crypter removed

pour la publi open source je le sors, il reviendra peut-être mais sur un autre repo,. Pour l'instant je me focus sur l'agent
2023-02-21 17:37:49 +01:00
parent e53c28bdd1
commit 0aa959640a
17 changed files with 3 additions and 66691 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,7 +1,3 @@
 #le crypter est en WIP, pas sûr de le faire jusqu'au bout, peut-être faire un obfuscateur à la place
 .vim
 Laika/.vs
-Laika/release
+Laika/release
 Crypter/.vs
 Crypter/x64
 Dropper/
--- a/Crypter/Crypter.sln
+++ b/Crypter/Crypter.sln
@@ -1,31 +0,0 @@
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio Version 17
 VisualStudioVersion = 17.1.32407.343
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Crypter", "Crypter.vcxproj", "{B2AD6043-66E6-45BF-92EB-97885F7C5B54}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|x64 = Debug|x64
 		Debug|x86 = Debug|x86
 		Release|x64 = Release|x64
 		Release|x86 = Release|x86
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
 		{B2AD6043-66E6-45BF-92EB-97885F7C5B54}.Debug|x64.ActiveCfg = Debug|x64
 		{B2AD6043-66E6-45BF-92EB-97885F7C5B54}.Debug|x64.Build.0 = Debug|x64
 		{B2AD6043-66E6-45BF-92EB-97885F7C5B54}.Debug|x86.ActiveCfg = Debug|Win32
 		{B2AD6043-66E6-45BF-92EB-97885F7C5B54}.Debug|x86.Build.0 = Debug|Win32
 		{B2AD6043-66E6-45BF-92EB-97885F7C5B54}.Release|x64.ActiveCfg = Release|x64
 		{B2AD6043-66E6-45BF-92EB-97885F7C5B54}.Release|x64.Build.0 = Release|x64
 		{B2AD6043-66E6-45BF-92EB-97885F7C5B54}.Release|x86.ActiveCfg = Release|Win32
 		{B2AD6043-66E6-45BF-92EB-97885F7C5B54}.Release|x86.Build.0 = Release|Win32
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {C281EF3B-A7D6-4774-975C-9059CF599FEF}
 	EndGlobalSection
 EndGlobal
--- a/Crypter/Crypter.vcxproj
+++ b/Crypter/Crypter.vcxproj
@@ -1,170 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <ItemGroup Label="ProjectConfigurations">
    <ProjectConfiguration Include="Debug|Win32">
      <Configuration>Debug</Configuration>
      <Platform>Win32</Platform>
    </ProjectConfiguration>
    <ProjectConfiguration Include="Release|Win32">
      <Configuration>Release</Configuration>
      <Platform>Win32</Platform>
    </ProjectConfiguration>
    <ProjectConfiguration Include="Debug|x64">
      <Configuration>Debug</Configuration>
      <Platform>x64</Platform>
    </ProjectConfiguration>
    <ProjectConfiguration Include="Release|x64">
      <Configuration>Release</Configuration>
      <Platform>x64</Platform>
    </ProjectConfiguration>
  </ItemGroup>
  <PropertyGroup Label="Globals">
    <VCProjectVersion>16.0</VCProjectVersion>
    <Keyword>Win32Proj</Keyword>
    <ProjectGuid>{b2ad6043-66e6-45bf-92eb-97885f7c5b54}</ProjectGuid>
    <RootNamespace>Crypter</RootNamespace>
    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <PlatformToolset>v143</PlatformToolset>
    <CharacterSet>Unicode</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <PlatformToolset>v143</PlatformToolset>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>Unicode</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
    <PlatformToolset>v143</PlatformToolset>
    <CharacterSet>Unicode</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <PlatformToolset>v143</PlatformToolset>
    <WholeProgramOptimization>true</WholeProgramOptimization>
    <CharacterSet>Unicode</CharacterSet>
  </PropertyGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
  <ImportGroup Label="ExtensionSettings">
  </ImportGroup>
  <ImportGroup Label="Shared">
  </ImportGroup>
  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
  </ImportGroup>
  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
  </ImportGroup>
  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
  </ImportGroup>
  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
  </ImportGroup>
