Hi, I just finished my own crypter, I write it in vb and it works "great". Scanning online it went from 27/35 detection to 1/35, the only problem is that it is only scantime. Practically it merges the stub, the crypted payload and a file to bind with, using a certain string as splitter, when the file is ran it splits the contents and create a temp .exe with the payload encrypted and then execute it. Logically the AV detects it and removes it before it's launched so it is pretty useless. I read about the runtime crypter that decrypt the payload directly in memory so the AV can't detect it, but I don't understand how to do it, so can someone point me in the right direction? Maybe linking me something about it, I'll appreciate. Thanks
Forum Thread: Make Runtime Crypter
- Hot
- Active
-
Forum Thread:
How to Install Kali Linux on Iphone or Ipad
26
Replies
12 hrs ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
45
Replies
1 day ago -
Forum Thread:
How to Use NGROK in a Reverse_Tcp Attack?
21
Replies
1 day ago -
Forum Thread:
Hack Instagram Account Using BruteForce
191
Replies
2 days ago -
How to:
Crack Instagram Passwords Using Instainsane
33
Replies
2 days ago -
Forum Thread:
Track phone using imei number.
5
Replies
2 days ago -
Forum Thread:
Security in IOT ( Internet of Things ) By [Mohamed Ahmed]
1
Replies
4 days ago -
Forum Thread:
Kali linux command error. Kindly help
2
Replies
5 days ago -
Forum Thread:
When to Use Reverse Shell and Bind Shell?
5
Replies
1 wk ago -
Forum Thread:
Fluxion Not Working
6
Replies
1 wk ago -
Forum Thread:
Hacking Stream (LIVE)
10
Replies
1 wk ago -
Forum Thread:
Blind SQL Injection
6
Replies
1 wk ago -
Forum Thread:
Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce
160
Replies
1 wk ago -
Forum Thread:
Can C Programming Help Me for Hacking or Pen Testing.
10
Replies
1 wk ago -
Forum Thread:
I Want to Hack in to My Friends System Through his wifi router i am controlling
7
Replies
2 wks ago -
Forum Thread:
How to Use the Exploits Found in Vega Scan
3
Replies
2 wks ago -
Forum Thread:
Can I Send a File to a Computer Using Ip Address
5
Replies
2 wks ago -
Forum Thread:
Problem with Hacking Webserver with Armitage
11
Replies
3 wks ago -
Forum Thread:
Metasploit - Embedding an Android Payload into a PDF?
7
Replies
3 wks ago -
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
35
Replies
3 wks ago
-
How To:
Generate Crackable Wi-Fi Handshakes with an ESP8266-Based Test Network
-
How To:
Rank Up in Google Searches with This SEO Couse Bundle
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Write Your Own Bash Scripts to Automate Tasks on Linux
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
-
How To:
Automate Remote SSH Control of Computers with Expect Scripts
-
Hack Like a Pro:
How to Crack Passwords, Part 4 (Creating a Custom Wordlist with Crunch)
-
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
-
How To:
Crack Password-Protected ZIP Files, PDFs & More with Zydra
-
How To:
Find Anyone's Private Phone Number Using Facebook
-
How To:
Manually Exploit EternalBlue on Windows Server Using MS17-010 Python Exploit
-
How To:
Install Kali Live on a USB Drive (With Persistence, Optional)
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
2 Responses
You can take a look to the code of UPX . It is a packer, but the principle is the same (run-time unzip pretty much the same than run-time decrypt). Maybe somebody else can give you better pointers specifically for Windows.
You can also take a look to this very basic article for the overall idea on how they work. It targets ELF format for Linux though.
For Windows the executable format is called PE . I bet it would be pretty much the same thing but I had never played with PE so I cannot say for sure.
Good Luck
Thank you, I'll give it a shot
Share Your Thoughts