Hi, I just finished my own crypter, I write it in vb and it works "great". Scanning online it went from 27/35 detection to 1/35, the only problem is that it is only scantime. Practically it merges the stub, the crypted payload and a file to bind with, using a certain string as splitter, when the file is ran it splits the contents and create a temp .exe with the payload encrypted and then execute it. Logically the AV detects it and removes it before it's launched so it is pretty useless. I read about the runtime crypter that decrypt the payload directly in memory so the AV can't detect it, but I don't understand how to do it, so can someone point me in the right direction? Maybe linking me something about it, I'll appreciate. Thanks
Forum Thread: Make Runtime Crypter
- Hot
- Active
-
Forum Thread:
How to Hack Android Phone Using Same Wifi
14
Replies
1 hr ago -
Forum Thread:
Hack Cheating Wife's Windows 7 Admin Password
14
Replies
3 hrs ago -
Hacking:
The Skill for the Future
9
Replies
4 hrs ago -
Forum Thread:
Elite Max Keto s increase testosterone, growth hormone,
0
Replies
16 hrs ago -
Forum Thread:
Connecting USB Wifi Driver rtl8812AU_8821AU_linux to Kali
1
Replies
16 hrs ago -
Forum Thread:
These ingredients have been tested for their
0
Replies
19 hrs ago -
Forum Thread:
Rapid Slim A drink with more sustenance made with fruits,
0
Replies
21 hrs ago -
Forum Thread:
On the Other Side, the Supplement Is Effective
0
Replies
21 hrs ago -
How to:
Install Metasploit Framework on Android | Part #1 - in TermuX
78
Replies
1 day ago -
Forum Thread:
Hack Android Using Msfconsole and ./Ngrok Http 80
0
Replies
1 day ago -
Forum Thread:
scr888 Games
0
Replies
1 day ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
34
Replies
1 day ago -
Forum Thread:
HOW to HACK INSTA EASSY WAY
0
Replies
1 day ago -
Forum Thread:
Refresh Ultra Keto? Shop Now#This Site?
0
Replies
1 day ago -
Forum Thread:
Turn Up Txpower
8
Replies
2 days ago -
Forum Thread:
How to breach in to another access file from another phone by send a spyware or spyworm and hide it in image files?
0
Replies
2 days ago -
Forum Thread:
Hack Instagram Account Using BruteForce
184
Replies
3 days ago -
Forum Thread:
Changing IP Address
6
Replies
3 days ago -
Forum Thread:
Help (Kali Linux)
1
Replies
3 days ago -
Forum Thread:
How to Access Users Google Chrome Using Administrator Account?
0
Replies
5 days ago
-
How To:
Target Bluetooth Devices with Bettercap
-
How To:
A Hacker's Guide to Programming Microcontrollers
-
How To:
Inject Keystrokes into Logitech Keyboards with an nRF24LU1+ Transceiver
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
Hacking macOS:
How to Hide Payloads Inside Photo Metadata
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Manually Exploit EternalBlue on Windows Server Using MS17-010 Python Exploit
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
-
Hack Like a Pro:
How to Crack Passwords, Part 1 (Principles & Technologies)
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
Hacking Windows 10:
How to Create an Undetectable Payload, Part 1 (Bypassing Antivirus Software)
2 Responses
You can take a look to the code of UPX . It is a packer, but the principle is the same (run-time unzip pretty much the same than run-time decrypt). Maybe somebody else can give you better pointers specifically for Windows.
You can also take a look to this very basic article for the overall idea on how they work. It targets ELF format for Linux though.
For Windows the executable format is called PE . I bet it would be pretty much the same thing but I had never played with PE so I cannot say for sure.
Good Luck
Thank you, I'll give it a shot
Share Your Thoughts