Hi, I just finished my own crypter, I write it in vb and it works "great". Scanning online it went from 27/35 detection to 1/35, the only problem is that it is only scantime. Practically it merges the stub, the crypted payload and a file to bind with, using a certain string as splitter, when the file is ran it splits the contents and create a temp .exe with the payload encrypted and then execute it. Logically the AV detects it and removes it before it's launched so it is pretty useless. I read about the runtime crypter that decrypt the payload directly in memory so the AV can't detect it, but I don't understand how to do it, so can someone point me in the right direction? Maybe linking me something about it, I'll appreciate. Thanks
Forum Thread: Make Runtime Crypter
- Hot
- Active
-
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
23
Replies
1 hr ago -
Forum Thread:
How to Infect a Device?
2
Replies
4 hrs ago -
Forum Thread:
Tp-Link wn722n Usb Porblem with Kali Linux.
53
Replies
4 hrs ago -
Forum Thread:
Airmon-Ng and Airodump-Ng Not Working on Kali Linux
21
Replies
8 hrs ago -
Forum Thread:
how to become a hacker and what i have to do after 12th :)
0
Replies
8 hrs ago -
Forum Thread:
How to Install VMWare Tools in Kali Linux Rolling 2016
1
Replies
20 hrs ago -
Forum Thread:
Hacking Android Problem!
6
Replies
1 day ago -
Forum Thread:
Does iCloud Tell Their Users Anything if You Change Their Password Through Security Questions?
0
Replies
1 day ago -
Forum Thread:
How to Remotely Control a Sony Bravia or View Its Contents
0
Replies
1 day ago -
Forum Thread:
Can We Send Apk File Which Install in Android without users notice and Then Send Us Audio File and Record Every Bit of
6
Replies
1 day ago -
Forum Thread:
DNS Spoofing Doesn't Work
2
Replies
1 day ago -
Forum Thread:
Why Do I Want to Be a Hacker? (For Newbies) 2017
4
Replies
1 day ago -
Forum Thread:
MSF Handler Failed Bind to External Ip
3
Replies
2 days ago -
Forum Thread:
How Can Hack Someones Android Phone in Same Wifi Network???
4
Replies
2 days ago -
Forum Thread:
Exploit Failed [Bad-Config] Rex::Bindfailed
2
Replies
2 days ago -
Forum Thread:
[Problem] Meterpreter, Migrate and Antivirus
3
Replies
2 days ago -
Forum Thread:
I Can't Hack Anything with Metasploit
5
Replies
2 days ago -
Forum Thread:
I'm Having Trouble with Metasploit
5
Replies
2 days ago -
Forum Thread:
Windows 10 Exploits
14
Replies
2 days ago -
Forum Thread:
Hacking into Whatsapp Series, Part 2: Phishing.
1
Replies
3 days ago
-
How to Use PowerShell Empire:
Getting Started with Post-Exploitation of Windows Hosts
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
Simulate a RAT on Your Network with ShinoBOT
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How to Hack Wi-Fi:
Build a Software-Based Wi-Fi Jammer with Airgeddon
-
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
-
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
-
How To:
Set Up SoftEther VPN on Windows to Keep Your Data Secure
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
-
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
The Hacks of Mr. Robot:
How to Spy on Anyone's Smartphone Activity
-
Hack Like a Pro:
How to Crack Passwords, Part 1 (Principles & Technologies)
-
How To:
Install Kali Live on a USB Drive (With Persistence, Optional)
-
How To:
Hack Windows 7 (Become Admin)
-
How to Hack Wi-Fi:
Creating an Evil Twin Wireless Access Point to Eavesdrop on Data
-
How To:
Hack Android Using Kali (Remotely)
2 Responses
You can take a look to the code of UPX . It is a packer, but the principle is the same (run-time unzip pretty much the same than run-time decrypt). Maybe somebody else can give you better pointers specifically for Windows.
You can also take a look to this very basic article for the overall idea on how they work. It targets ELF format for Linux though.
For Windows the executable format is called PE . I bet it would be pretty much the same thing but I had never played with PE so I cannot say for sure.
Good Luck
Thank you, I'll give it a shot
Share Your Thoughts