Hi, I just finished my own crypter, I write it in vb and it works "great". Scanning online it went from 27/35 detection to 1/35, the only problem is that it is only scantime. Practically it merges the stub, the crypted payload and a file to bind with, using a certain string as splitter, when the file is ran it splits the contents and create a temp .exe with the payload encrypted and then execute it. Logically the AV detects it and removes it before it's launched so it is pretty useless. I read about the runtime crypter that decrypt the payload directly in memory so the AV can't detect it, but I don't understand how to do it, so can someone point me in the right direction? Maybe linking me something about it, I'll appreciate. Thanks
Forum Thread: Make Runtime Crypter
- Hot
- Active
-
Forum Thread:
Now Tips for Ever Mixture Cbd
0
Replies
1 hr ago -
Forum Thread:
health2wealthclub.Com/Instant-Keto/
0
Replies
1 hr ago -
Forum Thread:
Verocity
0
Replies
4 hrs ago -
Forum Thread:
http://www.letsfindtoday.com/chanique-anti-wrinkle-cream/
0
Replies
5 hrs ago -
Forum Thread:
http://www.letsfindtoday.com/chanique-anti-wrinkle-cream/
0
Replies
6 hrs ago -
Forum Thread:
http://www.letsfindtoday.com/chanique-anti-wrinkle-cream/
0
Replies
6 hrs ago -
Forum Thread:
Cisco ASA Software 8.X/9.X - IKEv1 / IKEv2 Buffer Overflow
0
Replies
21 hrs ago -
Forum Thread:
Nutra Holistic Keto
0
Replies
23 hrs ago -
Forum Thread:
Dxn code strike reviews Comments: Get FREE TRIAL Combo
0
Replies
1 day ago -
Forum Thread:
Best Keto Plus Diet Tips You Will Read This Year
0
Replies
1 day ago -
Forum Thread:
http://thesupplementcop.com/keto-prime/
0
Replies
1 day ago -
Forum Thread:
How to Hack Wifi Network with CMD
81
Replies
1 day ago -
Forum Thread:
http://thesupplementcop.com/keto-prime/
0
Replies
1 day ago -
Forum Thread:
Complete Guide to Creating and Hosting a Phishing Page for Beginners
18
Replies
1 day ago -
Forum Thread:
Friends Its Something Personal, Need Your Opinions.
25
Replies
1 day ago -
Forum Thread:
Now Ways You Can Reinvent Insta Keto Without Looking Like an Amateur
0
Replies
2 days ago -
Forum Thread:
http://thesupplementcop.com/fit-body-diet-keto/
0
Replies
2 days ago -
Forum Thread:
http://thesupplementcop.com/fit-body-diet-keto/
0
Replies
2 days ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
98
Replies
2 days ago -
Q:
MITMf - What Am I Doing Wrong?
38
Replies
2 days ago
-
How To:
Find Passwords in Exposed Log Files with Google Dorks
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Hack Android Using Kali (Remotely)
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Exploit Popular Linux File Managers with a Fake MP4
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
-
How To:
Write an XSS Cookie Stealer in JavaScript to Steal Passwords
-
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
-
How To:
How Hackers Use Your IP Address to Hack Your Computer & How to Stop It
-
How To:
Install Kali Live on a USB Drive (With Persistence, Optional)
-
How To:
Use Google Search Operators to Find Elusive Information
-
How To:
Spot Fake Businesses & Find the Signature of CEOs with OSINT
2 Responses
You can take a look to the code of UPX . It is a packer, but the principle is the same (run-time unzip pretty much the same than run-time decrypt). Maybe somebody else can give you better pointers specifically for Windows.
You can also take a look to this very basic article for the overall idea on how they work. It targets ELF format for Linux though.
For Windows the executable format is called PE . I bet it would be pretty much the same thing but I had never played with PE so I cannot say for sure.
Good Luck
Thank you, I'll give it a shot
Share Your Thoughts