i created malware with Python (it's SCARY easy!!)
ฝัง
- เผยแพร่เมื่อ 21 พ.ค. 2024
- Create your Python Malware lab: ntck.co/linode (you get a $100 Credit good for 60 days as a new user!)
We are going to write our very own malware in Python!! It’s actually scary easy to do and it will give you a peek behind the curtain of how bad actors create these malicious programs. NetworkChuck will walk you through every step of how to create a ransomware program in Python using the cryptography library in Python called Fernet. He’ll then show you how to download a malware playground, a malware showcase of malicious python scripts you can play with.
🧪🧪Links and Walkthrough: ntck.co/321
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by Linode
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: ntck.co/Premium
☕☕ COFFEE and MERCH: ntck.co/coffee
Check out my new channel: ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: / discord
STUDY WITH ME on Twitch: bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: bit.ly/3rzZjzz
-Get your CCNA: bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: / networkchuck
Twitter: / networkchuck
Facebook: / networkchuck
Join the Discord server: bit.ly/nc-discord
0:00 ⏩ Intro
0:45 ⏩ What do you need?
0:56 ⏩ Our sponsor is awesome
2:06 ⏩ STEP 1 - the setup
2:20 ⏩ What is Ransomware?
3:52 ⏩ STEP 2 - Creating our ransomware script
14:39 ⏩ STEP 3 - Writing the ransomware decryption script
21:37 ⏩ Downloading a malware playground
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: geni.us/L6wyIUj
Amazon Affiliate Store: www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: geni.us/aBeqAL
#python #malware #ransomware - วิทยาศาสตร์และเทคโนโลยี
Create your Python Malware lab: ntck.co/linode (you get a $100 Credit good for 60 days as a new user!)
We are going to write our very own malware in Python!! It’s actually scary easy to do and it will give you a peek behind the curtain of how bad actors create these malicious programs. NetworkChuck will walk you through every step of how to create a ransomware program in Python using the cryptography library in Python called Fernet. He’ll then show you how to download a malware playground, a malware showcase of malicious python scripts you can play with.
🧪🧪Links and Walkthrough: ntck.co/321
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
0:00 ⏩ Intro
0:45 ⏩ What do you need?
0:56 ⏩ Our sponsor is awesome
2:06 ⏩ STEP 1 - the setup
2:20 ⏩ What is Ransomware?
3:52 ⏩ STEP 2 - Creating our ransomware script
14:39 ⏩ STEP 3 - Writing the ransomware decryption script
21:37 ⏩ Downloading a malware playground
**Sponsored by Linode
Hey chuck
why didn't you use a list comprehension for listing all files in the directory.
At 10:10 could you theoretically append the key to a encrypted file then just cut the key from said file after the fact when you need the key and are ready to decode? (Or put the key in the middle of they encrypted file or something) if so I think that would be a interesting way to hide it ***this is for educational purposes only***
Hey Sir i have a problem.how can Offline and online ransomware infected file's recovered.pleace share with us offline and online solution...
i got a website you can try out
Chuck: "Let's create a malicious software..."
Also Chuck: "But don't use it for malicious services!"
I thought the same
That's literally the definition of a pen tester
That's the only you learn.
@@ponyride23 In terms of writing ransomware, I m pretty sure that pen testers just use samples instead of writing their own for business purposes. I m not an expert and I might be wrong but it sounds way more reasonable than spending time developing something that has already been done. To top it off , certain groups / malware types have their own different quirks and using them instead of self made stuff just makes the test more realistic. Not the best way to describe this but I hope it's enough
@@ytg6663 Yes so c or c++ seems like a better option
Fun fact: the method used to encrypt files for ransomware is the same method used by laptop OEM’s to encrypt your entire hard drive and and protect the data in case of theft.
Just the difference is that when they protect your data they give you the key but the malware makers don't xD
Moral of that - be careful what links y'all click on.
@@johnb6723 yes
Facts
So pretty much the same as windows bitlocker
"if you want to defend yourself, you need to know how they attack"
- someone
Absolutely have nothing but positivity for Chuck I love the way he makes learning enjoyable
Chuck: "Ok, so please dont use it for malicious reasons."