  <PropertyGroup Label="UserMacros" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
    <LinkIncremental>true</LinkIncremental>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
    <LinkIncremental>false</LinkIncremental>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
    <LinkIncremental>true</LinkIncremental>
    <IncludePath>$(SolutionDir)Zydis;$(IncludePath)</IncludePath>
    <AllProjectIncludesArePublic>false</AllProjectIncludesArePublic>
    <LibraryPath>$(LibraryPath);$(SolutionDir)lib</LibraryPath>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
    <LinkIncremental>false</LinkIncremental>
    <IncludePath>$(SolutionDir)Zydis;$(IncludePath)</IncludePath>
    <AllProjectIncludesArePublic>false</AllProjectIncludesArePublic>
    <LibraryPath>$(VC_LibraryPath_x64);$(WindowsSDK_LibraryPath_x64);;$(SolutionDir)lib</LibraryPath>
  </PropertyGroup>
  <PropertyGroup Label="Vcpkg">
    <VcpkgEnabled>false</VcpkgEnabled>
    <VcpkgManifestInstall>false</VcpkgManifestInstall>
    <VcpkgAutoLink>false</VcpkgAutoLink>
  </PropertyGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
    <ClCompile>
      <WarningLevel>Level3</WarningLevel>
      <SDLCheck>true</SDLCheck>
      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <ConformanceMode>true</ConformanceMode>
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <GenerateDebugInformation>true</GenerateDebugInformation>
    </Link>
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
    <ClCompile>
      <WarningLevel>Level3</WarningLevel>
      <FunctionLevelLinking>true</FunctionLevelLinking>
      <IntrinsicFunctions>true</IntrinsicFunctions>
      <SDLCheck>true</SDLCheck>
      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <ConformanceMode>true</ConformanceMode>
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <EnableCOMDATFolding>true</EnableCOMDATFolding>
      <OptimizeReferences>true</OptimizeReferences>
      <GenerateDebugInformation>true</GenerateDebugInformation>
    </Link>
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
    <ClCompile>
      <WarningLevel>Level3</WarningLevel>
      <SDLCheck>true</SDLCheck>
      <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions);_CRT_SECURE_NO_WARNINGS</PreprocessorDefinitions>
      <ConformanceMode>true</ConformanceMode>
      <LanguageStandard>stdcpplatest</LanguageStandard>
      <LanguageStandard_C>stdc17</LanguageStandard_C>
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <GenerateDebugInformation>true</GenerateDebugInformation>
      <AdditionalDependencies>Zydis_debug.lib;%(AdditionalDependencies)</AdditionalDependencies>
    </Link>
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
    <ClCompile>
      <WarningLevel>Level3</WarningLevel>
      <FunctionLevelLinking>true</FunctionLevelLinking>
      <IntrinsicFunctions>true</IntrinsicFunctions>
      <SDLCheck>true</SDLCheck>
      <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions);_CRT_SECURE_NO_WARNINGS;TRIALDLL_EXPORT</PreprocessorDefinitions>
      <ConformanceMode>true</ConformanceMode>
      <LanguageStandard>stdcpplatest</LanguageStandard>
      <LanguageStandard_C>stdc17</LanguageStandard_C>
    </ClCompile>
    <Link>
      <SubSystem>Console</SubSystem>
      <EnableCOMDATFolding>true</EnableCOMDATFolding>
      <OptimizeReferences>true</OptimizeReferences>
      <GenerateDebugInformation>true</GenerateDebugInformation>
    </Link>
  </ItemDefinitionGroup>
  <ItemGroup>
    <ClCompile Include="main.cpp" />
    <ClCompile Include="random.cpp" />
    <ClCompile Include="utils.cpp" />
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="config.hpp" />
    <ClInclude Include="random.hpp" />
    <ClInclude Include="utils.hpp" />
  </ItemGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
  <ImportGroup Label="ExtensionTargets">
