{"id":16493026,"url":"https://github.com/darkcodersc/slae32-crypters","last_synced_at":"2025-03-01T06:41:54.244Z","repository":{"id":110104467,"uuid":"272744151","full_name":"DarkCoderSc/slae32-crypters","owner":"DarkCoderSc","description":"SLAE32 Assignment N°7 - Crypters","archived":false,"fork":false,"pushed_at":"2020-06-17T20:30:03.000Z","size":1628,"stargazers_count":9,"open_issues_count":0,"forks_count":7,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-01-11T20:44:01.372Z","etag":null,"topics":["crypter","delphi","lazarus","pascal","rc4","slae32","slae32-assignments"],"latest_commit_sha":null,"homepage":"","language":"Pascal","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DarkCoderSc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-06-16T15:25:45.000Z","updated_at":"2024-08-12T20:02:43.000Z","dependencies_parsed_at":"2023-05-21T14:52:37.545Z","dependency_job_id":null,"html_url":"https://github.com/DarkCoderSc/slae32-crypters","commit_stats":{"total_commits":6,"total_committers":2,"mean_commits":3.0,"dds":"0.16666666666666663","last_synced_commit":"01872372cd5f935670b6b273f4448d820abd838e"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DarkCoderSc%2Fslae32-crypters","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DarkCoderSc%2Fslae32-crypters/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DarkCoderSc%2Fslae32-crypters/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DarkCoderSc%2Fslae32-crypters/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DarkCoderSc","download_url":"https://codeload.github.com/DarkCoderSc/slae32-crypters/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241329383,"owners_count":19944983,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["crypter","delphi","lazarus","pascal","rc4","slae32","slae32-assignments"],"created_at":"2024-10-11T14:08:08.924Z","updated_at":"2025-03-01T06:41:54.230Z","avatar_url":"https://github.com/DarkCoderSc.png","language":"Pascal","readme":"Student ID: **SLAE-1530**\n\n# SLAE32 Assignement N°7 - Crypters\n\nThis Shellcode Crypter is using RC4 Cipher to encrypt and decrypt the payload directly in memory. \n\nThe RC4 key is not known by both crypter and stub, it will be bruteforced at stub run time `CRC32(Random(Length=4))`. Feel free to increase the length of the random key, notice it might increase considerably the time before shellcode gets decrypted.\n\nWhen payload is decrypted at runtime, the stub will create a new executable memory region and copy the decrypted shellcode to that region before execution.\n\nIt means, it doesn't requires the stack to be executable.\n\nPayload is stored at the EOF of the generated stub. \n\nTo compile both stub and crypter you will need Lazarus IDE to be installed on your Linux machine.\n\nOn Ubuntu / Debian you can use the following command:\n\nlocal@user:$ `sudo apt install lazarus`\n\n## Usage\n\nlocal@user:$ `Crypter/dist/crypter \u003cshellcode\u003e \u003coutputfile\u003e`\n\n### Example\n\nlocal@user:$ `Crypter/dist/crypter \"\\x31\\xc0\\x50\\x68\\x62\\x61\\x73\\x68\\x68\\x69\\x6e\\x2f\\x2f\\x68\\x2f\\x2f\\x2f\\x62\\x89\\xe3\\x66\\xb8\\x2d\\x63\\x50\\x31\\xc0\\x89\\xe2\\x50\\x68\\x73\\x73\\x77\\x64\\x68\\x63\\x2f\\x70\\x61\\x68\\x20\\x2f\\x65\\x74\\x68\\x2f\\x63\\x61\\x74\\x68\\x2f\\x62\\x69\\x6e\\x89\\xe6\\x50\\x56\\x52\\x53\\x89\\xe1\\x50\\x89\\xe2\\xb0\\x0b\\xcd\\x80\" /tmp/encrypted_payload`\n\n![Command Result](https://i.ibb.co/XjX2Wm3/Screenshot-2020-06-16-at-17-51-39.png)\n\nlocal@user:$ `/tmp/encrypted_payload`\n\n![Command Result](https://i.ibb.co/t888tNH/Screenshot-2020-06-16-at-17-52-13.png)\n\n## Compile Instructions\n\n### `Build.py`\n\n**Build.py** script is designed to compile both **stub** and **crypter** but not only. \n\nWhen a new **stub** program version is generated, the script will embed the raw stub directly inside the **crypter**.\n\nThis is required since the **crypter** program is completely standalone, the **stub** is embedded inside.\n\nlocal@user:$ `cd Crypter \u0026\u0026 python3 build.py`\n\n#### Example Output\n\n````\nphrozen@ubuntu:~/SLAE32/SLAE-Exam/Level7/git/slae32-crypters$ cd Crypter \u0026\u0026 python3 build.py\n[*] Compile stub project...