i created malware with Python (it's SCARY easy!!)
Вставка
- Опубліковано 17 тра 2024
- Create your Python Malware lab: ntck.co/linode (you get a $100 Credit good for 60 days as a new user!)
We are going to write our very own malware in Python!! It’s actually scary easy to do and it will give you a peek behind the curtain of how bad actors create these malicious programs. NetworkChuck will walk you through every step of how to create a ransomware program in Python using the cryptography library in Python called Fernet. He’ll then show you how to download a malware playground, a malware showcase of malicious python scripts you can play with.
🧪🧪Links and Walkthrough: ntck.co/321
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by Linode
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: ntck.co/Premium
☕☕ COFFEE and MERCH: ntck.co/coffee
Check out my new channel: ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: / discord
STUDY WITH ME on Twitch: bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: bit.ly/3rzZjzz
-Get your CCNA: bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: / networkchuck
Twitter: / networkchuck
Facebook: / networkchuck
Join the Discord server: bit.ly/nc-discord
0:00 ⏩ Intro
0:45 ⏩ What do you need?
0:56 ⏩ Our sponsor is awesome
2:06 ⏩ STEP 1 - the setup
2:20 ⏩ What is Ransomware?
3:52 ⏩ STEP 2 - Creating our ransomware script
14:39 ⏩ STEP 3 - Writing the ransomware decryption script
21:37 ⏩ Downloading a malware playground
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: geni.us/L6wyIUj
Amazon Affiliate Store: www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: geni.us/aBeqAL
#python #malware #ransomware - Наука та технологія
Create your Python Malware lab: ntck.co/linode (you get a $100 Credit good for 60 days as a new user!)
We are going to write our very own malware in Python!! It’s actually scary easy to do and it will give you a peek behind the curtain of how bad actors create these malicious programs. NetworkChuck will walk you through every step of how to create a ransomware program in Python using the cryptography library in Python called Fernet. He’ll then show you how to download a malware playground, a malware showcase of malicious python scripts you can play with.
🧪🧪Links and Walkthrough: ntck.co/321
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
0:00 ⏩ Intro
0:45 ⏩ What do you need?
0:56 ⏩ Our sponsor is awesome
2:06 ⏩ STEP 1 - the setup
2:20 ⏩ What is Ransomware?
3:52 ⏩ STEP 2 - Creating our ransomware script
14:39 ⏩ STEP 3 - Writing the ransomware decryption script
21:37 ⏩ Downloading a malware playground
**Sponsored by Linode
Hey chuck
why didn't you use a list comprehension for listing all files in the directory.
At 10:10 could you theoretically append the key to a encrypted file then just cut the key from said file after the fact when you need the key and are ready to decode? (Or put the key in the middle of they encrypted file or something) if so I think that would be a interesting way to hide it ***this is for educational purposes only***
Hey Sir i have a problem.how can Offline and online ransomware infected file's recovered.pleace share with us offline and online solution...
i got a website you can try out
Chuck: "Let's create a malicious software..."
Also Chuck: "But don't use it for malicious services!"
I thought the same
That's literally the definition of a pen tester
That's the only you learn.
@@ponyride23 In terms of writing ransomware, I m pretty sure that pen testers just use samples instead of writing their own for business purposes. I m not an expert and I might be wrong but it sounds way more reasonable than spending time developing something that has already been done. To top it off , certain groups / malware types have their own different quirks and using them instead of self made stuff just makes the test more realistic. Not the best way to describe this but I hope it's enough
@@ytg6663 Yes so c or c++ seems like a better option
Fun fact: the method used to encrypt files for ransomware is the same method used by laptop OEM’s to encrypt your entire hard drive and and protect the data in case of theft.
Just the difference is that when they protect your data they give you the key but the malware makers don't xD
Moral of that - be careful what links y'all click on.
