Hi, I just finished my own crypter, I write it in vb and it works "great". Scanning online it went from 27/35 detection to 1/35, the only problem is that it is only scantime. Practically it merges the stub, the crypted payload and a file to bind with, using a certain string as splitter, when the file is ran it splits the contents and create a temp .exe with the payload encrypted and then execute it. Logically the AV detects it and removes it before it's launched so it is pretty useless. I read about the runtime crypter that decrypt the payload directly in memory so the AV can't detect it, but I don't understand how to do it, so can someone point me in the right direction? Maybe linking me something about it, I'll appreciate. Thanks
Forum Thread: Make Runtime Crypter
- Hot
- Active
-
Forum Thread:
Cdr File Damaged
0
Replies
4 hrs ago -
Forum Thread:
Arpspoof - No Connectivity on Physical Machine
2
Replies
1 day ago -
Forum Thread:
How to Build Cheapest Password Cracker on Multiple GPUs?
0
Replies
1 day ago -
Forum Thread:
Active White-Hat Forums?
14
Replies
1 day ago -
Forum Thread:
Apis for Trojans [ a gift from me ]
0
Replies
1 day ago -
Forum Thread:
Creating a Ransomware for Android from 0! By [ Mohamed Ahmed ]
0
Replies
1 day ago -
Forum Thread:
Hack Cheating Wife's Windows 7 Admin Password
12
Replies
1 day ago -
Forum Thread:
BlueBorne - Kali Linux Script?
9
Replies
1 day ago -
Forum Thread:
How to Install This Custom Metasploit?
0
Replies
1 day ago -
Forum Thread:
Building a TAP ( Passive Sniffer ) By: [ Mohamed Ahmed ]
0
Replies
2 days ago -
Forum Thread:
Pentesting with Shodan & Functional Exploits By [Mohamed Ahmed ]
0
Replies
2 days ago -
Forum Thread:
Hello,need help with PDF . how remove hack password ?
2
Replies
2 days ago -
Kali Linux:
TP-Link TL WN722N V2 Driver Not Working
11
Replies
2 days ago -
Forum Thread:
How to Hack Wireless Password Through MAC Address and IP Address
19
Replies
2 days ago -
Forum Thread:
How to Track an Android Phone
0
Replies
2 days ago -
Forum Thread:
How to Spy on Android Phones?
5
Replies
2 days ago -
Forum Thread:
How Would I Decrypt This?
1
Replies
2 days ago -
Forum Thread:
Hack Telegram Bot
1
Replies
3 days ago -
Forum Thread:
Problems with TL-WN722N V2 (Monitor Mode)
17
Replies
3 days ago -
Forum Thread:
Decrypting SSL or TLS Session Traffic with Wireshark
1
Replies
3 days ago
-
How To:
Exploring Kali Linux Alternatives: How to Get Started with BlackArch, a More Up-to-Date Pentesting Distro
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Use a Virtual Burner Phone to Protect Your Identity & Security
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Hack Forum Accounts with Password-Stealing Pictures
-
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
-
How To:
Successfully Hack a Website in 2016!
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Hack Android Using Kali (Remotely)
-
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How To:
Install Kali Live on a USB Drive (With Persistence, Optional)
-
How To:
Hack Windows 7 (Become Admin)
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
-
Hack Like a Pro:
How to Crack Passwords, Part 1 (Principles & Technologies)
-
Hack Like a Pro:
How to Find Vulnerabilities for Any Website Using Nikto
-
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2017
-
How To:
Hack WPA WiFi Passwords by Cracking the WPS PIN
2 Responses
You can take a look to the code of UPX . It is a packer, but the principle is the same (run-time unzip pretty much the same than run-time decrypt). Maybe somebody else can give you better pointers specifically for Windows.
You can also take a look to this very basic article for the overall idea on how they work. It targets ELF format for Linux though.
For Windows the executable format is called PE . I bet it would be pretty much the same thing but I had never played with PE so I cannot say for sure.
Good Luck
Thank you, I'll give it a shot
Share Your Thoughts