\nHint: (11030) Start of reading config file /etc/fpc.cfg\nHint: (11031) End of reading config file /etc/fpc.cfg\nFree Pascal Compiler version 3.0.4+dfsg-18ubuntu2 [2018/08/29] for i386\nCopyright (c) 1993-2017 by Florian Klaempfl and others\n(1002) Target OS: Linux for i386\n(3104) Compiling stub.dpr\n(3104) Compiling ../shared/unteof.pas\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/unteof.pas(92,47) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n(3104) Compiling ../shared/untrc4.pas\n(3104) Compiling ../shared/untcrc32.pas\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untcrc32.pas(113,43) Hint: (4055) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untcrc32.pas(113,61) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untcrc32.pas(113,37) Warning: (4056) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,13) Hint: (4055) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,31) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,7) Warning: (4056) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,56) Hint: (4055) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,74) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untrc4.pas(244,50) Warning: (4056) Conversion between ordinals and pointers is not portable\n(3104) Compiling ../shared/untfunctions.pas\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untfunctions.pas(30,37) Hint: (4055) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untfunctions.pas(30,55) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/../shared/untfunctions.pas(30,31) Warning: (4056) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/stub.dpr(43,30) Hint: (4079) Converting the operands to \"Int64\" before doing the add could prevent overflow errors.\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/stub/stub.dpr(31,5) Note: (5025) Local variable \"n\" not used\n(9015) Linking stub\n/usr/bin/ld.bfd: warning: link.res contains output sections; did you forget -T?\n(1008) 836 lines compiled, 0.2 sec\n(1021) 4 warning(s) issued\n(1022) 12 hint(s) issued\n(1023) 1 note(s) issued\n[+] Stub project successfully built.\n[*] Patch stub file on crypter project...\n[*] Finding tags locations\n[+] Tags found. tag_begin=433, tag_end=6263778\n[*] Generate stub array...\n[*] Patch stub source file...\n[+] Stub source file successfully patched.\n[*] Compile crypter project...\nHint: (11030) Start of reading config file /etc/fpc.cfg\nHint: (11031) End of reading config file /etc/fpc.cfg\nFree Pascal Compiler version 3.0.4+dfsg-18ubuntu2 [2018/08/29] for i386\nCopyright (c) 1993-2017 by Florian Klaempfl and others\n(1002) Target OS: Linux for i386\n(3104) Compiling crypter.dpr\n(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas\n(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untcrc32.pas\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untcrc32.pas(113,43) Hint: (4055) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untcrc32.pas(113,61) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untcrc32.pas(113,37) Warning: (4056) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,13) Hint: (4055) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,31) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,7) Warning: (4056) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,56) Hint: (4055) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,74) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untrc4.pas(244,50) Warning: (4056) Conversion between ordinals and pointers is not portable\n(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untfunctions.pas\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untfunctions.pas(30,37) Hint: (4055) Conversion between ordinals and pointers is not portable\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untfunctions.pas(30,55) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/untfunctions.pas(30,31) Warning: (4056) Conversion between ordinals and pointers is not portable\n(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/unttypes.pas\n(3104) Compiling /home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/unteof.pas\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/shared/unteof.pas(92,47) Hint: (4035) Mixing signed expressions and longwords gives a 64bit result\n(3104) Compiling untlocalfunctions.pas\n(3104) Compiling untstub.pas\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/crypter/crypter.dpr(33,61) Hint: (5092) Variable \"AShellcode\" of a managed type does not seem to be initialized\n/home/phrozen/SLAE32/SLAE-Exam/Level7/git/slae32-crypters/Crypter/crypter/crypter.dpr(49,75) Hint: (5058) Variable \"ASignature\" does not seem to be initialized\n(9015) Linking crypter\n/usr/bin/ld.bfd: warning: link.res contains output sections; did you forget -T?\n(1008) 78238 lines compiled, 0.8 sec\n(1021) 4 warning(s) issued\n(1022) 13 hint(s) issued\n[+] Crypter project successfully built.\n[*] copy crypter to \"dist\" directory...\n[*] doing some cleanup...\n[+] Crypter successfully compiled and is ready for use!\n[*] Have fun :-)\n````\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdarkcodersc%2Fslae32-crypters","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdarkcodersc%2Fslae32-crypters","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdarkcodersc%2Fslae32-crypters/lists"}