keyboard chars but all chars possible in ascii then as for the random generated string have it send the key using socket library to the C2 server. otherwise love the vid man!
I'm fairly new to python and was kind of wondering about this lol like they have the script right there, they also have the key right there, so like if they know the basics they have all the puzzle pieces to put it back together, to me it would seem like ever leaving the key on their machine would make it relatively easy to reverse engineer it. I'm glad that I was not incorrect in my assumptions xD
@@xxfloppypillowxx its not what your thinking itd a xor byte key is what im describing all chars in the ascii libary THOUSANDS it gets send to the attackers C2 and is sent through an encrypted protocol you cant reverse engineer that and just find the key
@@xxfloppypillowxx yes, actual malware would likely obfuscate all their code, and have a more complicated way to store their key (on windows you can hide it in registry, + you don't have to have the whole key completely random, it can have a non-random part based on some obscure calculation; or you can make your malware connect to the internet and store keys on some compromised server) obfuscation usually involves: - obscuring variable names - adding code that does useless work, or embedding malware code within code for a useful program (to obscure which parts are actually malware) - 'encrypt' malware code itself, and make it so the malware first has to 'decrypt' the part that does actual malicious stuff (in python there's even a function exec() which you can give text, and it will interpret it as python code and execute). You can even have multiple steps of 'encryption', for better obscurity - together with encryption, you can also split words that are used in your code into multiple parts, so automatic antivirus software can't easily figure out that you are using some kind of scary functions that can be considered malicious behavior
I'm just learning Python and this video was entertaining and useful and explained a lot of different ways of using functions and variables that my course isn't yet covering. Also a lot of stuff I haven't yet learned about but am able to follow along because of the explanations and the logical nature of Python. Subscribed, great stuff!
Chuck, thanks for teaching me everything necessary to do fun projects like these. I will be using this as a final project for my programming class, so everyone wish me luck.
Since the day I started to work with you, I know I've changed a lot which really helped me to become a better person inside and out. You are one of the reasons why I'm always trying my best. Thank you so much You know I appreciate you so much.
If you wanted to implement a script like this in a remotely realistic environment, it would involve either bundling the python interpreter along with the script, or adding code that grabs it from the internet.
@@DungeonMasterGodpretty sure a nice person like him most definitely wouldn't be telling us how to *ACTUALLY* create a malware If he did so then again you're pretty much teaching people how to hack It's like telling people how to do magic on someone and later saying don't do it, but you're not teaching one person you're teaching millions of people You could teach them a rather basic magic or a extremely dangerous magic, again magic in this case being a virus Virus sucks
Dude love the malware tutorial! Im currently learning Full Stack but inbetween studies I like to look into this side of things and boy oh boy i love it and want to learn more so thanks for a great video and be looking out for more vids!
Thanks for this! As a developer looking to make my way into DevOps, I find a lot of your content really helpful... This one was more just for fun but it was interesting to see just how easy it is to code malware! I've said this before but I gotta compliment the voice again man, I could listen to you talk about literally anything. Deep, smooth, and peaceful yet enthusiastic - audible chocolate if ever I heard it. Now off to go buy coffee from you...
Also, good job disclosing just the right amount of info to maximize the educational value, without giving away enough to make somebody truly dangerous. You clearly put a good deal of thought into that.
That’s a fantastic video, I learned good stuff, many thanks. I have to say as a vim user , watching you work with nano and struggling with indentation and other navigation is not a joyful sight 😅
The fact that it's really a thing, and isn't all so complex(just quirky to test and debug) is terrifying So writing malware is easier than most of other programs!?
This isnt really writing a malware, its just using a github repository related to ransomware where u can test on your machine. Youll never be able to use this malware on any other machine that doesnt have python, or send this to any other systems. If you really want to build a malware you gotta learn c and understand how to write payloads related to ransomware that are undetected by ids
@@itx02 Well, thanks I knew that you need to master C and Asm just to make something really powerful I know Python is very much useless when you want to screw with the system
I think it would be better to use a public-private key encryption. That way the script only needs the public key and thus no decryption key is present at any time in the host machine.
The problem with interpreted runtime programming languages is that the code can only be executed in a runtime environment, which is why Python is not used in real world scenarios. yes you can wrap the python script with other needed files but in the end languages like C/C++ or even Java are more common in this area
@@AsaBowes that is what I meant. Pyinstaller simply packages files and then tells linux to treat the file as an executable using the EL format (in windows exe as packaged format). in linux everything is treated like a file and pyinstaller packs it and reformats it.