@@johnb6723 yes
Facts
So pretty much the same as windows bitlocker
"if you want to defend yourself, you need to know how they attack"
- someone
dear fbi, im not a criminal i just wanna troll my friends 😭😭😭😭😭
Mee too 😂
Eggzactly
What are you trying to get from them?
i too simply wish to troll my friends. please fbi agent watching me dont put me on a list or whatever
Chuck: "Ok, so please dont use it for malicious reasons."
Also Chuck: "So, this is how you set things up, this is what you need and here is the code."
Well, it's not really that dangerous of a script, it's mostly to teach how it works so people are more educated
With great power comes great responsibility ~lord Voldemort
I don't get it.
In IT-security it is crucial to understand how things like ransomware work, in order to protect your networks from it.
Please help me
Please I'm passing through some stress, I recover my lost USDT account, the problem now is that the wallet address bind to that withdrawal text box, I don't have access to it again and I lost all the contacts I used in registering the USDT account. And now, I have tried changing the wallet address in the withdrawal text box, it's not responding. Please what will I do help me out
Please
I would respectfully disagree with the code instruction being ransomware. To me it looks like a nice programmers script to keep the admin from looking at their private files. Very well done. Very good tool.
this is a video to showcase how ransomware works, not how to do it perfectly
although definitely a nice tool to hide files with ngl.
tho yea its just bare bones ransomware not company worthy viruses
Agreed. Gee I never thought about using it that way.
@@Mizuki-Mikos-Music-Corner What makes a company worthy ransomware?
@@Hamza-gn2cg i meant ransomware that could take down companies. sorry for the confusion
Absolutely have nothing but positivity for Chuck I love the way he makes learning enjoyable
I love the style of your videos man! The speed, the facing to the different cameras, the dog.
"Please don't use it for malicious reasons"
Ferb, I know what we're gonna do today!
Theoretical a script that's add shutdown to autostart, is also in the category of malware. The 'hard' part of creating a malware is to find an exploit in a system to execute it with elevated permissions.
Nothing a little priv esc cant do!
That is not hard at all startup functions dont even require elevated privs
@@User-kq3od It depends on your OS / Distro. For example, in Windows you can't add stuff to global autostart as normal user, but you can add things to your shell:startup, or schedule a task at your logon.
@@buldozzer3456 Yeah, exactly, startup does not require elevated privileges. And if you wanted machine startup that badly just use a UAC exploit, they are all over the place in both linux and windows.
Read the drive from another system like an external drive to retrieve/edit files
I'm a security analyst and aspiring security engineer. Thank you so much for helping the good guys understand this stuff.
Recently our head engineer showed me a python script that extracted and ran shell code ransomware that was saved as a png.
Y'all hiring lol?
I'm finishing up my Master's degree in cybersecurity studies. My professor actually assigned us to watch videos like this.
and then im sitting there watching this out of passion and considering taking an MD-102 course real quick to be an IT
Chuck: let's create malware!
Also Chuck: downloads libraries
There's no way I'd miss a chuck episode
Your comment had 63 likes. It was not looking good bcz computers use 64 so I liked it.
Which one is the video about the shabang?
@@donhulio4314 bash scripting right now episode one.
@@HadronCollisionYT lol
@@HadronCollisionYT lol
I never comment on youtube, but I have to say this... This video has served as an introduction to linux, virtual machines, python, ransomware and hacking all in one to me, I already had a very brief knowledge of the above but following along here has expanded my knowledge 10 fold. Thanks chuck, we genuinely appreciate it.
And cloud!
and Docker
@@KDE666 its same vm
Chuck, you are one of the best UA-cam channels I have ever crossed, I always love to learn the things you teach. The way you describe the commands is super simple and that is why I really enjoy your videos. Thank You so much!!! For the great work you do.
you get a heart from me even if im not chuck :)
I'm just learning Python and this video was entertaining and useful and explained a lot of different ways of using functions and variables that my course isn't yet covering. Also a lot of stuff I haven't yet learned about but am able to follow along because of the explanations and the logical nature of Python. Subscribed, great stuff!
