Hey chuck

why didn't you use a list comprehension for listing all files in the directory.

At 10:10 could you theoretically append the key to a encrypted file then just cut the key from said file after the fact when you need the key and are ready to decode? (Or put the key in the middle of they encrypted file or something) if so I think that would be a interesting way to hide it ***this is for educational purposes only***

Hey Sir i have a problem.how can Offline and online ransomware infected file's recovered.pleace share with us offline and online solution...

i got a website you can try out

I thought the same

That's literally the definition of a pen tester

That's the only you learn.

@@ponyride23 In terms of writing ransomware, I m pretty sure that pen testers just use samples instead of writing their own for business purposes. I m not an expert and I might be wrong but it sounds way more reasonable than spending time developing something that has already been done. To top it off , certain groups / malware types have their own different quirks and using them instead of self made stuff just makes the test more realistic. Not the best way to describe this but I hope it's enough

@@ytg6663 Yes so c or c++ seems like a better option

Just the difference is that when they protect your data they give you the key but the malware makers don't xD

Moral of that - be careful what links y'all click on.

@@johnb6723 yes

Facts

So pretty much the same as windows bitlocker

Well, it's not really that dangerous of a script, it's mostly to teach how it works so people are more educated

With great power comes great responsibility ~lord Voldemort

I don't get it.

In IT-security it is crucial to understand how things like ransomware work, in order to protect your networks from it.

Please help me Please I'm passing through some stress, I recover my lost USDT account, the problem now is that the wallet address bind to that withdrawal text box, I don't have access to it again and I lost all the contacts I used in registering the USDT account. And now, I have tried changing the wallet address in the withdrawal text box, it's not responding. Please what will I do help me out Please

Did you mean watch instead of was

@asminqps3003 Thanks for the correction Asmin

@@ArikCool my username is actually Billy not asminqps3003

Broo! My thoughts exactly...

I did it in school using powershell 😆

@@saadmuhammad3119 haha nice, how did you do it, in the video he did it in his own linux but how can you send that to someone, كيف فعلت هده الاشياء

Nothing a little priv esc cant do!

That is not hard at all startup functions dont even require elevated privs

@@User-kq3od It depends on your OS / Distro. For example, in Windows you can't add stuff to global autostart as normal user, but you can add things to your shell:startup, or schedule a task at your logon.

@@buldozzer3456 Yeah, exactly, startup does not require elevated privileges. And if you wanted machine startup that badly just use a UAC exploit, they are all over the place in both linux and windows.

Read the drive from another system like an external drive to retrieve/edit files

And cloud!

and Docker

@@KDE666 its same vm

Recently our head engineer showed me a python script that extracted and ran shell code ransomware that was saved as a png.

Y'all hiring lol? I'm finishing up my Master's degree in cybersecurity studies. My professor actually assigned us to watch videos like this.

and then im sitting there watching this out of passion and considering taking an MD-102 course real quick to be an IT

@@garbagetrash2938 damn that's sneaky

this is a video to showcase how ransomware works, not how to do it perfectly

although definitely a nice tool to hide files with ngl. tho yea its just bare bones ransomware not company worthy viruses

Agreed. Gee I never thought about using it that way.

@@Mizuki-Mikos-Music-Corner What makes a company worthy ransomware?

@@Hamza-gn2cg i meant ransomware that could take down companies. sorry for the confusion

Your comment had 63 likes. It was not looking good bcz computers use 64 so I liked it.

Which one is the video about the shabang?

@@donhulio4314 bash scripting right now episode one.

@@HadronCollisionYT lol

@@HadronCollisionYT lol

you get a heart from me even if im not chuck :)

🤣🤣🤣🤣🤣

THIS WAS IN MY RECOMMENDATIONS 😭😭😭

lol😂

😁😁

Pythons Grammer is so nice it just looks good

It's just annoying that whitespace is significant.

@@LaziestTechinCyberSec *bython enters the chat*

Also, good job disclosing just the right amount of info to maximize the educational value, without giving away enough to make somebody truly dangerous. You clearly put a good deal of thought into that.

you can just put a password for that lol, but wheres the fun in that, and a password can be bruteforced

@@MAD-kh2oy can you brute force a 128 bit AES..lol ?

​@@ansh6848 yeah lol 😆

@@ansh6848 no, you cannot brute-force AES. It's literally a quantum-resistant encryption algorithm that has gone through intensive analysis to be selected for the USA encryption standard. Not something that can just be brute-forced.

@@hasnainalioriginal nope.

@@ashgd9768asd what are some methods to bypass anti virus? Im gonna make a Bc. degree on this theme.

@hillybillybob could you teach me how to do this?

Fork bomb

@Mark Rayers @echo off :crash start goto crash

Just a reality check that python is really only good in situations like this for scripting assistance and not creation of malware.

Better learn c

@@blvckl0tcs750 you can use nuitka it compiles your python code into a portable C .exe making a 20mb hello world program into a 420kb

Its been a year since you posted this comment do you learned it fully 😅

Better learn c

what do you mean by "The video i NEEDED"???? WHAT DO YOU NEED RANSOMWARE FOR?

@@aszher *malware. Malware competitions that are similar to demoscene. Why would he make this video if there wasn’t any interest? :)

Still learning full stack ?