For anyone considering linode, just get an oracle instance, you get 4cores and 24gb for free… can make 4 1core 6gb ram servers or one big one… completely free and 0 chance to ever be charged without MANUALLY upgrading your account
You had to copy the key to a remote server instead of leaving it on the same server. Also, some code to run the python script remotely. :) Sorry that would be too much information lol.
Hey chuck! I know you’re a “beginner oriented” channel for the most part, but I was wondering if you could do a vim tutorial someday. I didn't think it was important to learn vim when I first started using Linux, but after exclusively using it for coding in my comp sci courses I finally understand the value in it and feel like it would be a great tool for other viewers of the channel to learn.
@@fistsfirst4584 although I do agree that it may not be useful to a windows user normally, couldn’t it still be useful when ssh’ing as a replacement for nano, especially when coding?
@halo X1 although you dare correct in saying that it’s a more complicated editor, it’s much faster to edit in compared to nano. It’s designed in such a way where you keep your fingers on the home row and are able to move from word to word, paragraph to paragraph, etc much faster than you would on something like nano. It also means that you could run commands to replace or insert text in different spaces without having to waste time manually moving to it with the arrow keys. Tl;Dr it’s saves a little bit of time with every action, leading to a lot of time saved in the long run.
to make your key harder to find you can save it in the root path of a linux machine, using the os.system you can enter super user and access the file in the /bin directory and save files there, however this is risky as you may overwrite an already existing file there and break something, so double check the key additionally to hide it further is after the execution of the python file you can write to itself to change its file path so when the user opens it after instead of seeing the file path you could change it to some other path or simply delete all the code afterwards
Super helpful video! I’m about to finish my Cuber Security degree and I’ve yet to actually see the code behind a malware before now! This is gonna be super helpful to my education! Thank you thank you thank you!
I know this is an old video but I absolutely love it! Yes it is simple code using open sourced code BUT it is still really cool and I LOVE how excited you are about it. You are the Vsauce of code!
I wrote malware in java yesterday Clicking on the jar to press ctrl + c and then pasting it into the windows sandbox to test feels like playing with fire
It's so funny! I failed and was to eager to try this out, so I encrypted the decrypt script, just as you said "we need to add one more file to the list of non inclusive files!" haha thanks for this, I learned some new things while having fun with this!
How to save your files from networkchuck's ransomware: Put all your files in a subdirectory Or just use the key conveniently stored right there at top level :P
@@michaelbowen4275 that works for this but there are lots of other languages you can write malware in easily lol. I think chuck might have even used some of those in a different video.
im in 9th grade and i code my discord bot and watch your videos for fun. while most of the other people are vaping drinking and stuff im just chilling in my room coding and doing nerd shit. but im happy
Very well explained, informative, and very entertaining at the same time learning. Viewers will never get bored while listening to your explanation. Over all 1000 stars!
Interesting, I have a couple of questions (yes, I know that this is just a basic, fun tutorial, but still, I'm curious). 1. Why does this only work on Linux? Can't you do the same on Windows as well? Just curious. 2. If you accidentally run the encryption script more than once, then won't a new key be created, overwriting the previous key and making the files impossible to decrypt? Shouldn't you check whether a key already exists before generating it and encrypting the files? Fun video, though!
Answering your questions with no prior testing 1. Yes, this would work. Just linux is "easier" to program in (antiviruses may mess with stuff too). 2. You're totally correct here... If you did run it again, a new key **would** be created, so yes, an if statement to check if an existing key exists would solve this fault.
@@1hoodpharm Yeah, but decrypting using the new key would not give the original contents but rather the contents encrypted by the first key. So, even though we have the new key, it becomes impossible to retrieve the original contents because now there are multiple layers of encryption.
@@walterrf just create 3 or more keys and during encryption check for those keys by if statement and run the same encryption loop with different keys for each key variable by again if statement checking for each key variable is same or not.
Everyone when the encryption works: *WOOO YES! IT WORKED! MUST BE REALLY EASY!!!* Network engineers trying to encrypt their packets, getting 50 trillion errors: *bruh*
This requires python to be installed and accessible by the user account running your script. The user could do what your malware is doing with gpg. True malware is bytecode and will attach itself to VRAM and is incredibly difficult if not impossible to remove as it injects itself into the boot sequence. This is what is called a python script lol and while python is a powerful language it’s still limited by file permissions and ownership. Why not just rm-rf -no-perserve-root and ask for the bitcoin anyways haha It’s a good way to get excited about programming but this is not anywhere near sophisticated enough to fool anyone.
