Hi, I just finished my own crypter, I write it in vb and it works "great". Scanning online it went from 27/35 detection to 1/35, the only problem is that it is only scantime. Practically it merges the stub, the crypted payload and a file to bind with, using a certain string as splitter, when the file is ran it splits the contents and create a temp .exe with the payload encrypted and then execute it. Logically the AV detects it and removes it before it's launched so it is pretty useless. I read about the runtime crypter that decrypt the payload directly in memory so the AV can't detect it, but I don't understand how to do it, so can someone point me in the right direction? Maybe linking me something about it, I'll appreciate. Thanks
Forum Thread: Make Runtime Crypter
- Hot
- Active
-
Forum Thread:
Clean DarkComet Download
1
Replies
4 hrs ago -
Forum Thread:
How to Hack My College Website ?
25
Replies
5 hrs ago -
Forum Thread:
How to Fix 'Failed to Detect and Mount CD-ROM' Problem When Installing Kali Linux
10
Replies
5 hrs ago -
Forum Thread:
How Can I Hack in Our Students Portal and Be Able to Fix My Results and Edit Some
1
Replies
7 hrs ago -
Forum Thread:
Tp-Link wn8200nd
0
Replies
7 hrs ago -
Forum Thread:
Kali Linux Wifi Adapter & Interfaces Not Showing Up
1
Replies
1 day ago -
Forum Thread:
How to log in tor
2
Replies
1 day ago -
Forum Thread:
I packed many documents in zip archive yesterday evening
1
Replies
1 day ago -
Fluxion :
Cracking Wifi Without Bruteforce or Wordlist in Kali Linux 2017.1. [Full Guide]
3
Replies
1 day ago -
Forum Thread:
Any Scripts/Programs Available for the Krack Vulnerability
0
Replies
2 days ago -
Forum Thread:
Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce
122
Replies
2 days ago -
Forum Thread:
Can Someone Here Help Me Crack Tgis Site and Be Able to Change My Transcript/Exam Results
0
Replies
2 days ago -
Forum Thread:
Any Idea About Piping Crunch with Medusa
0
Replies
2 days ago -
Forum Thread:
Cannot Connect to Fake Ap in Airgeddon. I tried with evil twin attack and can't key in password. Please help me.
0
Replies
2 days ago -
Forum Thread:
Commercial Mattress Cleaning Services
1
Replies
2 days ago -
Forum Thread:
How to Download Videos with Terminal
7
Replies
2 days ago -
Forum Thread:
I Need Help in Hacking a Gmail Account.
23
Replies
3 days ago -
Forum Thread:
Exploit Completed but No Session Was Created .
5
Replies
3 days ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
28
Replies
3 days ago -
Forum Thread:
Mikrotik - Part Four [UnderTaker - QoS]by : Mohamed Ahmed.
1
Replies
3 days ago
-
How To:
Use MDK3 for Advanced Wi-Fi Jamming
-
Hacking macOS:
How to Sniff Passwords on a Mac in Real Time, Part 2 (Packet Analysis)
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
-
How To:
Hack Wi-Fi & Networks More Easily with Lazy Script
-
Hacking macOS:
How to Sniff Passwords on a Mac in Real Time, Part 1 (Packet Exfiltration)
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Use Maltego to Monitor Twitter for Disinformation Campaigns
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2018
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Hack a Windows 7/8/10 Admin Account Password with Windows Magnifier
-
How To:
Securely Sync Files Between Two Machines Using Syncthing
-
How To:
Use Command Injection to Pop a Reverse Shell on a Web Server
-
How To:
Hack Windows 7 (Become Admin)
-
How To:
The Essential Skills to Becoming a Master Hacker
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Find Anyone's Private Phone Number Using Facebook
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
2 Responses
You can take a look to the code of UPX . It is a packer, but the principle is the same (run-time unzip pretty much the same than run-time decrypt). Maybe somebody else can give you better pointers specifically for Windows.
You can also take a look to this very basic article for the overall idea on how they work. It targets ELF format for Linux though.
For Windows the executable format is called PE . I bet it would be pretty much the same thing but I had never played with PE so I cannot say for sure.
Good Luck
Thank you, I'll give it a shot
Share Your Thoughts