Its been a year since you posted this comment do you learned it fully 😅
ME: Hi mom! I've created my first ransomware today!
MOM: Congrats! you're now a cyber criminal. Now get out!
I almost never comment on UA-cam videos but chuck, I love your videos. You are a BRILLIANT professional AND human being!! Keep up the good work. 💪🏼
I can make a logic bomb out of a .bat file with 3 characters. Malware isn't hard to make, the hard part is bypassing all the protections/anti virus software people use.
@@ashgd9768asd what are some methods to bypass anti virus? Im gonna make a Bc. degree on this theme.
@@pavelcuba9260 Some of the ways include polymorphic/metamorphic malware to bypass your signature detection like IPS or IDS. If you want to bypass things like firewalls just fragment your packets.
@hillybillybob could you teach me how to do this?
Fork bomb
@Mark Rayers @echo off
:crash
start
goto crash
I've always told people that you wouldn't believe how easy it is. Sure, it can be more complicated, but im not out to make malware. Just educate my friends and family of what to watch out for. I love videos like these because they show the scary truth.
can't wait to use this for educational purpose!!
lol😂
😁😁
I really do love the fact that you think out loud. It helps me a lot to understand the process!
Dude love the malware tutorial! Im currently learning Full Stack but inbetween studies I like to look into this side of things and boy oh boy i love it and want to learn more so thanks for a great video and be looking out for more vids!
Still learning full stack ?
I’ve no idea why UA-cam recommend this video, watched for 5 mins and I subbed. The way he explain the theory behind all these are more interesting than any other python courses I took
Already started my python classes and you always help me with this crazy ideas, thanks alot chuck.
Just a reality check that python is really only good in situations like this for scripting assistance and not creation of malware.
Since you are using shebang, make the script file executable and just call the file. The shebang will tell the shell which interpreter to use.
Also, should read in chunks and write to temp file in same with iteration in the same chunk. Not only saves memory to help stay under radar, but the encryption would be chunks of the file, making random decryption much more difficult. You could write a encrypted string as the first 8 bytes of the encrypted file and store the chunk size so each file can have a random chunk size making decryption much more difficult.
Not specific for random ware but good for any encryption need.
I have experience with several languages but I've never used phyton and that's the first video I see about it. The fact that I could spot the mistake on putting the "wrong password" print in the for loop before he executed it is so cool, phyton looks really clean, easy and readable language than C or... MIPS. Good video, clear fast and kept my attention up the whole time.
Pythons Grammer is so nice it just looks good
It's just annoying that whitespace is significant.
@@LatestTechinCyberSec *bython enters the chat*
This is the first video I have came across your chanel and I can surely guarantee you, I'm going to start binge watching all your videos. You are great 👉😎👉
Chuck being consistent with the uploads, love to see that! Thank you for your work kind sir!
13:50 That looks like good code, the way you explain it it is very straightforward and easy to understand for me. I have experience in programming but not a lot in python. I could totally edit this and use it for a non malicious purpose to just encrypte files I want to keep secret.
you can just put a password for that lol, but wheres the fun in that, and a password can be bruteforced
@@MAD-kh2oy can you brute force a 128 bit AES..lol ?
@@ansh6848 yeah lol 😆
@@ansh6848 no, you cannot brute-force AES. It's literally a quantum-resistant encryption algorithm that has gone through intensive analysis to be selected for the USA encryption standard. Not something that can just be brute-forced.
@@hasnainalioriginal nope.
I really love the obvious effort and love you put into making this video, it's really nice to see 😄
Very informative; thanks for sharing. Glad I came across your channel because I learned so much about malware. It’s creepy how simple it is for hackers to create.
Since the day I started to work with you, I know I've changed a lot which really helped me to become a better person inside and out. You are one of the reasons why I'm always trying my best. Thank you so much You know I appreciate you so much.
Thanks man, you always make learning computer stuff fun and easy to learn.