Now i can make my dream program, Rabid Racoon tm. The program jumbles up files, renames the to random trash, messes up your desktop, and also deletes your cookies!
No, that would actually increase runtime. This is a tiny example so it wouldn't have a real effect. But if you think about it computationally, doing it that way means you would check if it is a file for every path, then you would check if it is one of the files in your exclusion list. You would be running both checks for every file. Doing it his way would reduce a computational step for every file in his exclusion list. Whenever the file name is one in the exclusion list you would skip that iteration immediately without checking if it is a file. So one less step. It's also better coding practice to avoid nested loops if possible.
@@alfarisw No, he's correct, assuming there is on average more directories than file names you're excluding. If you have n files and directories, with the method presented, you're checking n times for the file name and n-2 times for directories. If you do the directory check first, you're checking n times for directories and n-(number of directories) for the file name. That being said, you could just do the entirety of the first loop using list comprehension: [file for file in os.listdir() if os.path.isfile(file) and file not in ['voldemort.py', 'thekey.key']]
It pretty much can take your files as a hostage so he was testing in a virtual environment in case it didn't work because while programming you could forget an apostrophe and say goodbye to the decryption key or files or whatever you made wrong (just to warn you never harm anyone even if you think he deserves it "ethical hacking is for penetration testing or educational learning")
U look relaxed NC. Congrats on this new video. I am sure the number of followers continue to grow! I enjoy watching your video today. Must add I was missing Bernard. :) You guys rock!
Create your Python Malware lab: ntck.co/linode (you get a $100 Credit good for 60 days as a new user!)
We are going to write our very own malware in Python!! It’s actually scary easy to do and it will give you a peek behind the curtain of how bad actors create these malicious programs. NetworkChuck will walk you through every step of how to create a ransomware program in Python using the cryptography library in Python called Fernet. He’ll then show you how to download a malware playground, a malware showcase of malicious python scripts you can play with.
🧪🧪Links and Walkthrough: ntck.co/321
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
0:00 ⏩ Intro
0:45 ⏩ What do you need?
0:56 ⏩ Our sponsor is awesome
2:06 ⏩ STEP 1 - the setup
2:20 ⏩ What is Ransomware?
3:52 ⏩ STEP 2 - Creating our ransomware script
14:39 ⏩ STEP 3 - Writing the ransomware decryption script
21:37 ⏩ Downloading a malware playground
**Sponsored by Linode
Hey chuck
why didn't you use a list comprehension for listing all files in the directory.
At 10:10 could you theoretically append the key to a encrypted file then just cut the key from said file after the fact when you need the key and are ready to decode? (Or put the key in the middle of they encrypted file or something) if so I think that would be a interesting way to hide it ***this is for educational purposes only***
Hey Sir i have a problem.how can Offline and online ransomware infected file's recovered.pleace share with us offline and online solution...
i got a website you can try out
Fun fact: the method used to encrypt files for ransomware is the same method used by laptop OEM’s to encrypt your entire hard drive and and protect the data in case of theft.
Just the difference is that when they protect your data they give you the key but the malware makers don't xD
Moral of that - be careful what links y'all click on.
@@johnb6723 yes
Facts
So pretty much the same as windows bitlocker
Chuck: "Let's create a malicious software..."
Also Chuck: "But don't use it for malicious services!"
I thought the same
That's literally the definition of a pen tester
That's the only you learn.
@@ponyride23 In terms of writing ransomware, I m pretty sure that pen testers just use samples instead of writing their own for business purposes. I m not an expert and I might be wrong but it sounds way more reasonable than spending time developing something that has already been done. To top it off , certain groups / malware types have their own different quirks and using them instead of self made stuff just makes the test more realistic. Not the best way to describe this but I hope it's enough
@@ytg6663 Yes so c or c++ seems like a better option
"if you want to defend yourself, you need to know how they attack"
- someone
I did it in school using powershell 😆
@@saadmuhammad3119 haha nice, how did you do it, in the video he did it in his own linux but how can you send that to someone, كيف فعلت هده الاشياء
Every single time I watch these kind of videos:
My Brain: I should try this in school computers
Did you mean watch instead of was
@asminqps3003 Thanks for the correction Asmin
@@ArikCool my username is actually Billy not asminqps3003
Absolutely have nothing but positivity for Chuck I love the way he makes learning enjoyable
Chuck: "Ok, so please dont use it for malicious reasons."
Also Chuck: "So, this is how you set things up, this is what you need and here is the code."
