Theodoraki Emmanouela
Development of the file "ransomware.sh" which is able to execute 2 functions.
The user gives a number of files that wants to be encrypted and a directorty to create them in. ./ransomware -f 1 -e -d <-e> files are created in a loop using the shared library "logger.so" and the file "ransom_logs.c". Then each file is being encrypted with openssl -aes-256-cbc and lastly the original files are being deleted.
The user gives a number of files that wants to be created in a given directorty. ./ransomware -f 2 -c -d <-c> files are created in a loop and using the shared library "logger.so" and the file "ransom_logs.c"
In order to use the shared library "logger.so" the following commands were called every time a file access happend.
LD_PRELOAD=./logger.so ./ransom_logs "${DIR}" "e" "$i" -> for the new files created for the following encryption
LD_PRELOAD=./logger.so ./ransom_logs "${DIR}" "ee" "$j" -> for the encrypted files created and the original files that opened
LD_PRELOAD=./logger.so ./ransom_logs "${DIR}" "c" "$i" -> for the new files created
In the file_ogging.log file we can see the corresponding logs.