Super helpful video! I’m about to finish my Cuber Security degree and I’ve yet to actually see the code behind a malware before now! This is gonna be super helpful to my education! Thank you thank you thank you!
Thanks for this!
As a developer looking to make my way into DevOps, I find a lot of your content really helpful... This one was more just for fun but it was interesting to see just how easy it is to code malware!
I've said this before but I gotta compliment the voice again man, I could listen to you talk about literally anything. Deep, smooth, and peaceful yet enthusiastic - audible chocolate if ever I heard it.
Now off to go buy coffee from you...
Also, good job disclosing just the right amount of info to maximize the educational value, without giving away enough to make somebody truly dangerous.
You clearly put a good deal of thought into that.
Nice video! Hope to see more content like that, maybe something about forensics. Keep it going man!
he is able to give us the method to destroy a state and give us his masterclass "it's for education purposes only" CHUCK THE GENIUS
I´ve had quite a few teachers so far. Noone had passion like you! Incredible!
This was so much fun to follow along with 😂I love it
It's so funny! I failed and was to eager to try this out, so I encrypted the decrypt script, just as you said "we need to add one more file to the list of non inclusive files!" haha thanks for this, I learned some new things while having fun with this!
That’s a fantastic video, I learned good stuff, many thanks.
I have to say as a vim user , watching you work with nano and struggling with indentation and other navigation is not a joyful sight 😅
Chuck: Here, take this amazing chocolate!
Also Chuck: Don't ever eat it.
U look relaxed NC. Congrats on this new video. I am sure the number of followers continue to grow! I enjoy watching your video today. Must add I was missing Bernard. :) You guys rock!
would be so sufficient since its storing the local key could be reverse engineered. Instead use xor with a y key by setting a variable to encryption_level = 128 // 8 and as an output make it where it doesn't only have keyboard chars but all chars possible in ascii then as for the random generated string have it send the key using socket library to the C2 server. otherwise love the vid man!
I'm fairly new to python and was kind of wondering about this lol like they have the script right there, they also have the key right there, so like if they know the basics they have all the puzzle pieces to put it back together, to me it would seem like ever leaving the key on their machine would make it relatively easy to reverse engineer it. I'm glad that I was not incorrect in my assumptions xD
@@xxfloppypillowxx its not what your thinking itd a xor byte key is what im describing all chars in the ascii libary THOUSANDS it gets send to the attackers C2 and is sent through an encrypted protocol you cant reverse engineer that and just find the key
@@xxfloppypillowxx yes, actual malware would likely obfuscate all their code, and have a more complicated way to store their key (on windows you can hide it in registry, + you don't have to have the whole key completely random, it can have a non-random part based on some obscure calculation; or you can make your malware connect to the internet and store keys on some compromised server)
obfuscation usually involves:
- obscuring variable names
- adding code that does useless work, or embedding malware code within code for a useful program (to obscure which parts are actually malware)
- 'encrypt' malware code itself, and make it so the malware first has to 'decrypt' the part that does actual malicious stuff (in python there's even a function exec() which you can give text, and it will interpret it as python code and execute). You can even have multiple steps of 'encryption', for better obscurity
- together with encryption, you can also split words that are used in your code into multiple parts, so automatic antivirus software can't easily figure out that you are using some kind of scary functions that can be considered malicious behavior
So nice that you always share your knowledge with us💯🔥
Love your channel man, thanks for the hard work
I know this is an old video but I absolutely love it! Yes it is simple code using open sourced code BUT it is still really cool and I LOVE how excited you are about it. You are the Vsauce of code!
hahahaha so true. watching in '24 ftw
"Don't be evil" used to be one of their values in their code of conduct but i'm pretty sure they quietly got rid a few years ago. I think I read somewhere that they changed it to something like "Do the right thing" and then got rid of it all together
"Do the right thing" ... for shareholders.
@@445Matty yeah 🤣 “don’t be unprofitable”
New Gootto: "Don't be evil... leave this for us."
They even admitted that "don't be evil" was impossible with their business model, and that what the slogan meant was "be less evil". They stopped with that, too.