Well, it's not really that dangerous of a script, it's mostly to teach how it works so people are more educated
With great power comes great responsibility ~lord Voldemort
I don't get it.
In IT-security it is crucial to understand how things like ransomware work, in order to protect your networks from it.
Please help me
Please I'm passing through some stress, I recover my lost USDT account, the problem now is that the wallet address bind to that withdrawal text box, I don't have access to it again and I lost all the contacts I used in registering the USDT account. And now, I have tried changing the wallet address in the withdrawal text box, it's not responding. Please what will I do help me out
Please
Theoretical a script that's add shutdown to autostart, is also in the category of malware. The 'hard' part of creating a malware is to find an exploit in a system to execute it with elevated permissions.
Nothing a little priv esc cant do!
That is not hard at all startup functions dont even require elevated privs
@@User-kq3od It depends on your OS / Distro. For example, in Windows you can't add stuff to global autostart as normal user, but you can add things to your shell:startup, or schedule a task at your logon.
@@buldozzer3456 Yeah, exactly, startup does not require elevated privileges. And if you wanted machine startup that badly just use a UAC exploit, they are all over the place in both linux and windows.
Read the drive from another system like an external drive to retrieve/edit files
I never comment on youtube, but I have to say this... This video has served as an introduction to linux, virtual machines, python, ransomware and hacking all in one to me, I already had a very brief knowledge of the above but following along here has expanded my knowledge 10 fold. Thanks chuck, we genuinely appreciate it.
And cloud!
and Docker
@@KDE666 its same vm
I'm a security analyst and aspiring security engineer. Thank you so much for helping the good guys understand this stuff.
Recently our head engineer showed me a python script that extracted and ran shell code ransomware that was saved as a png.
Y'all hiring lol?
I'm finishing up my Master's degree in cybersecurity studies. My professor actually assigned us to watch videos like this.
and then im sitting there watching this out of passion and considering taking an MD-102 course real quick to be an IT
@@garbagetrash2938 damn that's sneaky
Chuck, you are one of the best RUclips channels I have ever crossed, I always love to learn the things you teach. The way you describe the commands is super simple and that is why I really enjoy your videos. Thank You so much!!! For the great work you do.
you get a heart from me even if im not chuck :)
There's no way I'd miss a chuck episode
Your comment had 63 likes. It was not looking good bcz computers use 64 so I liked it.
Which one is the video about the shabang?
@@donhulio4314 bash scripting right now episode one.
@@HadronCollisionYT lol
@@HadronCollisionYT lol
I would respectfully disagree with the code instruction being ransomware. To me it looks like a nice programmers script to keep the admin from looking at their private files. Very well done. Very good tool.
this is a video to showcase how ransomware works, not how to do it perfectly
although definitely a nice tool to hide files with ngl.
tho yea its just bare bones ransomware not company worthy viruses
Agreed. Gee I never thought about using it that way.
@@Mizuki-Mikos-Music-Corner What makes a company worthy ransomware?
@@Hamza-gn2cg i meant ransomware that could take down companies. sorry for the confusion
"Please don't use it for malicious reasons"
Ferb, I know what we're gonna do today!
🤣🤣🤣🤣🤣
Chuck: Here, take this amazing chocolate!
Also Chuck: Don't ever eat it.
I love the style of your videos man! The speed, the facing to the different cameras, the dog.
can't wait to use this for educational purpose!!
lol😂
😁😁
I can make a logic bomb out of a .bat file with 3 characters. Malware isn't hard to make, the hard part is bypassing all the protections/anti virus software people use.
@@ashgd9768asd what are some methods to bypass anti virus? Im gonna make a Bc. degree on this theme.
@hillybillybob could you teach me how to do this?
Fork bomb
@Mark Rayers @echo off
:crash
start
goto crash
Nice video! Hope to see more content like that, maybe something about forensics. Keep it going man!
Chuck: let's create malware!
Also Chuck: downloads libraries
Next Chuck vidéo : *« Let’s destroy the boot sector ! (but don’t use it for malicious service 😉) »*
Already started my python classes and you always help me with this crazy ideas, thanks alot chuck.
Just a reality check that python is really only good in situations like this for scripting assistance and not creation of malware.
Better learn c
13:50 That looks like good code, the way you explain it it is very straightforward and easy to understand for me. I have experience in programming but not a lot in python. I could totally edit this and use it for a non malicious purpose to just encrypte files I want to keep secret.
you can just put a password for that lol, but wheres the fun in that, and a password can be bruteforced
@@MAD-kh2oy can you brute force a 128 bit AES..lol ?
