Hi, I just finished my own crypter, I write it in vb and it works "great". Scanning online it went from 27/35 detection to 1/35, the only problem is that it is only scantime. Practically it merges the stub, the crypted payload and a file to bind with, using a certain string as splitter, when the file is ran it splits the contents and create a temp .exe with the payload encrypted and then execute it. Logically the AV detects it and removes it before it's launched so it is pretty useless. I read about the runtime crypter that decrypt the payload directly in memory so the AV can't detect it, but I don't understand how to do it, so can someone point me in the right direction? Maybe linking me something about it, I'll appreciate. Thanks
Forum Thread: Make Runtime Crypter
- Hot
- Active
-
Forum Thread:
Hack Instagram Account Using BruteForce
196
Replies
6 hrs ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
13
Replies
3 days ago -
Forum Thread:
How to Hack School Website
8
Replies
3 days ago -
Forum Thread:
HACKING GMAIL
2
Replies
3 days ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
49
Replies
3 days ago -
Forum Thread:
How Do You Hack an Iphone?
5
Replies
3 days ago -
Forum Thread:
Metasploit Reverse TCP Listener for Public IP Address
3
Replies
1 wk ago -
Forum Thread:
Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce
164
Replies
1 wk ago -
Forum Thread:
While msfconsole i'm getting this.
5
Replies
2 wks ago -
Forum Thread:
How to Pastebin Accounts
8
Replies
2 wks ago -
Forum Thread:
Eml to PST Conversion
5
Replies
2 wks ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
10
Replies
2 wks ago -
Forum Thread:
Changing IP Address
10
Replies
3 wks ago -
Forum Thread:
Phish with HiddenEye - A tool with Advanced Feature
2
Replies
3 wks ago -
Forum Thread:
Android/Metasploit - Keep a session alive
2
Replies
4 wks ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
44
Replies
1 mo ago -
How to:
HACK Android Device with TermuX on Android | Part #2 - Over WLAN Hotspot [Ultimate Guide]
25
Replies
1 mo ago -
Forum Thread:
Msfconsole Error After Msfupdate
7
Replies
1 mo ago -
Forum Thread:
How to Track Who Is Sms Bombing Me .
2
Replies
1 mo ago -
Forum Thread:
How to Hack CCTV Private Cameras
66
Replies
1 mo ago
-
The Hacks of Mr. Robot:
How to Spy on Anyone's Smartphone Activity
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
-
How To:
Hunt Down Social Media Accounts by Usernames with Sherlock
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Dox Anyone
-
How To:
Hack 5 GHz Wi-Fi Networks with an Alfa Wi-Fi Adapter
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How To:
Embed a Metasploit Payload in an Original .Apk File | Part 2 – Do It Manually
-
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
-
How To:
Hack Android Using Kali (Remotely)
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How To:
Spy on Traffic from a Smartphone with Wireshark
-
How To:
Upgrade a Normal Command Shell to a Metasploit Meterpreter
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
2 Responses
You can take a look to the code of UPX . It is a packer, but the principle is the same (run-time unzip pretty much the same than run-time decrypt). Maybe somebody else can give you better pointers specifically for Windows.
You can also take a look to this very basic article for the overall idea on how they work. It targets ELF format for Linux though.
For Windows the executable format is called PE . I bet it would be pretty much the same thing but I had never played with PE so I cannot say for sure.
Good Luck
Thank you, I'll give it a shot
Share Your Thoughts