{"id":15374450,"url":"https://github.com/ivan-sincek/php-ransomware","last_synced_at":"2025-03-30T08:31:13.024Z","repository":{"id":47292419,"uuid":"170514614","full_name":"ivan-sincek/php-ransomware","owner":"ivan-sincek","description":"PHP ransomware that encrypts your files, as well as file and directory names.","archived":true,"fork":false,"pushed_at":"2023-04-25T15:06:33.000Z","size":309,"stargazers_count":114,"open_issues_count":0,"forks_count":63,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-02-05T11:48:57.331Z","etag":null,"topics":["defensive-security","ethical-hacking","malware","offensive-security","openssl","php","ransomware","reverse-engineering","security"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ivan-sincek.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-02-13T13:41:38.000Z","updated_at":"2024-12-12T15:20:02.000Z","dependencies_parsed_at":"2024-10-16T14:01:10.945Z","dependency_job_id":null,"html_url":"https://github.com/ivan-sincek/php-ransomware","commit_stats":{"total_commits":1,"total_committers":1,"mean_commits":1.0,"dds":0.0,"last_synced_commit":"a37037eda8b86ed32d8af5ea0791b4d122cb0921"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivan-sincek%2Fphp-ransomware","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivan-sincek%2Fphp-ransomware/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivan-sincek%2Fphp-ransomware/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ivan-sincek%2Fphp-ransomware/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ivan-sincek","download_url":"https://codeload.github.com/ivan-sincek/php-ransomware/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246296497,"owners_count":20754627,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["defensive-security","ethical-hacking","malware","offensive-security","openssl","php","ransomware","reverse-engineering","security"],"created_at":"2024-10-01T13:58:49.197Z","updated_at":"2025-03-30T08:31:12.658Z","avatar_url":"https://github.com/ivan-sincek.png","language":"PHP","readme":"# PHP Ransomware\n\nPHP ransomware that encrypts your files, as well as file and directory names.\n\nRansomware is set to start encrypting files and directories from the server's web root directory and only inside the server's web root directory.\n\n**Ransomware will self-destruct upon running, which means you only have one chance at decrypting your data.**\n\n**Keep also in mind that each decryption file has a uniquely generated salt used in encryption and as such cannot be replaced with another decryption file.**\n\nTested on XAMPP for Windows v7.4.3 (64-bit) with PHP v7.4.3.\n\nMade for educational purposes. I hope it will help!\n\n**IMPORTANT!: Please DO NOT use this ransomware for illegal purposes! I have no [liability](https://github.com/ivan-sincek/php-ransomware/blob/master/LICENSE) over your actions!**\n\n## How to Run\n\nRequires PHP v5.5.0 or greater because `openssl_pbkdf2()` is used.\n\n**Care not to do any damage! Backup your server files before running ransomware! Script will crash on large files!**\n\nCopy [\\\\src\\\\encrypt.php](https://github.com/ivan-sincek/php-ransomware/blob/master/src/encrypt.php) to your server's web root directory (e.g. to \\\\xampp\\\\htdocs\\\\ on XAMPP).\n\nNavigate to the encryption file with your preferred web browser.\n\nDecryption file will be created automatically after the encryption phase.\n\n---\n\nOn web servers other than XAMPP (Apache) you might need to load `OpenSSL` and `Multibyte String` libraries in PHP.\n\nIn XAMPP it is as simple as uncommenting the following in `php.ini`:\n\n```fundamental\nextension=php_openssl.dll\nextension=mbstring\n```\n\n## Images\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://github.com/ivan-sincek/php-ransomware/blob/master/img/ransomware.jpg\" alt=\"Ransomware\"\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003eFigure 1 - Ransomware\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"https://github.com/ivan-sincek/php-ransomware/blob/master/img/encrypted_content.jpg\" alt=\"Encrypted Content\"\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003eFigure 2 - Encrypted Content\u003c/p\u003e\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fivan-sincek%2Fphp-ransomware","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fivan-sincek%2Fphp-ransomware","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fivan-sincek%2Fphp-ransomware/lists"}