Also Chuck: "So, this is how you set things up, this is what you need and here is the code."
Well, it's not really that dangerous of a script, it's mostly to teach how it works so people are more educated
With great power comes great responsibility ~lord Voldemort
I don't get it.
In IT-security it is crucial to understand how things like ransomware work, in order to protect your networks from it.
Please help me
Please I'm passing through some stress, I recover my lost USDT account, the problem now is that the wallet address bind to that withdrawal text box, I don't have access to it again and I lost all the contacts I used in registering the USDT account. And now, I have tried changing the wallet address in the withdrawal text box, it's not responding. Please what will I do help me out
Please
Theoretical a script that's add shutdown to autostart, is also in the category of malware. The 'hard' part of creating a malware is to find an exploit in a system to execute it with elevated permissions.
Nothing a little priv esc cant do!
That is not hard at all startup functions dont even require elevated privs
@@User-kq3od It depends on your OS / Distro. For example, in Windows you can't add stuff to global autostart as normal user, but you can add things to your shell:startup, or schedule a task at your logon.
@@buldozzer3456 Yeah, exactly, startup does not require elevated privileges. And if you wanted machine startup that badly just use a UAC exploit, they are all over the place in both linux and windows.
Read the drive from another system like an external drive to retrieve/edit files
I love the style of your videos man! The speed, the facing to the different cameras, the dog.
I tried to make this on my main laptop but, when I ran the file it just gave an error and closed. When I looked for the file, it has been permanently deleted. Then I realized, I saw a windows popup saying ransomeware found and the python file has been permanently deleted by windows security thinking it's a malware. This proves that windows security actually helps.
There's no way I'd miss a chuck episode
Your comment had 63 likes. It was not looking good bcz computers use 64 so I liked it.
Which one is the video about the shabang?
@@donhulio4314 bash scripting right now episode one.
@@HadronCollisionYT lol
@@HadronCollisionYT lol
I would respectfully disagree with the code instruction being ransomware. To me it looks like a nice programmers script to keep the admin from looking at their private files. Very well done. Very good tool.
this is a video to showcase how ransomware works, not how to do it perfectly
although definitely a nice tool to hide files with ngl.
tho yea its just bare bones ransomware not company worthy viruses
Agreed. Gee I never thought about using it that way.
@@Mizuki-Mikos-Music-Corner What makes a company worthy ransomware?
@@Hamza-gn2cg i meant ransomware that could take down companies. sorry for the confusion
I can make a logic bomb out of a .bat file with 3 characters. Malware isn't hard to make, the hard part is bypassing all the protections/anti virus software people use.
@@ashgd9768asd what are some methods to bypass anti virus? Im gonna make a Bc. degree on this theme.
@@pavelcuba9260 Some of the ways include polymorphic/metamorphic malware to bypass your signature detection like IPS or IDS. If you want to bypass things like firewalls just fragment your packets.
@hillybillybob could you teach me how to do this?
Fork bomb
@Mark Rayers @echo off
:crash
start
goto crash
Chuck, you are one of the best TH-cam channels I have ever crossed, I always love to learn the things you teach. The way you describe the commands is super simple and that is why I really enjoy your videos. Thank You so much!!! For the great work you do.
you get a heart from me even if im not chuck :)
"Please don't use it for malicious reasons"
Ferb, I know what we're gonna do today!
I never comment on youtube, but I have to say this... This video has served as an introduction to linux, virtual machines, python, ransomware and hacking all in one to me, I already had a very brief knowledge of the above but following along here has expanded my knowledge 10 fold. Thanks chuck, we genuinely appreciate it.
And cloud!
and Docker
@@KDE666 its same vm
I'm a security analyst and aspiring security engineer. Thank you so much for helping the good guys understand this stuff.
Recently our head engineer showed me a python script that extracted and ran shell code ransomware that was saved as a png.
Y'all hiring lol?