  </ImportGroup>
 </Project>
--- a/Crypter/Crypter.vcxproj.filters
+++ b/Crypter/Crypter.vcxproj.filters
@@ -1,40 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <ItemGroup>
    <Filter Include="Init">
      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
      <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
    </Filter>
    <Filter Include="Random">
      <UniqueIdentifier>{e73ec28b-18e4-4f85-9c24-b1e26d972336}</UniqueIdentifier>
    </Filter>
    <Filter Include="Utils">
      <UniqueIdentifier>{00c90023-42b3-4b1a-9d61-c363b4660686}</UniqueIdentifier>
    </Filter>
    <Filter Include="Config">
      <UniqueIdentifier>{47733102-deb7-437d-ada8-bca851a43356}</UniqueIdentifier>
    </Filter>
  </ItemGroup>
  <ItemGroup>
    <ClCompile Include="main.cpp">
      <Filter>Init</Filter>
    </ClCompile>
    <ClCompile Include="random.cpp">
      <Filter>Random</Filter>
    </ClCompile>
    <ClCompile Include="utils.cpp">
      <Filter>Utils</Filter>
    </ClCompile>
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="random.hpp">
      <Filter>Random</Filter>
    </ClInclude>
    <ClInclude Include="utils.hpp">
      <Filter>Utils</Filter>
    </ClInclude>
    <ClInclude Include="config.hpp">
      <Filter>Config</Filter>
    </ClInclude>
  </ItemGroup>
 </Project>
--- a/Crypter/Crypter.vcxproj.user
+++ b/Crypter/Crypter.vcxproj.user
@@ -1,12 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
    <LocalDebuggerCommandArguments>
    </LocalDebuggerCommandArguments>
    <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
    <LocalDebuggerCommandArguments>-i x64/Debug/Laika.exe -o x64/Debug/out.exe</LocalDebuggerCommandArguments>
    <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
  </PropertyGroup>
 </Project>
--- a/Crypter/Zydis/Zydis.c
+++ b/Crypter/Zydis/Zydis.c
--- a/Crypter/Zydis/Zydis.h
+++ b/Crypter/Zydis/Zydis.h
--- a/Crypter/config.hpp
+++ b/Crypter/config.hpp
@@ -1,5 +0,0 @@
 #pragma once
 const int PROB_ANSI = 50;
 const int CODE_BLOCK_CALL_COUNT_MIN = 5;
 const int CODE_BLOCK_CALL_COUNT_MAX = 15;
--- a/Crypter/lib/Zydis_debug.lib
+++ b/Crypter/lib/Zydis_debug.lib
--- a/Crypter/lib/Zydis_release.lib
+++ b/Crypter/lib/Zydis_release.lib
--- a/Crypter/main.cpp
+++ b/Crypter/main.cpp
@@ -1,244 +0,0 @@
 #include <Windows.h>
 #include <stdio.h>
 #include <algorithm>
 #include <string>
 #include <iostream>
 #include <fstream>
 #include <filesystem>
 #include <inttypes.h>
 #define ZYDIS_STATIC_BUILD
 #include <Zydis.h>
 #include "random.hpp"
 #include "utils.hpp"
 #include "config.hpp"
 extern g_random random;
 unsigned __int64 origSeed;
 int main(int argc, char* argv[]) {
    if (argc < 5)
    {
        printf("Usage: %s -i <in_file> -o <out_file> [-s <seed>] [-c <config_file>]", argv[0]);
        return 1;
    }
    unsigned __int64 genSeed = random.random_seed();
    char* arg_in = 0;
    char* arg_out = 0;
    char* arg_seed = 0;
    char* arg_config = 0;
    //==========================================================
    //    parse commandline
    //==========================================================
    for (int arg_i = 0; arg_i < argc; arg_i++)
    {
        if (strcmp(argv[arg_i], "-i") == 0)  arg_in = argv[arg_i + 1];
        if (strcmp(argv[arg_i], "-o") == 0) arg_out = argv[arg_i + 1];
        if (strcmp(argv[arg_i], "-s") == 0) arg_seed = argv[arg_i + 1];
        if (strcmp(argv[arg_i], "-c") == 0) arg_config = argv[arg_i + 1];
    };
    if (arg_in == 0 || arg_out == 0) {
        printf("Usage: %s -i <in_file> -o <out_file> [-s <seed>] [-c <config_file>]", argv[0]);
        return 1;
    }
    printf("\n IN : %s", arg_in);
    printf("\n OUT: %s", arg_out);
    printf("\n CFG: %s", arg_config);
    if (arg_seed == 0) {
        printf("\n DNA: 0x%I64X \n", genSeed);
    }
    else {