@@SynthApprenticethey didnt
deploying my own malware on Linode servers sounds like a good idea. thank you!
👆👆👆👆he will help u just don’t stress yourself much ok
what if i deploy it in a virtual box?
@@tajammul.shaheenYou'll still be a virgin.
The fact that it's really a thing, and isn't all so complex(just quirky to test and debug) is terrifying
So writing malware is easier than most of other programs!?
Very engaging content and awesomely explained. Well done dude!
An amazing video Chuck thanks for putting out such good content :)
Just the video I needed, from the content creator I love!
Thanks chuck!
what do you mean by "The video i NEEDED"????
WHAT DO YOU NEED RANSOMWARE FOR?
@@aszher *malware. Malware competitions that are similar to demoscene.
Why would he make this video if there wasn’t any interest? :)
Congrats on 3,000,000! You've been helping me dive into hacking as a hobby and I've been loving it. Cheers man
I literally have 0 idea how to code and know nothing about phython but still watched the whole thing.
Chuck, thanks for teaching me everything necessary to do fun projects like these. I will be using this as a final project for my programming class, so everyone wish me luck.
send via email. : )
did it work for your final project?
Having my math exam tomorrow but still can't avoid this video 🥰
bro, I am tired of learnig all of these stuff associated with linux and programming but when I'm watching you, I can't stop doing this
That was awesome, I felt like I was riding on a scary fast rollercoaster.. wow man!
Thx C
7:00. Future video idea, show how to make recursive function calls (call the same function inside itself) to navigate through a directory tree.
Would love to see how you do all your business in the cloud. Not in a specific way or anything, just a general overview of the layout.
I've just started learning and fun-coding with Python. Getting more excited everyday. Education watchin Your Python videos makes me more excited and addicted to continue that journey everyday!
Thanks!
Just finished this project and this was a great addition to my GitHub. Tysm man.
Love this video!!! Keep making more videos on cryptography and ethical hacking, this was very interesting!! Thanks
You are the best Chuck....Huge fan here from Samoa (WS) I've learn a lot of things from your channel
Fiafia stamaloa e hack haha, faifai malie uso. Much love
Every single time I was these kind of videos:
My Brain: I should try this in school computers
I love your videos. it makes fun and easy to understand. Thank you so much NetworkChuck.
For checking for files: you could just do “not” a dir instead to make it more pythonic
I have some ideas for you to make:
1. How to actually profit on Sweatcoin. This is a mobile app that gives you crypto for walking.
2. Java for noobs. I have seen TheNewBoston make a very good series on this, but uhh, is a bit old. Using that format with your own twist(coffee needed). I would also likely want to watch you more cus you are more weird and I like that.
3. How to host a good website. I'm talking multiple well placed servers to make connection quick for global users, a good talk about what to keep client side and server side(ahem if you want a max character limit then set that server side not client side. My school passwords still have this issue haha)
Thank you! I would love to see many of these things on your awesome channel.
sweatcoin is a scam and it is not crypto. you will never make money from it
@@jsephweaver meep
Very well explained, informative, and very entertaining at the same time learning. Viewers will never get bored while listening to your explanation. Over all 1000 stars!
Love your videos , What's screen annotation app do you use ?
Hey chuck! I know you’re a “beginner oriented” channel for the most part, but I was wondering if you could do a vim tutorial someday. I didn't think it was important to learn vim when I first started using Linux, but after exclusively using it for coding in my comp sci courses I finally understand the value in it and feel like it would be a great tool for other viewers of the channel to learn.
Can't stand vim
I agree vim is really useful, but I think a lot of chuck's viewers use windows, which makes vim less useful.
@@fistsfirst4584 although I do agree that it may not be useful to a windows user normally, couldn’t it still be useful when ssh’ing as a replacement for nano, especially when coding?