I'm finishing up my Master's degree in cybersecurity studies. My professor actually assigned us to watch videos like this.
and then im sitting there watching this out of passion and considering taking an MD-102 course real quick to be an IT
Next Chuck vidéo : *« Let’s destroy the boot sector ! (but don’t use it for malicious service 😉) »*
can't wait to use this for educational purpose!!
lol😂
😁😁
I almost never comment on TH-cam videos but chuck, I love your videos. You are a BRILLIANT professional AND human being!! Keep up the good work. 💪🏼
Dude love the malware tutorial! Im currently learning Full Stack but inbetween studies I like to look into this side of things and boy oh boy i love it and want to learn more so thanks for a great video and be looking out for more vids!
Still learning full stack ?
Very informative; thanks for sharing. Glad I came across your channel because I learned so much about malware. It’s creepy how simple it is for hackers to create.
I really do love the fact that you think out loud. It helps me a lot to understand the process!
ME: Hi mom! I've created my first ransomware today!
MOM: Congrats! you're now a cyber criminal. Now get out!
dear fbi, im not a criminal i just wanna troll my friends 😭😭😭😭😭
Mee too 😂
Eggzactly
What are you trying to get from them?
i too simply wish to troll my friends. please fbi agent watching me dont put me on a list or whatever
I just wanna know how tf do they make it
Super helpful video! I’m about to finish my Cuber Security degree and I’ve yet to actually see the code behind a malware before now! This is gonna be super helpful to my education! Thank you thank you thank you!
Chuck being consistent with the uploads, love to see that! Thank you for your work kind sir!
Thanks man, you always make learning computer stuff fun and easy to learn.
This is the first video I have came across your chanel and I can surely guarantee you, I'm going to start binge watching all your videos. You are great 👉😎👉
Love your channel man, thanks for the hard work
13:50 That looks like good code, the way you explain it it is very straightforward and easy to understand for me. I have experience in programming but not a lot in python. I could totally edit this and use it for a non malicious purpose to just encrypte files I want to keep secret.
you can just put a password for that lol, but wheres the fun in that, and a password can be bruteforced
@@MAD-kh2oy can you brute force a 128 bit AES..lol ?
@@ansh6848 yeah lol 😆
@@ansh6848 no, you cannot brute-force AES. It's literally a quantum-resistant encryption algorithm that has gone through intensive analysis to be selected for the USA encryption standard. Not something that can just be brute-forced.
@@hasnainalioriginal nope.
Since you are using shebang, make the script file executable and just call the file. The shebang will tell the shell which interpreter to use.
Also, should read in chunks and write to temp file in same with iteration in the same chunk. Not only saves memory to help stay under radar, but the encryption would be chunks of the file, making random decryption much more difficult. You could write a encrypted string as the first 8 bytes of the encrypted file and store the chunk size so each file can have a random chunk size making decryption much more difficult.
Not specific for random ware but good for any encryption need.
Very engaging content and awesomely explained. Well done dude!
I'm just learning Python and this video was entertaining and useful and explained a lot of different ways of using functions and variables that my course isn't yet covering. Also a lot of stuff I haven't yet learned about but am able to follow along because of the explanations and the logical nature of Python. Subscribed, great stuff!
Its been a year since you posted this comment do you learned it fully 😅
Better learn c
Already started my python classes and you always help me with this crazy ideas, thanks alot chuck.
Just a reality check that python is really only good in situations like this for scripting assistance and not creation of malware.
Better learn c
Nice video! Hope to see more content like that, maybe something about forensics. Keep it going man!
I´ve had quite a few teachers so far. Noone had passion like you! Incredible!
I really love the obvious effort and love you put into making this video, it's really nice to see 😄
Since the day I started to work with you, I know I've changed a lot which really helped me to become a better person inside and out. You are one of the reasons why I'm always trying my best. Thank you so much You know I appreciate you so much.
So nice that you always share your knowledge with us💯🔥
I’ve no idea why TH-cam recommend this video, watched for 5 mins and I subbed. The way he explain the theory behind all these are more interesting than any other python courses I took
I have experience with several languages but I've never used phyton and that's the first video I see about it. The fact that I could spot the mistake on putting the "wrong password" print in the for loop before he executed it is so cool, phyton looks really clean, easy and readable language than C or... MIPS. Good video, clear fast and kept my attention up the whole time.