        printf("\n DNA: 0x%s", arg_seed);
    }
    if (arg_seed)
    {
        unsigned __int64 s = _strtoui64(arg_seed, NULL, 10);
        if (s == 0) {
            printf("\nBad seed format\n");
            return 1;
        }
        random.set_Seed(s);
    }
    else {
        random.set_Seed(genSeed);
    }
    origSeed = random.get_Seed();
    StringReplace(arg_out, ".exe", "");
    size_t n = strlen(arg_out);
    char* arg_out_full = (char*)malloc(n + 20); // allocating memory for the modified string
    memcpy(arg_out_full, arg_out, n);
    sprintf(&arg_out_full[n], "_0x000%I64X.exe", origSeed);
    printf("\n OUT: %s \n", arg_out_full);
    // check absolute path, if no convert
    if (arg_out_full && arg_out_full[1] != ':')
    {
        char* path = (char*)malloc(MAX_PATH * sizeof(char*));
        DWORD length = GetCurrentDirectoryA(MAX_PATH, path);
        if (arg_out_full[0] != '/' && arg_out_full[0] != '\\')
        {
            strcat(path, "\\");
        }
        strcat(path, arg_out_full);
        arg_out_full = path;
    }
    printf(" Input:  %s\n", arg_in);
    printf(" Output: %s\n", arg_out_full);
    if (arg_config) {
        printf(" Config: %s\n", arg_config);
    }
    printf(" Seed: 0x%0.8X%0.8X\n", (DWORD)(random.get_Seed() >> 32), (DWORD)random.get_Seed());
    DeleteFileA(arg_out_full);
    free(arg_out_full);
    HANDLE file_handle = CreateFileA(arg_in, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
    if (file_handle == INVALID_HANDLE_VALUE) {
        printf(" Failed to open file %s\n", arg_in);
        return 1;
    }
    HANDLE file_mapping_handle = CreateFileMappingA(file_handle, NULL, PAGE_READONLY, 0, 0, NULL);
    if (file_mapping_handle == NULL) {
        printf(" Failed to create file mapping for %s\n", arg_in);
        CloseHandle(file_handle);
        return 1;
    }
    void* mapped_file = MapViewOfFile(file_mapping_handle, FILE_MAP_READ, 0, 0, 0);
    if (mapped_file == NULL) {
        printf(" Failed to map view of file %s\n", arg_in);
        CloseHandle(file_mapping_handle);
        CloseHandle(file_handle);
        return 1;
    }
    PIMAGE_DOS_HEADER dos_header = (PIMAGE_DOS_HEADER)mapped_file;
    if (dos_header->e_magic != IMAGE_DOS_SIGNATURE) {
        printf(" Invalid DOS signature in %s\n", arg_in);
        UnmapViewOfFile(mapped_file);
        CloseHandle(file_mapping_handle);
        CloseHandle(file_handle);
        return 1;
    }
    PIMAGE_NT_HEADERS nt_headers = (PIMAGE_NT_HEADERS)((BYTE*)mapped_file + dos_header->e_lfanew);
    if (nt_headers->Signature != IMAGE_NT_SIGNATURE) {
        printf(" Invalid NT signature in %s\n", arg_in);
        UnmapViewOfFile(mapped_file);
        CloseHandle(file_mapping_handle);
        CloseHandle(file_handle);
        return 1;
    }
    DWORD text_addr = 0x0;
    DWORD text_size = 0x0;
    PIMAGE_SECTION_HEADER section_headers = (PIMAGE_SECTION_HEADER)((BYTE*)&nt_headers->OptionalHeader + nt_headers->FileHeader.SizeOfOptionalHeader);
    for (WORD i = 0; i < nt_headers->FileHeader.NumberOfSections; ++i) {
        if (strncmp((char*)section_headers[i].Name, ".text", 5) == 0) {
            text_addr = section_headers[i].PointerToRawData;
            text_size = section_headers[i].SizeOfRawData;
            break;
        }
    }
    printf("\n");
    printf(" Enumerating .text instructions and finding the stuff to change...\n");
    // Initialize decoder context
    ZydisDecoder decoder;
    ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LEGACY_32, ZYDIS_STACK_WIDTH_32);
    // Initialize formatter. Only required when you actually plan to do instruction
    // formatting ("disassembling"), like we do here
    ZydisFormatter formatter;
    ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL);
    // Loop over the instructions in our buffer.