@halo X1 although you dare correct in saying that it’s a more complicated editor, it’s much faster to edit in compared to nano. It’s designed in such a way where you keep your fingers on the home row and are able to move from word to word, paragraph to paragraph, etc much faster than you would on something like nano. It also means that you could run commands to replace or insert text in different spaces without having to waste time manually moving to it with the arrow keys. Tl;Dr it’s saves a little bit of time with every action, leading to a lot of time saved in the long run.
vim for code? You must hate yourself lol
Chuck, what software do you use to draw on the screen? Is it epic pen?
Thanks a lot Chuck for sharing such an amazing content. Well done!!
After about half a year on my "Watch Later" I finally watched this video.
Interesting, straight forward! Also I could think of a Usecase as an automated and encrypted Backup or something like this.
You had to copy the key to a remote server instead of leaving it on the same server. Also, some code to run the python script remotely. :) Sorry that would be too much information lol.
to make your key harder to find you can save it in the root path of a linux machine, using the os.system you can enter super user and access the file in the /bin directory and save files there, however this is risky as you may overwrite an already existing file there and break something, so double check the key
additionally to hide it further is after the execution of the python file you can write to itself to change its file path so when the user opens it after instead of seeing the file path you could change it to some other path or simply delete all the code afterwards
Or delete the key and just send it to your private server.
the coolest guy on UA-cam, thanks man I am new to py but your explanations where amazing. I have a much greater understanding of py because of this video. I will certainly check out more of your videos containing py
Great informational video on malware !!!
Is it possible to do the encryption you did on all the files on the disk?
After running, it only encrypted the files that we created(File1.File2...)..
I can't wait to do some "education purpose" on my school's computer
*starts taking notes*
thank you for this! putting these on a resume has been helping me get attention from jobs
love your vids man. can you make more videos on hacking tools with python or other languages.i know github exist but i love the energy you pu into these vids man
I love this channel. You're just so excited to teach and you've got great engaging energy. Helps my ADHD brain function
This video is really helpful. I really learnt a lot. Thank you!! 😃
There is a 99.9% that this tutorial inspired many people to create malware and use it for malicious purposes. I get its important for learning because people need to understand how malware works to fight against it, but surely this video did more harm that good.
Congrats you've officially made us into potential criminals Good Job!!😂😂
Hi Chuck.
I am looking to get into becoming a cloud security engineer but I have a degree in business administration and no IT background. I am currently learning the azure fundamentals on Microsoft learn, then I'll learn about networking and Linux, then python. Then I'll try to get some certs. I am currently using the learntocloud guide. Do you think I'll be able to get an entry-level position?
i loves your videos! such an amazing content!
thank you very much sir!
Liked and subscribed
cant wait to use this for educational purposes
Your channel is amazing, God bless you and your family chuck
If you wanted to implement a script like this in a remotely realistic environment, it would involve either bundling the python interpreter along with the script, or adding code that grabs it from the internet.
this is the interesting part, he always skips these...
or just compile it?
You can easily turn it into an executable however it's easy to decompile
@@robertolivavidal5898pretty sure a nice person like him most definitely wouldn't be telling us how to *ACTUALLY* create a malware
If he did so then again you're pretty much teaching people how to hack
It's like telling people how to do magic on someone and later saying don't do it, but you're not teaching one person you're teaching millions of people
You could teach them a rather basic magic or a extremely dangerous magic, again magic in this case being a virus
Virus sucks
DAMN this channel has an amazing energy!! LOVE IT
I wrote malware in java yesterday
Clicking on the jar to press ctrl + c and then pasting it into the windows sandbox to test feels like playing with fire
you have an excellent presentation skill man!
Thank you :)
Super dope content Chuck! Very informative too!
Thank you!
Your coffee breaks keep me on edge almost as much as learning the powers of python
I tried to make this on my main laptop but, when I ran the file it just gave an error and closed. When I looked for the file, it has been permanently deleted. Then I realized, I saw a windows popup saying ransomeware found and the python file has been permanently deleted by windows security thinking it's a malware. This proves that windows security actually helps.