A Powerful Ransomware Tool for Security Testing Used by ReadTeams
Video Tutorial
·
Report Bug
·
Request Free Keygen
Table of Contents
Please First read the DISCLAIMER ⚠️ ⚠️
Jasmin is a different kind of ransomware worm by which many of your documents, photos, videos, database and other important files are no longer accessible because they have been encrypted and it becomes impossible for users to access their files without decryption tool and valid key.
This Tool is Developed to help Red teams and ethical hackers simulating a real ransomware attack.
There is really no shortcut for something like this. It's not enough to just know what files could be encrypted, and you certainly don't need a tool to tell you that.
This is a ransomware simulator that can safely encrypt some files on your computer, to let you know if your defenses are actually working. Jasmin Ransomware is developed by security researcher siddhant gour.
Why use Jasmin for security testing ?: ?:
- Jasmin Ransomware is developed using C#(.Net Framework) which makes it lighter in weight and easier to embed.
- You Can Simulate a real ransomware attack and bypass any kind of system securities .
- Powerful | Strong Encryption | Centralized Database on Server| Can Bypass Anti Virus.
-
Visual Studio 2019 or later
-
Xampp Server (Windows) or LAMP Server(Linux)
-
Ngrok for port forwarding
-
git clone https://github.com/codesiddhant/jasmin-ransomware.git
-
-
Copy the all the files in webpanel directory to htdocs or (/var/www/html)
-
Open Mysql Shell
- Login as Root user
mysql -h localhost -u root
- Create new database & assign user
CREATE DATABASE jasmin_db; CREATE USER 'jasminadmin'@'localhost' IDENTIFIED BY '123456'; GRANT ALL PRIVILEGES ON jasmin_db.* TO 'jasminadmin'@'localhost'; Exit
- Importing jasmin_db.sql file from database directory
mysql -u jasminadmin -p123456 jasmin_db < htdocs/database/jasmin_db.sql
- Loggin Dashboard
Open Google Chrome and visit http://localhost/
Use default credentialsUsername : siddhant Access Code : 123456
-
-
Note: You should have installed visual studio 2019 or later in your machine
- Use ngrok server for port forwarding (Wan Attack)
ngrok http localhost:80
- Copy Forwarding Address
- Configure variables
- => Inside "Jasmin Encrypter" directory open "Jasmin Encryptor.sln" file
- => Go to line number 34 & 35
- => Set Ngrok host address for "hostaddr" & "AlertMsgLink" Variable
- => Inside "Jasmin Encrypter" directory open "Jasmin Encryptor.sln" file
- Building .Exe File
- => Go to top nav bar & click to build => Clean Solution
- => Again click to build => Clean Jasmin Encryptor
- => Once Again click to build button => Rebuild Jasmin Encryptor
- => Go to "Jasmin Encryptor\bin\Release" directory !! Congrats Payload is ready
- => Go to top nav bar & click to build => Clean Solution
-
- Sending File to Victim's Pc
- Replace the email address inside "webpanel/alertmsg.zip/index.html"
- Now, Send this Payload file to your victims through emails or any socail other engineering technique you want
- When Ever our victim click on that payload file it will encrypt all important files and send the decryption key to our web dashboard
- For Custom alert message to your victims, edit the HTML file inside "webpanel/alertmsg.zip"
- Replace the email address inside "webpanel/alertmsg.zip/index.html"
- Sending File to Victim's Pc
-
- Decrypting Victims File
- => open "Jasmin decryptor\Jasmin decryptor.sln" & build the .exe file
- => get the SystemId from your victims through emails
- => download the Decryption key from web-dashboard for that SystemId
- => reply your victims with Decryption Tool and Passsword File
- => open "Jasmin decryptor\Jasmin decryptor.sln" & build the .exe file
- Decrypting Victims File
- Codesiddhant is a Github Page related to Computer Security and not a site that promotes hacking / cracking / software piracy.
- Do not attempt to violate the law with anything contained here. If you planned to use the tool for illegal purpose, then please leave this site immediately! We will not be responsible for your any illegal actions. Neither administration of this tool, the developer of this application, or anyone else affiliated in any way, is going to accept responsibility for your actions.
- You shall not misuse this tool to harm someone’s computer. However, you may try out these hacks on your own computer at your own risk. Simulating Ransomware attack (without permission) on computers that you do not own is illegal.
- We believe only in White Hat Hacking. On the other hand, we condemn Black Hat Hacking.
- A ransomware attack is considered to be illegal activity aside from capturing your data in the computer, it will demand you to pay a ransom fee. Encrypting someone’s data without their written permission is a punishable offense
Distributed under the MIT License. See LICENSE
for more information.