-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathransomware.html
More file actions
84 lines (63 loc) · 4.2 KB
/
ransomware.html
File metadata and controls
84 lines (63 loc) · 4.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<!-- saved from url=(0080)http://mountrouidoux.people.cofc.edu/CyberPaths/intrusiondetectionsystem_v2.html -->
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Ransomware Lab</title>
<link rel="stylesheet" style="text/css" href="./css/skeleton.css" media="screen">
<link rel="stylesheet" style="text/css" href="./css/skeleton.css" media="print">
<script src="js/jquery.js"></script>
<script src="js/main.js"></script>
</head>
<body>
<div class="container">
<div id="header">
<div id="header_info">
<center><h1 id="logo_cyber">Cyberpaths</h1></center>
</div>
</div>
<div id="site_body">
<div id="actual_content">
<div id="main_title"><center><h5>- Ransomware Lab -</h5></center></div><br><br>
<div class="title_bg"><h3>Lab Goals</h3></div><hr>
<div class="subcontent">
<ol class="instructions">
<li> Understand the detrimental effects of ransomware.</li>
<li> Reverse engineer simple ransomware software. </li>
</ol>
</div>
<br><h3>Quick introduction to Ransomware</h3><hr>
<div class="subcontent">
<ol class="instructions">
Ransomware is malicious software that blocks access to a computer or information until a specific amount of money has been paid. It belongs to the general category of <a href='https://en.wikipedia.org/wiki/Malware' target=_blank>malware</a>, i.e., malicious, intrusive software.
<br>
</ol>
</div>
<br><h3>Prerequisites</h3><hr>
<div class='subcontent'>
<ol class='instructions'>
<li>You will need basic command line knowledge to complete this lab. Codecademy has a great <a href='https://www.codecademy.com/learn/learn-the-command-line' target=_blank>tutorial</a> on this topic.</li>
<li>Basic cryptography: Khan academy has a great class on cryptography and these ciphers that can be found <a href='https://www.khanacademy.org/computing/computer-science/cryptography' target=_blank>here.</a>
<li>Hashing: <a href='https://www.khanacademy.org/economics-finance-domain/core-finance/money-and-banking/bitcoin/v/bitcoin-cryptographic-hash-function' target=_blank>Here</a> is an interesting video from khan academy on hash functions.</li>
</ol>
</div>
<br><div class="title_bg"><h3>Part 1: Setting up the topology</h3></div><hr>
<div class="subcontent">
<ol class="instructions">
<li> Reserve a single Xen VM with default settings</li>
<li> Log onto the node and download the provided <a href='https://github.com/mundruid/CyberPaths/raw/master/RSpecs/ransomewareLabFiles.zip' target=_blank>text files</a> and python script <a href='https://raw.githubusercontent.com/mundruid/CyberPaths/master/pythonScripts/scan_directories.py' target=_blank download="scan_directories.py">scan_directories.py </a> (Right click and save link as scan_directories.py)</li>
</ol>
</div>
<br><div class="title_bg"><h3>Part 2: The Mission</h3></div><hr>
<div class="subcontent">
<ol class="instructions">
<li> Log onto the machine assigned by your instructor.</li>
<li> Find all the files by using the proper directory listing commands and view those files.<br><center><img class="u-max-full-width" src="img/screenshots/screenshot_step2_rware.png"></center></li>
<li> Run the file scan_directories.py to scan your machine for viruses by using the following command: <pre><code>python scan_directories.py</code></pre></li>
<li> Open the text files again, after the scan_directories.py has been executed.<br><center><img class="u-max-full-width" src="img/screenshots/screenshot_step4_rware.png"></center></li>
<li> What do you think happened? Can you convert the files back to their original form?</li>
<li> Open the file scan_directories.py with your favorite text editor. What do you think this code is doing? </li>
<li> Should you run a file that someone sent you on an email, even if this looks like a file sent by your manager/instructor/ someone you know? <b>Why?</b></li>
</ol>
</div>
</div>
</div>
</div>
</body></html>