    // The runtime-address (instruction pointer) is chosen arbitrary here in order to better
    // visualize relative addressing
    ZyanU64 runtime_address = nt_headers->OptionalHeader.ImageBase - 0x1000;
    ZyanUSize offset = text_addr;
    const ZyanUSize length = sizeof((char*)mapped_file);
    ZydisDecodedInstruction instruction;
    ZydisDecodedOperand operands[ZYDIS_MAX_OPERAND_COUNT];
    while (ZYAN_SUCCESS(ZydisDecoderDecodeFull(&decoder, (char*)mapped_file + offset, length - offset,
        &instruction, operands)) && offset < text_size + text_addr)
    {
        // Print current instruction pointer.
        printf(" %016" PRIX64 "  ", runtime_address);
        // Format & print the binary instruction structure to human-readable format
        char buffer[256];
        ZydisFormatterFormatInstruction(&formatter, &instruction, operands, instruction.operand_count_visible, buffer, sizeof(buffer), runtime_address, ZYAN_NULL);
        puts(buffer);
        // Create an encoder request from the previously decoded instruction.
        ZydisEncoderRequest enc_req;
        ZydisEncoderDecodedInstructionToEncoderRequest(&instruction, operands,
            instruction.operand_count_visible, &enc_req);
        // Now, change some things about the instruction!
        // Change `jz` -> `jnz` and `add` -> `sub`.
        bool changed = true;
        switch (enc_req.mnemonic)
        {
        case ZYDIS_MNEMONIC_ADD:
            enc_req.mnemonic = ZYDIS_MNEMONIC_SUB;
            break;
        case ZYDIS_MNEMONIC_JZ:
            enc_req.mnemonic = ZYDIS_MNEMONIC_JNZ;
            break;
        default:
            // Don't change other instructions.
            changed = false;
            break;
        }
        if (changed) {
            printf(" Instruction %s changed\n", buffer);
            // Encode the instruction back to raw bytes.
            uint8_t new_bytes[ZYDIS_MAX_INSTRUCTION_LENGTH];
            ZyanUSize new_instr_length = sizeof(new_bytes);
            ZydisEncoderEncodeInstruction(&enc_req, new_bytes, &new_instr_length);
            // Decode and print the new instruction. We re-use the old buffers.
            ZydisDecoderDecodeFull(&decoder, new_bytes, new_instr_length, &instruction,
                operands);
            ZydisFormatterFormatInstruction(&formatter, &instruction, operands,
                instruction.operand_count_visible, buffer, sizeof(buffer), 0, NULL);
            printf(" New instruction: %s\n", buffer);
        }
        offset += instruction.length;
        runtime_address += instruction.length;
    }
    UnmapViewOfFile(mapped_file);
    CloseHandle(file_mapping_handle);
    CloseHandle(file_handle);
    return 0;
 }
--- a/Crypter/random.cpp
+++ b/Crypter/random.cpp
@@ -1,55 +0,0 @@
 #include "random.hpp"
 #include <math.h>
 #include <stdlib.h>     /* srand, rand */
 #include <time.h>       /* time */
 #include <stdio.h>
 #include <random>
 #include <Windows.h>
 #include "config.hpp"
 g_random random;
 unsigned __int64 t_random::get_Seed() {
 	return seed;
 }
 void t_random::set_Seed(unsigned __int64 new_seed) {
 	seed = new_seed;
 	srand((unsigned int)seed);
 }
 // Robert Jenkins' 96 bit Mix Function
 unsigned long mix(unsigned long a, unsigned long b, unsigned long c)
 {
