public static string Payload(string URL, NameValueCollection Values, bool encrypted = false) { try { switch (encrypted) { case false: return(Encoding.Default.GetString(new WebClient { Proxy = null }.UploadValues(URL, Values))); case true: string message = Encoding.Default.GetString(new WebClient { Proxy = null }.UploadValues(URL, Values)); string password = Encoding.Default.GetString(Convert.FromBase64String(ENCRYPT_KEY)); SHA256 mySHA256 = SHA256Managed.Create(); byte[] key = mySHA256.ComputeHash(Encoding.ASCII.GetBytes(password)); byte[] iv = Encoding.ASCII.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(ENCRYPT_SALT))); string decrypted = String_Encryption.DecryptString(message, key, iv); return(decrypted); default: Dictionary <string, object> ERROR = new Dictionary <string, object>(); ERROR.Add("result", "net_error"); return(JsonConvert.SerializeObject(ERROR)); } } catch (WebException E) { Dictionary <string, object> ERROR = new Dictionary <string, object>(); HttpWebResponse response = (HttpWebResponse)E.Response; switch (response.StatusCode) { case HttpStatusCode.NotFound: ERROR.Add("result", "net_error"); break; case HttpStatusCode.RequestEntityTooLarge: ERROR.Add("result", "net_error"); break; case HttpStatusCode.ServiceUnavailable: ERROR.Add("result", "net_error"); break; case HttpStatusCode.Forbidden: ERROR.Add("result", "net_error"); break; } Console.WriteLine(E.ToString()); ERROR.Add("result", "net_error"); return(JsonConvert.SerializeObject(ERROR)); } }
public static string Payload_ENCRYPT(string value) { string message = value; string password = Encoding.Default.GetString(Convert.FromBase64String(ENCRYPT_KEY)); SHA256 mySHA256 = SHA256Managed.Create(); byte[] key = mySHA256.ComputeHash(Encoding.ASCII.GetBytes(password)); byte[] iv = Encoding.ASCII.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(ENCRYPT_SALT))); string decrypted = String_Encryption.EncryptString(message, key, iv); return(decrypted); }
// Token: 0x060000FE RID: 254 RVA: 0x00015024 File Offset: 0x00013224 private void metroButton2_Click(object sender, EventArgs e) { ModuleDef moduleDef = ModuleDefMD.Load(this.metroTextBox1.Text); bool numberToString = Settings.NumberToString; if (numberToString) { Constants__numbers_.ObfuscateNumbers(moduleDef); } bool stackUnderflow = Settings.StackUnderflow; if (stackUnderflow) { Stack_Underflow.StackUnderflow(moduleDef); } bool sizeOf = Settings.SizeOf; if (sizeOf) { SizeOf.Sizeof(moduleDef); } bool disConstants = Settings.DisConstants; if (disConstants) { Distant_Constants.DisConstants(moduleDef); } bool refProxy = Settings.RefProxy; if (refProxy) { Method_Wiper.Execute(moduleDef); } bool constants = Settings.Constants; if (constants) { Constants__numbers_.Inject(moduleDef); } bool localToFields = Settings.LocalToFields; if (localToFields) { LocalToFields.Protect(moduleDef); } bool renamer = Settings.Renamer; if (renamer) { Renamer.Execute(moduleDef); } bool controlFlow = Settings.ControlFlow; if (controlFlow) { Control_Flow.Encrypt(moduleDef); Constants__numbers_.Execute(moduleDef); } bool constant_Mutation = Settings.Constant_Mutation; if (constant_Mutation) { Constant_Mutation.Execute(moduleDef); } bool antiDe4dot = Settings.AntiDe4dot; if (antiDe4dot) { Anti_De4dot.RemoveDe4dot(moduleDef); } bool antiILdasm = Settings.AntiILdasm; if (antiILdasm) { Anti_ILDasm.Anti(moduleDef); } bool koiVMFakeSig = Settings.KoiVMFakeSig; if (koiVMFakeSig) { KoiVM_Fake_Watermark.Execute(moduleDef); } bool antiDump = Settings.AntiDump; if (antiDump) { AntiDump.Inject(moduleDef); } bool invalidMetadata = Settings.InvalidMetadata; if (invalidMetadata) { Invalid_Metadata.InvalidMD(moduleDef); } bool calli = Settings.Calli; if (calli) { Calli.Execute(moduleDef); } bool antiHTTPDebugger = Settings.AntiHTTPDebugger; if (antiHTTPDebugger) { Anti_Http_Debugger.Execute(moduleDef); } bool antiFiddler = Settings.AntiFiddler; if (antiFiddler) { Anti_Fiddler.Execute(moduleDef); } bool stringEncryption = Settings.StringEncryption; if (stringEncryption) { String_Encryption.Inject(moduleDef); } Watermark.Execute(moduleDef); ModuleDef manifestModule = moduleDef.Assembly.ManifestModule; moduleDef.EntryPoint.Name = "BlinkRE"; moduleDef.Mvid = new Guid?(Guid.NewGuid()); bool strong = Settings.Strong; if (strong) { Protection.Protect(moduleDef); Inject.ProtectValue(moduleDef); Inject.DoubleProtect(moduleDef); Inject.Triple(moduleDef); Inject.Triple(moduleDef); Method_Wiper.Execute(moduleDef); Assembly.MarkAssembly(moduleDef); Locals.Protect(moduleDef); } Directory.CreateDirectory(".\\AtomicProtected"); moduleDef.Write(".\\AtomicProtected\\" + Path.GetFileName(this.metroTextBox1.Text), new ModuleWriterOptions(moduleDef) { PEHeadersOptions = { NumberOfRvaAndSizes = new uint?(13U) }, MetaDataOptions = { TablesHeapOptions = { ExtraData = new uint?(4919U) } }, Logger = DummyLogger.NoThrowInstance }); Process.Start(".\\AtomicProtected"); MessageBox.Show("Obfuscation complete! Restart to obfuscate again"); Environment.Exit(0); }