VaultLocker: writing a ‘ransomware’ using openSLL / using openSLL without throwing my laptop out of a window
In this post: https://sinister.ly/Thread-Learning-to-c...is--218821 I detail how making lockers / ransomwares in OpenSSL is clunky, impractical, and generally the domain of the common skid.
For this project I write a locker using OpenSSL. (heuhuehuehue)
About the Program:
This is a, EDUCATIONAL PROOF OF CONCEPT C++-based file encryptor using OpenSSL EVP for AES-256-CBC encryption. It recursively scans user directories, encrypts files matching specific extensions, and appends a .VAULT extension to encrypted files. A single AES key is randomly generated per session, then encrypted securely using a hardcoded RSA public key (PEM format) in memory, and stored in a binary file.
![[Image: desktop_lockscreen.png]](https://patched.to/pbb-proxy/UUNCQ0JeTUoWVkZLBgxNXRNVF0RdQlpaXUcEXhIeVQpUGGRWXB0zEAEYZwQUCU15CVQJUkofS1BVQE5YA1FSFhZaV1pfSwYAF1xFChE6VVoFXBFUSlVcWx1DD1c-/desktop_lockscreen.png)
Additional Features:
I have included a github link to this project as it contains everything you need - including the RSA key generator (see link below).
https://github.com/RemyQue/VaultLocker/tree/main
- Per-file IVs are prepended to encrypted output
- VSS (shadow copy) deletion via ShadowCopyManager
(I have a thread on this exact technique here: https://sinister.ly/Thread-Tutorial-Free...dows-10-11)
- Basic duplicate-encryption prevention (mutex from Wish)
- Extension filtering and recursive directory walk via std::filesystem
- AES key cleansing after use via OPENSSL_cleanse
- Includes a services module (changes wallpaper using setDesktopWallpaperFromResource() and drops a .txt onto the desktop)
- Targets a predefined array of file extensions
- Prioritizes ‘important’ dirs first, then walks drives A–Z attempting to encrypt them
- Both the encryptor/decryptor contain a working RSA keypair. I have included an RSA key generator anyhow, just build it.
- if you want to deploy this on some random machnine that you possess for testing, I have also included the OpenSSL static libs. Just build for MT instead of MT/DLL (as you embed this static lib instead of using installed DLLS)
Things to Look for in the Code:
- Use of WinAPI calls for everything (resource handling, file I/O, system settings) – look at how this works
- Silent failover: if one step fails, it doesn’t crash or throw – just returns false (good practice)
- Deletes the temp wallpaper file after setting it – always clean up after yourself
- No encoding check for the text file: assumes ANSI (via lstrlenA), not Unicode – maybe think about incorporating this
- Which parts of the program should be multithreaded? Consider getting the CPU core count and setting up concurrent encryption threads
About the Program (yes again):
Essentially this program was originally a demo for looking at hybrid encryption within OpenSSL (fucking nightmare library) that I fleshed out and threw some graphics into for a laugh. That being said, this does demonstrate effective hybrid encryption using OpenSSL static libs, and is actually quite feature-rich for beginners or anyone unfamiliar with the library.
Now while this is, in that respect, a fully functional ransomware that could theoretically be weaponized, it lacks many features that would make it practical or even functional for real-world use, especially for encrypting drives efficiently. The lack of multithreading and the fact the encryptor indiscriminately encrypts the full file makes it impractical and slow for targeting large drives, let alone networks. There are also probably a lot of issues with key handling and storage, etc.
I won’t walk through this program or go into as much detail as I usually do, for reasons detailed in my previous post - this is just a simple PoC / bit of a joke at my previous posts. This ones for you to play around with.
It’s still a fun and useful project for learning:
- How to generate and use keys with correct padding schemes
- How to handle AES encryption safely with per-file IVs and avoid classic pitfalls like static keys or ECB mode
- How to (ab)use WinAPI to mess with wallpapers, write files to system paths, and generally behave like a little gremlin
- How to think about layering: file-level operations, wallpapers, and key lifecycle all working together, etc.
Overview of the files VaultLocker, Decryptor, and RSA Tool
here’s a little AI generated overview of all components included in the VaultLocker project ZIP, including the decryptor and keygen modules:
Github link to project: https://github.com/RemyQue/VaultLocker/tree/main
- Remy
In this post: https://sinister.ly/Thread-Learning-to-c...is--218821 I detail how making lockers / ransomwares in OpenSSL is clunky, impractical, and generally the domain of the common skid.
For this project I write a locker using OpenSSL. (heuhuehuehue)
About the Program:
This is a, EDUCATIONAL PROOF OF CONCEPT C++-based file encryptor using OpenSSL EVP for AES-256-CBC encryption. It recursively scans user directories, encrypts files matching specific extensions, and appends a .VAULT extension to encrypted files. A single AES key is randomly generated per session, then encrypted securely using a hardcoded RSA public key (PEM format) in memory, and stored in a binary file.