Pythons Grammer is so nice it just looks good
It's just annoying that whitespace is significant.
@@LatestTechinCyberSec *bython enters the chat*
An amazing video Chuck thanks for putting out such good content :)
Just the video I needed, from the content creator I love!
Thanks chuck!
what do you mean by "The video i NEEDED"????
WHAT DO YOU NEED RANSOMWARE FOR?
@@aszher *malware. Malware competitions that are similar to demoscene.
Why would he make this video if there wasn’t any interest? :)
Congrats on 3,000,000! You've been helping me dive into hacking as a hobby and I've been loving it. Cheers man
I love your videos. it makes fun and easy to understand. Thank you so much NetworkChuck.
That’s a fantastic video, I learned good stuff, many thanks.
I have to say as a vim user , watching you work with nano and struggling with indentation and other navigation is not a joyful sight 😅
"Don't be evil" used to be one of their values in their code of conduct but i'm pretty sure they quietly got rid a few years ago. I think I read somewhere that they changed it to something like "Do the right thing" and then got rid of it all together
"Do the right thing" ... for shareholders.
@@445Matty yeah 🤣 “don’t be unprofitable”
New Gootto: "Don't be evil... leave this for us."
They even admitted that "don't be evil" was impossible with their business model, and that what the slogan meant was "be less evil". They stopped with that, too.
@@SynthApprenticethey didnt
Chuck: let's create malware!
Also Chuck: downloads libraries
U look relaxed NC. Congrats on this new video. I am sure the number of followers continue to grow! I enjoy watching your video today. Must add I was missing Bernard. :) You guys rock!
Chuck, thanks for teaching me everything necessary to do fun projects like these. I will be using this as a final project for my programming class, so everyone wish me luck.
send via email. : )
did it work for your final project?
would be so sufficient since its storing the local key could be reverse engineered. Instead use xor with a y key by setting a variable to encryption_level = 128 // 8 and as an output make it where it doesn't only have keyboard chars but all chars possible in ascii then as for the random generated string have it send the key using socket library to the C2 server. otherwise love the vid man!
I'm fairly new to python and was kind of wondering about this lol like they have the script right there, they also have the key right there, so like if they know the basics they have all the puzzle pieces to put it back together, to me it would seem like ever leaving the key on their machine would make it relatively easy to reverse engineer it. I'm glad that I was not incorrect in my assumptions xD
@@xxfloppypillowxx its not what your thinking itd a xor byte key is what im describing all chars in the ascii libary THOUSANDS it gets send to the attackers C2 and is sent through an encrypted protocol you cant reverse engineer that and just find the key
@@xxfloppypillowxx yes, actual malware would likely obfuscate all their code, and have a more complicated way to store their key (on windows you can hide it in registry, + you don't have to have the whole key completely random, it can have a non-random part based on some obscure calculation; or you can make your malware connect to the internet and store keys on some compromised server)
obfuscation usually involves:
- obscuring variable names
- adding code that does useless work, or embedding malware code within code for a useful program (to obscure which parts are actually malware)
- 'encrypt' malware code itself, and make it so the malware first has to 'decrypt' the part that does actual malicious stuff (in python there's even a function exec() which you can give text, and it will interpret it as python code and execute). You can even have multiple steps of 'encryption', for better obscurity
- together with encryption, you can also split words that are used in your code into multiple parts, so automatic antivirus software can't easily figure out that you are using some kind of scary functions that can be considered malicious behavior
I know this is an old video but I absolutely love it! Yes it is simple code using open sourced code BUT it is still really cool and I LOVE how excited you are about it. You are the Vsauce of code!
hahahaha so true. watching in '24 ftw
That was awesome, I felt like I was riding on a scary fast rollercoaster.. wow man!
Thx C
Love this video!!! Keep making more videos on cryptography and ethical hacking, this was very interesting!! Thanks
deploying my own malware on Linode servers sounds like a good idea. thank you!
