Hi, I just finished my own crypter, I write it in vb and it works "great". Scanning online it went from 27/35 detection to 1/35, the only problem is that it is only scantime. Practically it merges the stub, the crypted payload and a file to bind with, using a certain string as splitter, when the file is ran it splits the contents and create a temp .exe with the payload encrypted and then execute it. Logically the AV detects it and removes it before it's launched so it is pretty useless. I read about the runtime crypter that decrypt the payload directly in memory so the AV can't detect it, but I don't understand how to do it, so can someone point me in the right direction? Maybe linking me something about it, I'll appreciate. Thanks
Forum Thread: Make Runtime Crypter
- Hot
- Active
-
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
1 day ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
1 wk ago -
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
4 wks ago -
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
4 wks ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
2 mo ago -
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
2 mo ago -
Metasploit Error:
Handler Failed to Bind
41
Replies
3 mo ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
3 mo ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
3 mo ago -
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
3 mo ago -
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
3 mo ago -
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
3 mo ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
4 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
4 mo ago -
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
5 mo ago -
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
6 mo ago -
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
6 mo ago -
Forum Thread:
How to Hack School Website
11
Replies
6 mo ago -
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
6 mo ago -
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
7 mo ago
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Make Your Own Bad USB
-
How To:
Dox Anyone
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Use Ettercap to Intercept Passwords with ARP Spoofing
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Exploit Shellshock on a Web Server Using Metasploit
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Enumerate SMB with Enum4linux & Smbclient
-
How To:
Use Kismet to Watch Wi-Fi User Activity Through Walls
-
How To:
Hack Apache Tomcat via Malicious WAR File Upload
-
How To:
Find Passwords in Exposed Log Files with Google Dorks
-
Hacking Windows 10:
How to Dump NTLM Hashes & Crack Windows Passwords
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Exploit WebDAV on a Server & Get a Shell
-
How To:
Scan Websites for Interesting Directories & Files with Gobuster
-
Hack Like a Pro:
How to Use Netcat, the Swiss Army Knife of Hacking Tools
2 Responses
You can take a look to the code of UPX . It is a packer, but the principle is the same (run-time unzip pretty much the same than run-time decrypt). Maybe somebody else can give you better pointers specifically for Windows.
You can also take a look to this very basic article for the overall idea on how they work. It targets ELF format for Linux though.
For Windows the executable format is called PE . I bet it would be pretty much the same thing but I had never played with PE so I cannot say for sure.
Good Luck
Thank you, I'll give it a shot
Share Your Thoughts