slae32 crypters
1.0.0
학생 ID : SLAE-1530
이 Shellcode Crypter는 RC4 Cipher를 사용하여 메모리에서 직접 페이로드를 암호화하고 해독합니다.
RC4 키는 Crypter와 Stub에 의해 알려져 있지 않으며, 스터브 런 타임 CRC32(Random(Length=4)) 에서 크게 강화됩니다. 랜덤 키의 길이를 자유롭게 늘리십시오. Shellcode가 해독되기 전 시간이 상당히 증가 할 수 있습니다.
런타임에 페이로드가 암호 해독되면 스터브는 새로운 실행 가능한 메모리 영역을 생성하고 해당 해당 쉘 코드를 해당 영역으로 복사합니다.
그것은 스택을 실행할 필요가 없다는 것을 의미합니다.
페이로드는 생성 된 스터브의 EOF에 저장됩니다.
스텁과 크리 파트를 모두 컴파일하려면 Linux 시스템에 나사로 IDE를 설치해야합니다.
Ubuntu / Debian에서는 다음 명령을 사용할 수 있습니다.
로컬@사용자 : $ sudo apt install lazarus
로컬@사용자 : $ Crypter/dist/crypter <shellcode> <outputfile>
로컬@사용자 : $ Crypter/dist/crypter "x31xc0x50x68x62x61x73x68x68x69x6ex2fx2fx68x2fx2fx2fx62x89xe3x66xb8x2dx63x50x31xc0x89xe2x50x68x73x73x77x64x68x63x2fx70x61x68x20x2fx65x74x68x2fx63x61x74x68x2fx62x69x6ex89xe6x50x56x52x53x89xe1x50x89xe2xb0x0bxcdx80" /tmp/encrypted_payload
로컬@사용자 : $ /tmp/encrypted_payload
Build.pybuild.py 스크립트는 스터브 와 크리터를 모두 컴파일하도록 설계되었지만뿐만 아니라뿐만 아니라
새 스터브 프로그램 버전이 생성되면 스크립트가 크리터 내부에 직접 원시 스터브를 포함시킵니다.
Crypter 프로그램이 완전히 독립형이므로 스터브가 내부에 포함되어 있기 때문에 필요합니다.
로컬@사용자 : $ cd Crypter && python3 build.py
phrozen@ubuntu:~/SLAE32/SLAE-Exam/Level7/git/slae32-crypters$ cd Crypter && python3 build.py
[*] Compile stub project...
Hint: (11030) Start of reading config file /etc/fpc.cfg
Hint: (11031) End of reading config file /etc/fpc.cfg
Free Pascal Compiler version 3.0.4+dfsg-18ubuntu2 [2018/08/29] for i386
Copyright (c) 1993-2017 by Florian Klaempfl and others
(1002) Target OS: Linux for i386
(3104) Compiling stub.dpr
(3104) Compiling ../shared/unteof.pas
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/unteof.pas(92,47) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
(3104) Compiling ../shared/untrc4.pas
(3104) Compiling ../shared/untcrc32.pas
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untcrc32.pas(113,43) Hint: (4055) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untcrc32.pas(113,61) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untcrc32.pas(113,37) Warning: (4056) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,13) Hint: (4055) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,31) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,7) Warning: (4056) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,56) Hint: (4055) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,74) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,50) Warning: (4056) Conversion between ordinals and pointers is not portable
(3104) Compiling ../shared/untfunctions.pas
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untfunctions.pas(30,37) Hint: (4055) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untfunctions.pas(30,55) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untfunctions.pas(30,31) Warning: (4056) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/stub.dpr(43,30) Hint: (4079) Converting the operands to "Int64" before doing the add could prevent overflow errors.
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/stub.dpr(31,5) Note: (5025) Local variable "n" not used
(9015) Linking stub
/usr/bin/ld.bfd: warning: link.res contains output sections; did you forget -T?
(1008) 836 lines compiled, 0.2 sec
(1021) 4 warning(s) issued
(1022) 12 hint(s) issued
(1023) 1 note(s) issued
[+] Stub project successfully built.
[*] Patch stub file on crypter project...
[*] Finding tags locations
[+] Tags found. tag_begin=433, tag_end=6263778
[*] Generate stub array...
[*] Patch stub source file...
[+] Stub source file successfully patched.
[*] Compile crypter project...
Hint: (11030) Start of reading config file /etc/fpc.cfg
Hint: (11031) End of reading config file /etc/fpc.cfg
Free Pascal Compiler version 3.0.4+dfsg-18ubuntu2 [2018/08/29] for i386
Copyright (c) 1993-2017 by Florian Klaempfl and others
(1002) Target OS: Linux for i386
(3104) Compiling crypter.dpr
(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas
(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untcrc32.pas
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untcrc32.pas(113,43) Hint: (4055) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untcrc32.pas(113,61) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untcrc32.pas(113,37) Warning: (4056) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,13) Hint: (4055) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,31) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,7) Warning: (4056) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,56) Hint: (4055) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,74) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,50) Warning: (4056) Conversion between ordinals and pointers is not portable
(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untfunctions.pas
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untfunctions.pas(30,37) Hint: (4055) Conversion between ordinals and pointers is not portable
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untfunctions.pas(30,55) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untfunctions.pas(30,31) Warning: (4056) Conversion between ordinals and pointers is not portable
(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/unttypes.pas
(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/unteof.pas
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/unteof.pas(92,47) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result
(3104) Compiling untlocalfunctions.pas
(3104) Compiling untstub.pas
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/crypter/crypter.dpr(33,61) Hint: (5092) Variable "AShellcode" of a managed type does not seem to be initialized
/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/crypter/crypter.dpr(49,75) Hint: (5058) Variable "ASignature" does not seem to be initialized
(9015) Linking crypter
/usr/bin/ld.bfd: warning: link.res contains output sections; did you forget -T?
(1008) 78238 lines compiled, 0.8 sec
(1021) 4 warning(s) issued
(1022) 13 hint(s) issued
[+] Crypter project successfully built.
[*] copy crypter to "dist" directory...
[*] doing some cleanup...
[+] Crypter successfully compiled and is ready for use!
[*] Have fun :-)