 	a = a - b;  a = a - c;  a = a ^ (c >> 13);
 	b = b - c;  b = b - a;  b = b ^ (a << 8);
 	c = c - a;  c = c - b;  c = c ^ (b >> 13);
 	a = a - b;  a = a - c;  a = a ^ (c >> 12);
 	b = b - c;  b = b - a;  b = b ^ (a << 16);
 	c = c - a;  c = c - b;  c = c ^ (b >> 5);
 	a = a - b;  a = a - c;  a = a ^ (c >> 3);
 	b = b - c;  b = b - a;  b = b ^ (a << 10);
 	c = c - a;  c = c - b;  c = c ^ (b >> 15);
 	return c;
 }
 unsigned __int64 t_random::random_seed() {
 	srand((unsigned long)mix(clock(), (unsigned long)time(NULL), GetCurrentProcessId())); //http://web.archive.org/web/20070111091013/http://www.concentric.net/~Ttwang/tech/inthash.htm
 	unsigned __int64 upper = (unsigned __int64)rand() << 32; // generate a random upper 32 bits
 	unsigned __int64 lower = (unsigned __int64)rand(); // generate a random lower 32 bits
 	unsigned __int64 result = upper | lower; // combine the upper and lower bits
 	return result;
 }
 bool t_random::get_proctype() {
 	return (rand() % 100) < PROB_ANSI;
 }
 int t_random::get_less(int min, int max) {
 	std::random_device rd;  //Will be used to obtain a seed for the random number engine
 	std::mt19937 gen(rd()); //Standard mersenne_twister_engine seeded with rd()
 	std::uniform_int_distribution<> dis(min, max);
 	return dis(gen);
 }
--- a/Crypter/random.hpp
+++ b/Crypter/random.hpp
@@ -1,13 +0,0 @@
 #pragma once
 #include <string>
 typedef struct t_random {
 	unsigned __int64 seed;
 	unsigned __int64 get_Seed();
 	void set_Seed(unsigned __int64 new_seed);
 	unsigned __int64 random_seed();
 	bool get_proctype();
 	int get_less(int min, int max);
 } g_random;
--- a/Crypter/utils.cpp
+++ b/Crypter/utils.cpp
@@ -1,18 +0,0 @@
 #include "utils.hpp"
 #include <Windows.h>
 #include <string.h>
 #include <stdio.h>
 void StringReplace(char* in, const char* to_find, const char* replacement)
 {
    char buffer[1024];
    char* p;
    if (!(p = strstr(in, to_find)))
        return;
    strncpy(buffer, in, p - in);
    buffer[p - in] = '\0';
    sprintf(buffer + (p - in), "%s%s", replacement, p + strlen(to_find));
    strcpy(in, buffer);
 }
--- a/Crypter/utils.hpp
+++ b/Crypter/utils.hpp
@@ -1,3 +0,0 @@
 #pragma once
 void StringReplace(char* in, const char* to_find, const char* replacement);
--- a/Laika/Laika.vcxproj
+++ b/Laika/Laika.vcxproj
@@ -122,6 +122,7 @@
      <EntryPointSymbol>main</EntryPointSymbol>
      <StackReserveSize>
      </StackReserveSize>
      <GenerateMapFile>true</GenerateMapFile>
    </Link>
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
--- a/readme.md
+++ b/readme.md
@@ -8,7 +8,7 @@
 * Shellcode injection (TODO)
 ## Caractéristiques
-* Petit (7ko)
+* Petit (12ko)
 * Fait en C, sans CRT
 * x32 bit
 * Modulaire (peut se déployer via shellcode/dll/pe injection/.exe)
@@ -36,21 +36,8 @@
 <details open>
 <summary>TODO</summary>
 * Ajouter un crypteur/dropper
 * Fix l'input qui bloque l'arrivée de données (reproductible avec une session powershell)
 </details>
 ![Alt text](Screenshots/Server.PNG "Screenshot du server")
 # Crypter
 En WIP.
 <details open>
 <summary>TODO</summary>
 * Ajouter du code mutation
 * Control flow flattening
 * Anti-disassembly
 </details>
		`@@ -1,3 +0,0 @@`
			`#pragma once`

			`void StringReplace(char* in, const char* to_find, const char* replacement);`