XR3X

Jump to content


Photo

Scantime crypter in C++


  • You cannot start a new topic
  • Please log in to reply
4 replies to this topic

#1 etf

etf

    Newbie

  • Member
  • 2 posts

Posted 10 July 2015 - 04:25 PM

I'm learning cryptography for some time. I understand how some cryptographic algorithms work (Rijndael, DES,...), I mean for any text as input I know how to get ciphertext using these algorithms. I have also some understanding in programming languages C and C++.  I'm interested in writing scantime crypter. I don't have some deep understanding on how Antivirus software works but I know that every Antivirus has base of signatures, so when we scan .exe it actually compares signature of .exe with signatures in it's own base, and if it matches, Antivirus will identify .exe as malware. So by applying some cryptographic algorithm on .exe, we change signature of .exe, so antivirus can't detect it as malware. My question is, how cryptographic algorithm is applied on .exe file? How it is done in C++ (or in C)?
Thanks in advance
 


#2 Fath0m

Fath0m

    Newbie

  • Member
  • 1 posts

Posted 10 July 2015 - 08:47 PM

Well, despite its useless to implement any "Scan-time-Crypter" to bypass AV you should focus on basic programming skills.

 

-Open your Executable

-Encrypt

-Add encrypted output as resource to Stub.

-Let the Stub decrypt and drop on disk

-Execute dropped file

 

 

Check example how to encrypt/Decrpyt file:

Please Login or Register to see this Hidden Content

 

Check example how to update resource file of a stub:

Please Login or Register to see this Hidden Content

 

 

 

 


Edited by Fath0m, 10 July 2015 - 08:58 PM.

  • etf likes this

#3 Ubuntu

Ubuntu

    Member

  • Members +
  • 53 posts
  • LocationInside a dark room with no light

Posted 11 July 2015 - 02:52 PM

sign you viruz with digital certificate paid service :) no crypter need lol.. when AV companies flag it then ready for jail lol

 

by the time they find it enjoy your life just like bx1 <> reine & put a smile on ya face in from of camerazz  lolz


Edited by Ubuntu, 11 July 2015 - 03:05 PM.

  • Hess and etf like this

ALIENS AROUND US,YOU NEVER KNOW WHO


#4 etf

etf

    Newbie

  • Member
  • 2 posts

Posted 12 July 2015 - 01:41 AM

@Fath0m,
Thanks for reply. I tried to encrypt/decrypt using example you provided, but I got some errors when I try to compile application. Here is what I tried.

I downloaded library from

Please Login or Register to see this Hidden Content

and extracted it (I downloaded Chilkat C/C++ Libs for VC++ 2015 / x64).

I created new project, Win32 Console Application and pasted code from example you provided (I modified default path of CkCrypt2.h to match with path where I extracted library and I included iostream library). I linked library ChilkatDbg_x64.lib (I'm using Visual Studio 2013 Ultimate),  but I get errors when I try to compile application. Under Properties (of my project)->C++->Code Generation->Runtime Library-> Runtime Library - Multi-threaded Debug (/MTd) is selected. Here are errors:

 

1>Source.obj : error LNK2019: unresolved external symbol "public: bool __thiscall CkCrypt2::CkEncryptFile(char const *,char const *)" ([email protected]@@[email protected]) referenced in function "void __cdecl ChilkatSample(void)" ([email protected]@YAXXZ)

1>Source.obj : error LNK2019: unresolved external symbol "public: void __thiscall CkCrypt2::SetEncodedIV(char const *,char const *)" ([email protected][email protected]@[email protected]) referenced in function "void __cdecl ChilkatSample(void)" ([email protected]@YAXXZ) 1>Source.obj : error LNK2019: unresolved external symbol "public: void __thiscall CkCrypt2::SetEncodedKey(char const *,char const *)" ([email protected]@@[email protected]) referenced in function "void __cdecl ChilkatSample(void)" ([email protected]@YAXXZ)
1>Source.obj : error LNK2019: unresolved external symbol "public: bool __thiscall CkCrypt2::UnlockComponent(char const *)" ([email protected]@@[email protected]) referenced in function "void __cdecl ChilkatSample(void)" ([email protected]@YAXXZ) 1>LIBCMTD.lib(crt0.obj) : error LNK2019: unresolved external symbol _main referenced in function ___tmainCRTStartup 1>c:\users\hae\documents\visual studio 2013\Projects\ConsoleApplication4\Debug\ConsoleApplication4.exe : fatal error LNK1120: 12 unresolved externals ========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========

 

Any idea what is problem?

Please Login or Register to see this Hidden Content

Please Login or Register to see this Hidden Content

 


Edited by etf, 12 July 2015 - 01:42 AM.


#5 Hess

Hess

    Intelligence Service

  • Loyalist
  • 3,631 posts
  • LocationBelgrade
Contributor

Posted 13 July 2015 - 10:46 AM

@

Please Login or Register to see this Hidden Content

, lol , he did it great , now , I hope he didn't drop the soap ! :D