@@ansh6848 yeah lol 😆
@@ansh6848 no, you cannot brute-force AES. It's literally a quantum-resistant encryption algorithm that has gone through intensive analysis to be selected for the USA encryption standard. Not something that can just be brute-forced.
@@hasnainalioriginal nope.
"Don't be evil" used to be one of their values in their code of conduct but i'm pretty sure they quietly got rid a few years ago. I think I read somewhere that they changed it to something like "Do the right thing" and then got rid of it all together
"Do the right thing" ... for shareholders.
@@445Matty yeah 🤣 “don’t be unprofitable”
New Gootto: "Don't be evil... leave this for us."
They even admitted that "don't be evil" was impossible with their business model, and that what the slogan meant was "be less evil". They stopped with that, too.
@@SynthApprenticethey didnt
I have experience with several languages but I've never used phyton and that's the first video I see about it. The fact that I could spot the mistake on putting the "wrong password" print in the for loop before he executed it is so cool, phyton looks really clean, easy and readable language than C or... MIPS. Good video, clear fast and kept my attention up the whole time.
Pythons Grammer is so nice it just looks good
It's just annoying that whitespace is significant.
@@LaziestTechinCyberSec *bython enters the chat*
I literally have 0 idea how to code and know nothing about phython but still watched the whole thing.
Since you are using shebang, make the script file executable and just call the file. The shebang will tell the shell which interpreter to use.
Also, should read in chunks and write to temp file in same with iteration in the same chunk. Not only saves memory to help stay under radar, but the encryption would be chunks of the file, making random decryption much more difficult. You could write a encrypted string as the first 8 bytes of the encrypted file and store the chunk size so each file can have a random chunk size making decryption much more difficult.
Not specific for random ware but good for any encryption need.
I almost never comment on RUclips videos but chuck, I love your videos. You are a BRILLIANT professional AND human being!! Keep up the good work. 💪🏼
7:00. Future video idea, show how to make recursive function calls (call the same function inside itself) to navigate through a directory tree.
There is a 99.9% that this tutorial inspired many people to create malware and use it for malicious purposes. I get its important for learning because people need to understand how malware works to fight against it, but surely this video did more harm that good.
A fancier way of doing that first file list without a for loop (kinda)
files = [file for file in os.listdir() if file != self._filename]
"file for file in os.listdir()" will step through all file names in the listdir list.
"if file != self._filename" will ignore any file named the same as the current file you're in.
This means you'll get a list of all files in the same directory as the file you're executing EXCEPT the file you're executing.
Just the video I needed, from the content creator I love!
Thanks chuck!
what do you mean by "The video i NEEDED"????
WHAT DO YOU NEED RANSOMWARE FOR?
@@aszher *malware. Malware competitions that are similar to demoscene.
Why would he make this video if there wasn’t any interest? :)
You are the best Chuck....Huge fan here from Samoa (WS) I've learn a lot of things from your channel
Fiafia stamaloa e hack haha, faifai malie uso. Much love
deploying my own malware on Linode servers sounds like a good idea. thank you!
👆👆👆👆he will help u just don’t stress yourself much ok
what if i deploy it in a virtual box?
@@tajammul.shaheenYou'll still be a virgin.
I've always told people that you wouldn't believe how easy it is. Sure, it can be more complicated, but im not out to make malware. Just educate my friends and family of what to watch out for. I love videos like these because they show the scary truth.
This is the first video I have came across your chanel and I can surely guarantee you, I'm going to start binge watching all your videos. You are great 👉😎👉
would be so sufficient since its storing the local key could be reverse engineered. Instead use xor with a y key by setting a variable to encryption_level = 128 // 8 and as an output make it where it doesn't only have keyboard chars but all chars possible in ascii then as for the random generated string have it send the key using socket library to the C2 server. otherwise love the vid man!
