Hi, I just finished my own crypter, I write it in vb and it works "great". Scanning online it went from 27/35 detection to 1/35, the only problem is that it is only scantime. Practically it merges the stub, the crypted payload and a file to bind with, using a certain string as splitter, when the file is ran it splits the contents and create a temp .exe with the payload encrypted and then execute it. Logically the AV detects it and removes it before it's launched so it is pretty useless. I read about the runtime crypter that decrypt the payload directly in memory so the AV can't detect it, but I don't understand how to do it, so can someone point me in the right direction? Maybe linking me something about it, I'll appreciate. Thanks
Forum Thread: Make Runtime Crypter
- Hot
- Active
-
Forum Thread:
How to Crack Window Password with Kali Live Usb
17
Replies
7 hrs ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
5
Replies
17 hrs ago -
Forum Thread:
I Need Help, I Want to Hack This Instagram Account.
5
Replies
18 hrs ago -
Forum Thread:
How We Can Set a reverse_tcp Payload for Android in Any Apk File?
0
Replies
21 hrs ago -
Forum Thread:
How we can configure (.OVPN) file created by Portmap.io in Kali Linux?
0
Replies
21 hrs ago -
Forum Thread:
Do the Spy Apps Really Work?..Multiple Questions I've Pondered.
4
Replies
1 day ago -
Forum Thread:
How to Sms Bomber
9
Replies
1 day ago -
Forum Thread:
Is There Any Internal Wifi Card That Support Wireless Monitor Mode and Packet Injection?
0
Replies
1 day ago -
Forum Thread:
How to Hack a Android Device with an I.P Address and Device Information?
2
Replies
1 day ago -
Forum Thread:
Kali Linux External Wifi Not Working?
20
Replies
2 days ago -
Forum Thread:
Vitual Box External Wifi Adapter Connected but Still Kali Linux Say No Network Found ?
1
Replies
2 days ago -
How to:
Install Metasploit Framework on Android | Part #1 - in TermuX
81
Replies
2 days ago -
Forum Thread:
Whenever I Try "Airmon-Ng Start wlan0" There's an Error?
14
Replies
2 days ago -
Forum Thread:
Tor Browser- Is It a VPN?
15
Replies
3 days ago -
Forum Thread:
Anonmously Send Sms
1
Replies
3 days ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
106
Replies
3 days ago -
Forum Thread:
Is There Any Way to Connect Internal Wireless Adaptor in Kali Linux Installed in Virtual Machine?
36
Replies
4 days ago -
Forum Thread:
Help with How to Bind Android Rat/Payload into Images
2
Replies
4 days ago -
Forum Thread:
Can You Make a Video on Stagefright for Android 9 with Full Explaination?
0
Replies
4 days ago -
Forum Thread:
Rescue-ssh.target Is a Disabled or a Static Unit
17
Replies
6 days ago
-
How To:
Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks)
-
How To:
Streamline Your App & Game Development with AppGameKit
-
How To:
Find OSINT Data on License Plate Numbers with Skiptracer
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
This Best-Selling Web Development Training Is on Sale for $12
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Fingerprint Web Apps & Servers for Better Recon
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Hack Web Browsers with BeEF to Control Webcams, Phish for Credentials & More
-
How To:
The Essential Skills to Becoming a Master Hacker
-
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Find Anyone's Private Phone Number Using Facebook
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
2 Responses
You can take a look to the code of UPX . It is a packer, but the principle is the same (run-time unzip pretty much the same than run-time decrypt). Maybe somebody else can give you better pointers specifically for Windows.
You can also take a look to this very basic article for the overall idea on how they work. It targets ELF format for Linux though.
For Windows the executable format is called PE . I bet it would be pretty much the same thing but I had never played with PE so I cannot say for sure.
Good Luck
Thank you, I'll give it a shot
Share Your Thoughts