I'm fairly new to python and was kind of wondering about this lol like they have the script right there, they also have the key right there, so like if they know the basics they have all the puzzle pieces to put it back together, to me it would seem like ever leaving the key on their machine would make it relatively easy to reverse engineer it. I'm glad that I was not incorrect in my assumptions xD

@@xxfloppypillowxx its not what your thinking itd a xor byte key is what im describing all chars in the ascii libary THOUSANDS it gets send to the attackers C2 and is sent through an encrypted protocol you cant reverse engineer that and just find the key

@@xxfloppypillowxx yes, actual malware would likely obfuscate all their code, and have a more complicated way to store their key (on windows you can hide it in registry, + you don't have to have the whole key completely random, it can have a non-random part based on some obscure calculation; or you can make your malware connect to the internet and store keys on some compromised server) obfuscation usually involves: - obscuring variable names - adding code that does useless work, or embedding malware code within code for a useful program (to obscure which parts are actually malware) - 'encrypt' malware code itself, and make it so the malware first has to 'decrypt' the part that does actual malicious stuff (in python there's even a function exec() which you can give text, and it will interpret it as python code and execute). You can even have multiple steps of 'encryption', for better obscurity - together with encryption, you can also split words that are used in your code into multiple parts, so automatic antivirus software can't easily figure out that you are using some kind of scary functions that can be considered malicious behavior

Fiafia stamaloa e hack haha, faifai malie uso. Much love

hahahaha so true. watching in '24 ftw

👆👆👆👆he will help u just don’t stress yourself much ok

what if i deploy it in a virtual box?

​@@tajammul.shaheenYou'll still be a virgin.

"Do the right thing" ... for shareholders.

@@445Matty yeah 🤣 “don’t be unprofitable”

New Gootto: "Don't be evil... leave this for us."

They even admitted that "don't be evil" was impossible with their business model, and that what the slogan meant was "be less evil". They stopped with that, too.

@@SynthApprenticethey didnt

send via email. : )

did it work for your final project?

Can't stand vim

I agree vim is really useful, but I think a lot of chuck's viewers use windows, which makes vim less useful.

@@fistsfirst4584 although I do agree that it may not be useful to a windows user normally, couldn’t it still be useful when ssh’ing as a replacement for nano, especially when coding?

@halo X1 although you dare correct in saying that it’s a more complicated editor, it’s much faster to edit in compared to nano. It’s designed in such a way where you keep your fingers on the home row and are able to move from word to word, paragraph to paragraph, etc much faster than you would on something like nano. It also means that you could run commands to replace or insert text in different spaces without having to waste time manually moving to it with the arrow keys. Tl;Dr it’s saves a little bit of time with every action, leading to a lot of time saved in the long run.

vim for code? You must hate yourself lol

Thank you!

What is that

Thank you :)

Or delete the key and just send it to your private server.

Answering your questions with no prior testing 1. Yes, this would work. Just linux is "easier" to program in (antiviruses may mess with stuff too). 2. You're totally correct here... If you did run it again, a new key **would** be created, so yes, an if statement to check if an existing key exists would solve this fault.

yes a new key is created but then that new key is also saved in his “thekey.key” file

@@1hoodpharm Yeah, but decrypting using the new key would not give the original contents but rather the contents encrypted by the first key. So, even though we have the new key, it becomes impossible to retrieve the original contents because now there are multiple layers of encryption.

@@walterrf just create 3 or more keys and during encryption check for those keys by if statement and run the same encryption loop with different keys for each key variable by again if statement checking for each key variable is same or not.

the video is 25mins long and has been out for only 10mins how would you know how the video is like?

@@whatthehelllmao membership 😇

I agree, also, looks like your username was encrypted lol

you could use cx-freeze or pyinstaller to create a standalone binary

Right, but the principle is the same and it’s for the ones not being so familiar with programming.

@@AsaBowes that is what I meant. Pyinstaller simply packages files and then tells linux to treat the file as an executable using the EL format (in windows exe as packaged format). in linux everything is treated like a file and pyinstaller packs it and reformats it.

@@leox23 no, my username is encoded, not encrypted

This isnt really writing a malware, its just using a github repository related to ransomware where u can test on your machine. Youll never be able to use this malware on any other machine that doesnt have python, or send this to any other systems. If you really want to build a malware you gotta learn c and understand how to write payloads related to ransomware that are undetected by ids

@@itx02 Well, thanks I knew that you need to master C and Asm just to make something really powerful I know Python is very much useless when you want to screw with the system

this is the interesting part, he always skips these...

or just compile it?

You can easily turn it into an executable however it's easy to decompile

​@@DungeonMasterGodpretty sure a nice person like him most definitely wouldn't be telling us how to *ACTUALLY* create a malware If he did so then again you're pretty much teaching people how to hack It's like telling people how to do magic on someone and later saying don't do it, but you're not teaching one person you're teaching millions of people You could teach them a rather basic magic or a extremely dangerous magic, again magic in this case being a virus Virus sucks

Chuck can't hurt us. We know his secret phrase, which will always be coffee.

Or just don't have python installed on your machine

@@michaelbowen4275 that works for this but there are lots of other languages you can write malware in easily lol. I think chuck might have even used some of those in a different video.

I do.

kzbin.info/www/bejne/o4Ownp-llLqkmdU

No, that would actually increase runtime. This is a tiny example so it wouldn't have a real effect. But if you think about it computationally, doing it that way means you would check if it is a file for every path, then you would check if it is one of the files in your exclusion list. You would be running both checks for every file. Doing it his way would reduce a computational step for every file in his exclusion list. Whenever the file name is one in the exclusion list you would skip that iteration immediately without checking if it is a file. So one less step. It's also better coding practice to avoid nested loops if possible.

​@@alfarisw No, he's correct, assuming there is on average more directories than file names you're excluding. If you have n files and directories, with the method presented, you're checking n times for the file name and n-2 times for directories. If you do the directory check first, you're checking n times for directories and n-(number of directories) for the file name. That being said, you could just do the entirety of the first loop using list comprehension: [file for file in os.listdir() if os.path.isfile(file) and file not in ['voldemort.py', 'thekey.key']]

Yes

Yes

1000%