I'm fairly new to python and was kind of wondering about this lol like they have the script right there, they also have the key right there, so like if they know the basics they have all the puzzle pieces to put it back together, to me it would seem like ever leaving the key on their machine would make it relatively easy to reverse engineer it. I'm glad that I was not incorrect in my assumptions xD
@@xxfloppypillowxx its not what your thinking itd a xor byte key is what im describing all chars in the ascii libary THOUSANDS it gets send to the attackers C2 and is sent through an encrypted protocol you cant reverse engineer that and just find the key
@@xxfloppypillowxx yes, actual malware would likely obfuscate all their code, and have a more complicated way to store their key (on windows you can hide it in registry, + you don't have to have the whole key completely random, it can have a non-random part based on some obscure calculation; or you can make your malware connect to the internet and store keys on some compromised server)
obfuscation usually involves:
- obscuring variable names
- adding code that does useless work, or embedding malware code within code for a useful program (to obscure which parts are actually malware)
- 'encrypt' malware code itself, and make it so the malware first has to 'decrypt' the part that does actual malicious stuff (in python there's even a function exec() which you can give text, and it will interpret it as python code and execute). You can even have multiple steps of 'encryption', for better obscurity
- together with encryption, you can also split words that are used in your code into multiple parts, so automatic antivirus software can't easily figure out that you are using some kind of scary functions that can be considered malicious behavior
I'm just learning Python and this video was entertaining and useful and explained a lot of different ways of using functions and variables that my course isn't yet covering. Also a lot of stuff I haven't yet learned about but am able to follow along because of the explanations and the logical nature of Python. Subscribed, great stuff!
Its been a year since you posted this comment do you learned it fully 😅
Better learn c
Chuck, thanks for teaching me everything necessary to do fun projects like these. I will be using this as a final project for my programming class, so everyone wish me luck.
send via email. : )
did it work for your final project?
bro, I am tired of learnig all of these stuff associated with linux and programming but when I'm watching you, I can't stop doing this
Google actually remove the "Don't be evil" motto in 2018 after restructuring under Alphabet... new motto is now "Do the right thing". 🧐
Since the day I started to work with you, I know I've changed a lot which really helped me to become a better person inside and out. You are one of the reasons why I'm always trying my best. Thank you so much You know I appreciate you so much.
If you wanted to implement a script like this in a remotely realistic environment, it would involve either bundling the python interpreter along with the script, or adding code that grabs it from the internet.
this is the interesting part, he always skips these...
or just compile it?
You can easily turn it into an executable however it's easy to decompile
@@DungeonMasterGodpretty sure a nice person like him most definitely wouldn't be telling us how to *ACTUALLY* create a malware
If he did so then again you're pretty much teaching people how to hack
It's like telling people how to do magic on someone and later saying don't do it, but you're not teaching one person you're teaching millions of people
You could teach them a rather basic magic or a extremely dangerous magic, again magic in this case being a virus
Virus sucks
Chuck being consistent with the uploads, love to see that! Thank you for your work kind sir!
Dude love the malware tutorial! Im currently learning Full Stack but inbetween studies I like to look into this side of things and boy oh boy i love it and want to learn more so thanks for a great video and be looking out for more vids!
Still learning full stack ?
Thanks for this!
As a developer looking to make my way into DevOps, I find a lot of your content really helpful... This one was more just for fun but it was interesting to see just how easy it is to code malware!
I've said this before but I gotta compliment the voice again man, I could listen to you talk about literally anything. Deep, smooth, and peaceful yet enthusiastic - audible chocolate if ever I heard it.
Now off to go buy coffee from you...
Also, good job disclosing just the right amount of info to maximize the educational value, without giving away enough to make somebody truly dangerous.
You clearly put a good deal of thought into that.
Thanks man, you always make learning computer stuff fun and easy to learn.
Having my math exam tomorrow but still can't avoid this video 🥰
That’s a fantastic video, I learned good stuff, many thanks.
I have to say as a vim user , watching you work with nano and struggling with indentation and other navigation is not a joyful sight 😅
The fact that it's really a thing, and isn't all so complex(just quirky to test and debug) is terrifying
So writing malware is easier than most of other programs!?
This isnt really writing a malware, its just using a github repository related to ransomware where u can test on your machine. Youll never be able to use this malware on any other machine that doesnt have python, or send this to any other systems. If you really want to build a malware you gotta learn c and understand how to write payloads related to ransomware that are undetected by ids
@@itx02 Well, thanks
I knew that you need to master C and Asm just to make something really powerful
I know Python is very much useless when you want to screw with the system
Next he needs to teach us to create malware with code blocks
I think it would be better to use a public-private key encryption. That way the script only needs the public key and thus no decryption key is present at any time in the host machine.
What is that
The problem with interpreted runtime programming languages is that the code can only be executed in a runtime environment, which is why Python is not used in real world scenarios. yes you can wrap the python script with other needed files but in the end languages like C/C++ or even Java are more common in this area
I agree, also, looks like your username was encrypted lol
you could use cx-freeze or pyinstaller to create a standalone binary
Right, but the principle is the same and it’s for the ones not being so familiar with programming.
@@AsaBowes that is what I meant. Pyinstaller simply packages files and then tells linux to treat the file as an executable using the EL format (in windows exe as packaged format). in linux everything is treated like a file and pyinstaller packs it and reformats it.