👆👆👆👆he will help u just don’t stress yourself much ok
what if i deploy it in a virtual box?
@@tajammul.shaheenYou'll still be a virgin.
Thanks a lot Chuck for sharing such an amazing content. Well done!!
i loves your videos! such an amazing content!
thank you very much sir!
Liked and subscribed
For checking for files: you could just do “not” a dir instead to make it more pythonic
Would love to see how you do all your business in the cloud. Not in a specific way or anything, just a general overview of the layout.
Just finished this project and this was a great addition to my GitHub. Tysm man.
Chuck: Here, take this amazing chocolate!
Also Chuck: Don't ever eat it.
It's so funny! I failed and was to eager to try this out, so I encrypted the decrypt script, just as you said "we need to add one more file to the list of non inclusive files!" haha thanks for this, I learned some new things while having fun with this!
7:00. Future video idea, show how to make recursive function calls (call the same function inside itself) to navigate through a directory tree.
Very well explained, informative, and very entertaining at the same time learning. Viewers will never get bored while listening to your explanation. Over all 1000 stars!
I've just started learning and fun-coding with Python. Getting more excited everyday. Education watchin Your Python videos makes me more excited and addicted to continue that journey everyday!
Thanks!
You are the best Chuck....Huge fan here from Samoa (WS) I've learn a lot of things from your channel
Fiafia stamaloa e hack haha, faifai malie uso. Much love
to make your key harder to find you can save it in the root path of a linux machine, using the os.system you can enter super user and access the file in the /bin directory and save files there, however this is risky as you may overwrite an already existing file there and break something, so double check the key
additionally to hide it further is after the execution of the python file you can write to itself to change its file path so when the user opens it after instead of seeing the file path you could change it to some other path or simply delete all the code afterwards
Or delete the key and just send it to your private server.
Thanks for this!
As a developer looking to make my way into DevOps, I find a lot of your content really helpful... This one was more just for fun but it was interesting to see just how easy it is to code malware!
I've said this before but I gotta compliment the voice again man, I could listen to you talk about literally anything. Deep, smooth, and peaceful yet enthusiastic - audible chocolate if ever I heard it.
Now off to go buy coffee from you...
Also, good job disclosing just the right amount of info to maximize the educational value, without giving away enough to make somebody truly dangerous.
You clearly put a good deal of thought into that.
the coolest guy on TH-cam, thanks man I am new to py but your explanations where amazing. I have a much greater understanding of py because of this video. I will certainly check out more of your videos containing py
Having my math exam tomorrow but still can't avoid this video 🥰
Chuck, what software do you use to draw on the screen? Is it epic pen?
After about half a year on my "Watch Later" I finally watched this video.
Interesting, straight forward! Also I could think of a Usecase as an automated and encrypted Backup or something like this.
love your vids man. can you make more videos on hacking tools with python or other languages.i know github exist but i love the energy you pu into these vids man
he is able to give us the method to destroy a state and give us his masterclass "it's for education purposes only" CHUCK THE GENIUS
I can't wait to do some "education purpose" on my school's computer
thank you for this! putting these on a resume has been helping me get attention from jobs
This video is really helpful. I really learnt a lot. Thank you!! 😃
Your channel is amazing, God bless you and your family chuck
If you wanted to implement a script like this in a remotely realistic environment, it would involve either bundling the python interpreter along with the script, or adding code that grabs it from the internet.
this is the interesting part, he always skips these...
or just compile it?
You can easily turn it into an executable however it's easy to decompile
@@robertolivavidal5898pretty sure a nice person like him most definitely wouldn't be telling us how to *ACTUALLY* create a malware
If he did so then again you're pretty much teaching people how to hack
It's like telling people how to do magic on someone and later saying don't do it, but you're not teaching one person you're teaching millions of people
You could teach them a rather basic magic or a extremely dangerous magic, again magic in this case being a virus
Virus sucks
DAMN this channel has an amazing energy!! LOVE IT
I literally have 0 idea how to code and know nothing about phython but still watched the whole thing.