Additional Features:
I have included a github link to this project as it contains everything you need - including the RSA key generator (see link below).
https://github.com/RemyQue/VaultLocker/tree/main
- Per-file IVs are prepended to encrypted output
- VSS (shadow copy) deletion via ShadowCopyManager
(I have a thread on this exact technique here: https://sinister.ly/Thread-Tutorial-Free...dows-10-11)
- Basic duplicate-encryption prevention (mutex from Wish)
- Extension filtering and recursive directory walk via std::filesystem
- AES key cleansing after use via OPENSSL_cleanse
- Includes a services module (changes wallpaper using setDesktopWallpaperFromResource() and drops a .txt onto the desktop)
- Targets a predefined array of file extensions
- Prioritizes ‘important’ dirs first, then walks drives A–Z attempting to encrypt them
- Both the encryptor/decryptor contain a working RSA keypair. I have included an RSA key generator anyhow, just build it.
- if you want to deploy this on some random machnine that you possess for testing, I have also included the OpenSSL static libs. Just build for MT instead of MT/DLL (as you embed this static lib instead of using installed DLLS)
Things to Look for in the Code:
- Use of WinAPI calls for everything (resource handling, file I/O, system settings) – look at how this works
- Silent failover: if one step fails, it doesn’t crash or throw – just returns false (good practice)
- Deletes the temp wallpaper file after setting it – always clean up after yourself
- No encoding check for the text file: assumes ANSI (via lstrlenA), not Unicode – maybe think about incorporating this
- Which parts of the program should be multithreaded? Consider getting the CPU core count and setting up concurrent encryption threads
About the Program (yes again):
Essentially this program was originally a demo for looking at hybrid encryption within OpenSSL (fucking nightmare library) that I fleshed out and threw some graphics into for a laugh. That being said, this does demonstrate effective hybrid encryption using OpenSSL static libs, and is actually quite feature-rich for beginners or anyone unfamiliar with the library.
Now while this is, in that respect, a fully functional ransomware that could theoretically be weaponized, it lacks many features that would make it practical or even functional for real-world use, especially for encrypting drives efficiently. The lack of multithreading and the fact the encryptor indiscriminately encrypts the full file makes it impractical and slow for targeting large drives, let alone networks. There are also probably a lot of issues with key handling and storage, etc.
I won’t walk through this program or go into as much detail as I usually do, for reasons detailed in my previous post - this is just a simple PoC / bit of a joke at my previous posts. This ones for you to play around with.
It’s still a fun and useful project for learning:
- How to generate and use keys with correct padding schemes
- How to handle AES encryption safely with per-file IVs and avoid classic pitfalls like static keys or ECB mode
- How to (ab)use WinAPI to mess with wallpapers, write files to system paths, and generally behave like a little gremlin
- How to think about layering: file-level operations, wallpapers, and key lifecycle all working together, etc.
Overview of the files VaultLocker, Decryptor, and RSA Tool
here’s a little AI generated overview of all components included in the VaultLocker project ZIP, including the decryptor and keygen modules:
Code:
VaultLocker.cpp
// Entry point for the locker. Scans user/system dirs, filters file extensions, encrypts with AES-256-CBC, saves IV+data.
// Sets wallpaper, drops a ransom note, cleans up temp files, and uses WinAPI for stealth and system interaction.
Crypto.cpp/.h
// Core encryption engine. Handles:
// - Per-file AES encryption (CBC mode, random IVs)
// - RSA public key loading (PEM), AES key wrapping
// - Uses OpenSSL EVP for safe block-level processing
KeyManager.cpp/.h
// Generates secure random AES key via RAND_bytes
// Loads and uses hardcoded RSA public key to encrypt that key (hybrid encryption)
// Stores the encrypted AES key to disk for recovery
Service.cpp/.h
// Wallpaper replacement using WinAPI SystemParametersInfo
// Drops a static .txt note to Desktop
// Deletes temp resources after use
Utils.cpp/.h
// Helper functions: mutex handling, extension filtering, recursive file walking, etc.
// Provides clean abstraction for WinAPI + filesystem logic
constants.h
// Lists:
// - File extensions to target
// - Priority directories
// - Hardcoded names/paths
// - Wallpaper resource ID
Resources.rc
// Windows resource script defining embedded images (wallpaper)
VL_Decryptor.cpp
// Standalone decryptor tool
// Loads the encrypted AES key from file, prompts for corresponding RSA private key
// Decrypts AES key, scans encrypted files (.VAULT), and restores original content using stored IVs
// Verifies file format before decrypting to avoid corruption
rsa_keygen.cpp
// RSA utility to generate a 2048-bit RSA keypair (PEM format)
// Output: public key (for locker), private key (for decryptor)
// Uses OpenSSL BN + RSA APIs to safely write keys to disk Github link to project: https://github.com/RemyQue/VaultLocker/tree/main
- Remy