@@leox23 no, my username is encoded, not encrypted
For checking for files: you could just do “not” a dir instead to make it more pythonic
omg so when i clicked this video and he said "are you ready to play with some malware?" MY COMPUTER CRASHED I fr thought it was your fault
For anyone considering linode, just get an oracle instance, you get 4cores and 24gb for free… can make 4 1core 6gb ram servers or one big one… completely free and 0 chance to ever be charged without MANUALLY upgrading your account
You had to copy the key to a remote server instead of leaving it on the same server. Also, some code to run the python script remotely. :) Sorry that would be too much information lol.
Hey chuck! I know you’re a “beginner oriented” channel for the most part, but I was wondering if you could do a vim tutorial someday. I didn't think it was important to learn vim when I first started using Linux, but after exclusively using it for coding in my comp sci courses I finally understand the value in it and feel like it would be a great tool for other viewers of the channel to learn.
Can't stand vim
I agree vim is really useful, but I think a lot of chuck's viewers use windows, which makes vim less useful.
@@fistsfirst4584 although I do agree that it may not be useful to a windows user normally, couldn’t it still be useful when ssh’ing as a replacement for nano, especially when coding?
@halo X1 although you dare correct in saying that it’s a more complicated editor, it’s much faster to edit in compared to nano. It’s designed in such a way where you keep your fingers on the home row and are able to move from word to word, paragraph to paragraph, etc much faster than you would on something like nano. It also means that you could run commands to replace or insert text in different spaces without having to waste time manually moving to it with the arrow keys. Tl;Dr it’s saves a little bit of time with every action, leading to a lot of time saved in the long run.
vim for code? You must hate yourself lol
to make your key harder to find you can save it in the root path of a linux machine, using the os.system you can enter super user and access the file in the /bin directory and save files there, however this is risky as you may overwrite an already existing file there and break something, so double check the key
additionally to hide it further is after the execution of the python file you can write to itself to change its file path so when the user opens it after instead of seeing the file path you could change it to some other path or simply delete all the code afterwards
Or delete the key and just send it to your private server.
Super helpful video! I’m about to finish my Cuber Security degree and I’ve yet to actually see the code behind a malware before now! This is gonna be super helpful to my education! Thank you thank you thank you!
I know this is an old video but I absolutely love it! Yes it is simple code using open sourced code BUT it is still really cool and I LOVE how excited you are about it. You are the Vsauce of code!
hahahaha so true. watching in '24 ftw
I wrote malware in java yesterday
Clicking on the jar to press ctrl + c and then pasting it into the windows sandbox to test feels like playing with fire
It's so funny! I failed and was to eager to try this out, so I encrypted the decrypt script, just as you said "we need to add one more file to the list of non inclusive files!" haha thanks for this, I learned some new things while having fun with this!
I can't wait to do some "education purpose" on my school's computer
you created malware and you're on youtube earning money for that ? good job to you my friend , you're one of a kind.
no matter what the subject is, I'm always attracted to the dark side of that subject, its no different with programming
Super dope content Chuck! Very informative too!
Thank you!
you have an excellent presentation skill man!
Thank you :)
*starts taking notes*
Chuck!!! I know you have a python series but do more!! You explain things so well thank you!
Your coffee breaks keep me on edge almost as much as learning the powers of python
Super video Chuck your videos are awesome And informative to me and to everyone
the video is 25mins long and has been out for only 10mins how would you know how the video is like?
@@whatthehelllmao membership 😇
How to save your files from networkchuck's ransomware:
Put all your files in a subdirectory
Or just use the key conveniently stored right there at top level :P
Chuck can't hurt us. We know his secret phrase, which will always be coffee.
Or just don't have python installed on your machine
@@michaelbowen4275 that works for this but there are lots of other languages you can write malware in easily lol. I think chuck might have even used some of those in a different video.
So nice that you always share your knowledge with us💯🔥
im in 9th grade and i code my discord bot and watch your videos for fun. while most of the other people are vaping drinking and stuff im just chilling in my room coding and doing nerd shit. but im happy
Very well explained, informative, and very entertaining at the same time learning. Viewers will never get bored while listening to your explanation. Over all 1000 stars!
Interesting, I have a couple of questions (yes, I know that this is just a basic, fun tutorial, but still, I'm curious).
1. Why does this only work on Linux? Can't you do the same on Windows as well? Just curious.
2. If you accidentally run the encryption script more than once, then won't a new key be created, overwriting the previous key and making the files impossible to decrypt? Shouldn't you check whether a key already exists before generating it and encrypting the files?