Hey chuck! I know you’re a “beginner oriented” channel for the most part, but I was wondering if you could do a vim tutorial someday. I didn't think it was important to learn vim when I first started using Linux, but after exclusively using it for coding in my comp sci courses I finally understand the value in it and feel like it would be a great tool for other viewers of the channel to learn.
Can't stand vim
I agree vim is really useful, but I think a lot of chuck's viewers use windows, which makes vim less useful.
@@fistsfirst4584 although I do agree that it may not be useful to a windows user normally, couldn’t it still be useful when ssh’ing as a replacement for nano, especially when coding?
@halo X1 although you dare correct in saying that it’s a more complicated editor, it’s much faster to edit in compared to nano. It’s designed in such a way where you keep your fingers on the home row and are able to move from word to word, paragraph to paragraph, etc much faster than you would on something like nano. It also means that you could run commands to replace or insert text in different spaces without having to waste time manually moving to it with the arrow keys. Tl;Dr it’s saves a little bit of time with every action, leading to a lot of time saved in the long run.
vim for code? You must hate yourself lol
you have an excellent presentation skill man!
Thank you :)
This was so much fun to follow along with 😂I love it
Great informational video on malware !!!
Is it possible to do the encryption you did on all the files on the disk?
After running, it only encrypted the files that we created(File1.File2...)..
You had to copy the key to a remote server instead of leaving it on the same server. Also, some code to run the python script remotely. :) Sorry that would be too much information lol.
Super dope content Chuck! Very informative too!
Thank you!
Very informative, I greatly appreciate you Bro!
I've always told people that you wouldn't believe how easy it is. Sure, it can be more complicated, but im not out to make malware. Just educate my friends and family of what to watch out for. I love videos like these because they show the scary truth.
I have some ideas for you to make:
1. How to actually profit on Sweatcoin. This is a mobile app that gives you crypto for walking.
2. Java for noobs. I have seen TheNewBoston make a very good series on this, but uhh, is a bit old. Using that format with your own twist(coffee needed). I would also likely want to watch you more cus you are more weird and I like that.
3. How to host a good website. I'm talking multiple well placed servers to make connection quick for global users, a good talk about what to keep client side and server side(ahem if you want a max character limit then set that server side not client side. My school passwords still have this issue haha)
Thank you! I would love to see many of these things on your awesome channel.
sweatcoin is a scam and it is not crypto. you will never make money from it
@@jsephweaver meep
Super video Chuck your videos are awesome And informative to me and to everyone
the video is 25mins long and has been out for only 10mins how would you know how the video is like?
@@whatthehelllmao membership 😇
I just wanted to say that you make quite enjoyable tutorials. Inserting things like coffee breaks, different characters and drawing schemes makes it very relatable and easy to understand. You are are quite a good teacher. 🙂
Dude. top notch tutorials. i was clueless before this. legend
The problem with interpreted runtime programming languages is that the code can only be executed in a runtime environment, which is why Python is not used in real world scenarios. yes you can wrap the python script with other needed files but in the end languages like C/C++ or even Java are more common in this area
I agree, also, looks like your username was encrypted lol
you could use cx-freeze or pyinstaller to create a standalone binary
Right, but the principle is the same and it’s for the ones not being so familiar with programming.
@@AsaBowes that is what I meant. Pyinstaller simply packages files and then tells linux to treat the file as an executable using the EL format (in windows exe as packaged format). in linux everything is treated like a file and pyinstaller packs it and reformats it.
@@leox23 no, my username is encoded, not encrypted
I love this channel. You're just so excited to teach and you've got great engaging energy. Helps my ADHD brain function
Very nice man!! love the videos
bro, I am tired of learnig all of these stuff associated with linux and programming but when I'm watching you, I can't stop doing this
Congrats you've officially made us into potential criminals Good Job!!😂😂
I think it would be better to use a public-private key encryption. That way the script only needs the public key and thus no decryption key is present at any time in the host machine.
What is that
Every single time I was these kind of videos:
My Brain: I should try this in school computers