110 lines
2.9 KiB
Markdown
110 lines
2.9 KiB
Markdown
# Cross-Platform AES-Encrypted Payload Injector
|
|
|
|
This project provides secure AES-CBC encrypted payload injection for both Windows and Linux platforms.
|
|
|
|
## Features
|
|
|
|
- **AES-128-CBC Encryption**: Industry-standard encryption with proper key derivation
|
|
- **Cross-Platform**: Separate binaries for Windows and Linux with no code leakage
|
|
- **Embedded Payloads**: Encrypted data embedded directly in executables
|
|
- **Secure Key Derivation**: SHA256(password + salt) with random salts and IVs
|
|
|
|
## Compilation Instructions
|
|
|
|
### Linux Build
|
|
|
|
```bash
|
|
# Compile Linux injector
|
|
g++ -std=c++11 linux_injector.cpp -o linux_injector -lssl -lcrypto -ldl
|
|
|
|
# Test (requires encrypted payload data)
|
|
./linux_injector
|
|
```
|
|
|
|
### Windows Build
|
|
|
|
```bash
|
|
# On Windows with Visual Studio, compile:
|
|
cl.exe /EHsc windows_injector.cpp advapi32.lib
|
|
|
|
# Or with MinGW:
|
|
g++ -std=c++11 windows_injector.cpp -o windows_injector.exe -ladvapi32
|
|
|
|
# Test (requires encrypted payload data)
|
|
windows_injector.exe
|
|
```
|
|
|
|
## Usage Instructions
|
|
|
|
### 1. Encrypt Your Payload
|
|
|
|
```bash
|
|
# Encrypt a binary (DLL/SO) with the Rust crypt tool
|
|
cd crypt
|
|
cargo run /path/to/your/payload.dll
|
|
|
|
# This creates:
|
|
# - encrypted_Input.bin (encrypted payload)
|
|
# - decryption_metadata.bin (salt + IV + size)
|
|
```
|
|
|
|
### 2. Embed Encrypted Data
|
|
|
|
Edit the appropriate injector file (`linux_injector.cpp` or `windows_injector.cpp`):
|
|
|
|
```cpp
|
|
// Convert encrypted_Input.bin to hex array
|
|
xxd -i encrypted_Input.bin > payload.hex
|
|
|
|
// Convert decryption_metadata.bin to hex array
|
|
xxd -i decryption_metadata.bin > metadata.hex
|
|
|
|
// Replace the placeholder arrays in the injector code
|
|
const unsigned char encrypted_payload[] = {
|
|
// Copy from payload.hex
|
|
};
|
|
|
|
const unsigned char decryption_metadata[] = {
|
|
// Copy from metadata.hex
|
|
};
|
|
```
|
|
|
|
### 3. Set Password
|
|
|
|
```cpp
|
|
// Change the password in the injector
|
|
std::string password = "YourSecureMasterPassword123!";
|
|
```
|
|
|
|
### 4. Recompile and Deploy
|
|
|
|
The injector will:
|
|
1. Decrypt the embedded payload using AES-CBC
|
|
2. Inject the decrypted library into a target process
|
|
3. Execute silently
|
|
|
|
## Security Features
|
|
|
|
- **AES-128-CBC**: Prevents pattern analysis attacks
|
|
- **Random IVs**: Each encryption uses unique initialization vectors
|
|
- **PKCS7 Padding**: Proper padding with validation
|
|
- **SHA256 Key Derivation**: Password-based key generation with salt
|
|
- **No Embedded Keys**: Keys derived from passwords, not stored
|
|
|
|
## Architecture
|
|
|
|
- **Rust Crypt Tool**: Encryption with AES-GCM fallback to AES-CBC
|
|
- **C++ Decryptor**: Standalone decryption utility
|
|
- **Platform-Specific Injectors**: Windows (DLL) and Linux (SO) injection
|
|
- **Embedded Payloads**: No external file dependencies
|
|
|
|
## Testing
|
|
|
|
Both platforms have been tested with:
|
|
- ✅ Encryption/decryption workflow
|
|
- ✅ Binary integrity verification
|
|
- ✅ Cross-platform compilation
|
|
- ✅ Platform-specific injection techniques
|
|
|
|
The Linux version uses ptrace-based injection, while Windows uses advanced NT API techniques with job objects and APC queuing.
|