Fun video, though!
Answering your questions with no prior testing
1. Yes, this would work. Just linux is "easier" to program in (antiviruses may mess with stuff too).
2. You're totally correct here... If you did run it again, a new key **would** be created, so yes, an if statement to check if an existing key exists would solve this fault.
yes a new key is created but then that new key is also saved in his “thekey.key” file
@@1hoodpharm Yeah, but decrypting using the new key would not give the original contents but rather the contents encrypted by the first key. So, even though we have the new key, it becomes impossible to retrieve the original contents because now there are multiple layers of encryption.
@@walterrf just create 3 or more keys and during encryption check for those keys by if statement and run the same encryption loop with different keys for each key variable by again if statement checking for each key variable is same or not.
Congrats you've officially made us into potential criminals Good Job!!😂😂
I love this channel. You're just so excited to teach and you've got great engaging energy. Helps my ADHD brain function
Just finished this project and this was a great addition to my GitHub. Tysm man.
I wanna be a cybercrime investigator officer now that I saw your vids
ME: Hi mom! I've created my first ransomware today!
MOM: Congrats! you're now a cyber criminal. Now get out!
To the fbi watching my screen, this was in my recommendations.
Your channel is amazing, God bless you and your family chuck
Wow thanks! time to use this for malicious purposes!
How companies can avoid malware attacks
I missed you man.
I want to learn python one day.
After my papers 😁😁😁
Do you have a step by step series on python for beginners?
I do.
ruclips.net/video/mRMmlo_Uqcs/видео.html
An amazing video Chuck thanks for putting out such good content :)
Chuck, what software do you use to draw on the screen? Is it epic pen?
The solution to this problem is ThreatLocker. This blocks ALL programs from running except for those that you whitelisted.
I´ve had quite a few teachers so far. Noone had passion like you! Incredible!
Everyone when the encryption works: *WOOO YES! IT WORKED! MUST BE REALLY EASY!!!*
Network engineers trying to encrypt their packets, getting 50 trillion errors: *bruh*
Chuck: "Let's create a malicious software..."
Also Chuck: "But don't use it for malicious services!"
Chuck again: "That is fun" ???
This requires python to be installed and accessible by the user account running your script.
The user could do what your malware is doing with gpg.
True malware is bytecode and will attach itself to VRAM and is incredibly difficult if not impossible to remove as it injects itself into the boot sequence.
This is what is called a python script lol and while python is a powerful language it’s still limited by file permissions and ownership.
Why not just rm-rf -no-perserve-root and ask for the bitcoin anyways haha
It’s a good way to get excited about programming but this is not anywhere near sophisticated enough to fool anyone.
Lol I remember watching this ages ago now I've learned far more than just the basics of Malware Development.
Now i can make my dream program, Rabid Racoon tm. The program jumbles up files, renames the to random trash, messes up your desktop, and also deletes your cookies!
Sorry for noobie question. But doesn't it make more sense to check 'if it is a file' firstly and then check 'if it is voldemort.py'?
No, that would actually increase runtime. This is a tiny example so it wouldn't have a real effect. But if you think about it computationally, doing it that way means you would check if it is a file for every path, then you would check if it is one of the files in your exclusion list. You would be running both checks for every file. Doing it his way would reduce a computational step for every file in his exclusion list. Whenever the file name is one in the exclusion list you would skip that iteration immediately without checking if it is a file. So one less step.
It's also better coding practice to avoid nested loops if possible.
@@alfarisw No, he's correct, assuming there is on average more directories than file names you're excluding. If you have n files and directories, with the method presented, you're checking n times for the file name and n-2 times for directories. If you do the directory check first, you're checking n times for directories and n-(number of directories) for the file name.
That being said, you could just do the entirety of the first loop using list comprehension:
[file for file in os.listdir() if os.path.isfile(file) and file not in ['voldemort.py', 'thekey.key']]
Can I use this on a cruel teacher?
Yes
Yes
1000%
can this break your computer
It pretty much can take your files as a hostage so he was testing in a virtual environment in case it didn't work because while programming you could forget an apostrophe and say goodbye to the decryption key or files or whatever you made wrong (just to warn you never harm anyone even if you think he deserves it "ethical hacking is for penetration testing or educational learning")
Ok thanks
U look relaxed NC. Congrats on this new video. I am sure the number of followers continue to grow! I enjoy watching your video today. Must add I was missing Bernard. :) You guys rock!